urlscan.io logo urlscan.io
SecurityTrails logo

bay789a.win Open in urlscan Pro
2606:4700:3032::6815:1168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pt-rhg.urt3efs.bid/
Effective URL: https://bay789a.win/
Submission: On March 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 12 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3032::6815:1168, located in United States and belongs to CLOUDFLARENET, US. The main domain is bay789a.win.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2024. Valid for: 3 months.
This is the only time bay789a.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3032::6815:1715 (United States)

ASN13335 (CLOUDFLARENET, US)
pt-rhg.urt3efs.bid
1    2606:4700:3035::ac43:ad92 (United States)

ASN13335 (CLOUDFLARENET, US)
oiurptz.co
1    52.21.33.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io
1ru1.short.gy
65    2606:4700:3032::6815:1168 (United States)

ASN13335 (CLOUDFLARENET, US)
bay789a.win
1    2607:f8b0:4006:81f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:20::681a:aa3 (United States)

ASN13335 (CLOUDFLARENET, US)
web1s.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:3035::ac43:adf1 (United States)

ASN13335 (CLOUDFLARENET, US)
api.bay789.vin
Apex Domain
Subdomains		 Transfer
65 bay789a.win
bay789a.win
3 MB
3 web1s.com
web1s.com — Cisco Umbrella Rank: 384925
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
305 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
1 bay789.vin
api.bay789.vin
7 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
185 B
1 gstatic.com
www.gstatic.com
196 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
93 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 short.gy
1ru1.short.gy
82 B
1 oiurptz.co
oiurptz.co
448 B
1 urt3efs.bid
pt-rhg.urt3efs.bid
457 B
77 12
Domain Requested by
65 bay789a.win bay789a.win
3 web1s.com bay789a.win
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net bay789a.win
connect.facebook.net
1 api.bay789.vin bay789a.win
1 www.facebook.com bay789a.win
1 www.gstatic.com www.google.com
1 www.googletagmanager.com bay789a.win
1 www.google.com bay789a.win
1 1ru1.short.gy 1 redirects
1 oiurptz.co 1 redirects
1 pt-rhg.urt3efs.bid 1 redirects
77 12

This site contains links to these domains. Also see Links.

Domain
bay789.life
hot789.club
Subject Issuer Validity Valid
bay789a.win
GTS CA 1P5		 2024-02-06 -
2024-05-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
web1s.com
E1		 2024-02-18 -
2024-05-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
bay789.vin
E1		 2024-03-02 -
2024-05-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bay789a.win/
Frame ID: 36C86FFBAC126B7770725DFF6181C056
Requests: 78 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bay789 - Cổng game game Bay789 - Link tải app chính chủ , uy tín

Page URL History Show full URLs

  1. https://pt-rhg.urt3efs.bid/ HTTP 301
    https://oiurptz.co/eKMh76 HTTP 302
    https://1ru1.short.gy/OPditB HTTP 302
    https://bay789a.win/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

77
Requests

100 %
HTTPS

92 %
IPv6

12
Domains

12
Subdomains

10
IPs

1
Countries

3108 kB
Transfer

4484 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pt-rhg.urt3efs.bid/ HTTP 301
    https://oiurptz.co/eKMh76 HTTP 302
    https://1ru1.short.gy/OPditB HTTP 302
    https://bay789a.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bay789a.win/
Redirect Chain
  • https://pt-rhg.urt3efs.bid/
  • https://oiurptz.co/eKMh76
  • https://1ru1.short.gy/OPditB
  • https://bay789a.win/
24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726e1ef0b1795d1bace5df7db21361933530e7879170507646171bf809dbd344

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85e1a598d8c10f7c-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Mar 2024 13:13:55 GMT
last-modified
Wed, 21 Feb 2024 02:54:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ukuoec6lMs5vP%2BaJ01i%2F4ykaAyTjYNri2qVDewzqujMfEmOsYCzS2R0CXijjIpsb0k%2BQavsZiPVP8V2K0fZ9Y32JzZ1A1duifOPXTCNVWYmTVxBXjlqooENjUR3ksUdG7%2FxEgUAGvWIODw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 02 Mar 2024 13:13:55 GMT
location
https://bay789a.win/
x-powered-by
Short.io/Edge
bootstrap.min.css
bay789a.win/vendor/bootstrap/css/ 		150 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2565e-5f44f8009614d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mInmKQaCgFMULpuBByspbY9HfwosqKrmfk%2FUOMNl018SGgCnyzg8ZrXvIKBDJTc%2FrPjqesj1ATXfzx614lVxoLmAXGLFJi%2BcjGII%2F1eShozoCMsDU9Bh0dJVaKUPwzJ1qqO6%2BA0SQ1ShZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85e1a59c3c360f7c-EWR
alt-svc
h3=":443"; ma=86400
all.min.css
bay789a.win/vendor/fontawesome-free/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"da63-5f44f800342ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrwQN%2Fh%2BSXxsS0IIZ%2FeBMKlG7ywRY30U7A3N1DFT1m6R1r1cAHwB0exk0rYxTz7XL8os%2B4ar7%2FdXdlAk%2Fida7rdksV7IJw7o917itMzSsphgXFzzwUj0r3iV8Rb3xxai5P72kkeuJQOtdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85e1a59c3c380f7c-EWR
alt-svc
h3=":443"; ma=86400
style.min.css
bay789a.win/build/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/build/style.min.css?v=0.01
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 11 Feb 2024 15:57:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"930e-6111d38aef61a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlyhMyit8BHnG6nTtMzGdDtGUZKT8roO8eL2bz1r9%2FmdoI6P79zP%2BMtcntqqv3QdaQ97TwQU8eKrT1Uzo7dqYqFSpzzTS8k37z2P2DWsrPEA%2FYT5E2WmD371Kc%2FSEpneOOgHC67n0CTM9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85e1a59c3c390f7c-EWR
alt-svc
h3=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 02 Mar 2024 13:13:56 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
843dc16cc5cad5ff758016711a8dce853055e2d3e0c8a35db2b0414ee30fd969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94622
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 13:13:56 GMT
logo-lazy.png
bay789a.win/images/ 		122 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/logo-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7a-6082129b11deb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRV%2Fhzf54JtFb1w%2FkDPw9sekLZ8jb5KBqdKmcOIf0pVv90AiozYqpJSTI7mvXykX0A4XFcxnqeGRd0OiqFfvSKOKfFSDwqR2Rv7jvNvQtbiANNEk%2B0PlV83QQoQZTPb1wZDnzruFnUDtHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a59c3c3a0f7c-EWR
alt-svc
h3=":443"; ma=86400
content-length
122
ico_cursor-lazy.png
bay789a.win/images/ 		97 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61-6082129a89271"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l60Df8Q2a3QVFq1nUEZgnMUwf5YbxCJAH1%2FzLD3WCtNbxKNmVd7gU99nT4WZFx%2FZ3MadCSEjbSaeojGkT1462uijBJukMgmVsTd6jiqMp7oRUG4nb1WAQfwYtEgtn%2BkKnhSHxLh%2FQjO%2FXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a59c3c3d0f7c-EWR
alt-svc
h3=":443"; ma=86400
content-length
97
btn-lazy.png
bay789a.win/images/ 		111 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6f-603386e21d6e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQL1fufFbjY7W4wRevYcIDofTVaJSdQiNfA%2B7A9LOdxAvaVMQDQrtAQK1XDMCcxGLtXqYiJ3IMCLEXzXggnByatLWxh0yrFnDmrjw4vAebTkeozUxi692cIXcnJtOQVZOyYa8aX3RpL7xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a59f68cc0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
111
btn-dl-lazy.png
bay789a.win/images/ 		116 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dl-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"74-603386e2e7556"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhhJiA2TENDRDtEWGmOGBimAdEz5ZjG0ZjEHcZS0w8dxqPoDxau3guCyUtUIVzvrMQxIMcJDhoWhwZ1nnLjiDtE4B0UzW2Df%2FMO%2FckJjzKcU6EuFhMJgPLGrjCNomD8vzetcgblIjXuflA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a59f78db0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
116
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7Sm2c4DgveFGaqlbPNDFJjnEbV2k3TNMcAF2doTLZlPyd%2FE1I1LnlMvTmhyo5bawBIrKajkqHejxoX7B3kO%2Fo9qnWL0JJAoct8cFEWN5zIKVkCA6ucEU%2BCYSkoyTcC%2Fm6G5UJsLe1hNmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a490c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gm0zVNO1Bn4LecBy68oQk7KTEUZyKhy9YJLqnZ76UCRTLUR8tj%2F7CtVMH0hhifhFyIBfC4aok8zqyI2PUqcwRS7Ep%2F6mCiQi8QT3etJDVK%2B9go0guu6xZiRh2qR3MPJ%2B4bOJGPMI1MKFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a4a0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22459
site-d-v3.js
web1s.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web1s.com/site-d-v3.js?id=7YiQMzv2YZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Fri, 29 Dec 2023 08:44:03 GMT
server
cloudflare
etag
W/"658e86d3-229f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF8EodrBQg7zSWB54WPhBVmIydtNR%2F3y8rXidLRIA3%2FOvo6LuTIFmB%2Fvu7PSywNATjy7X5d7T4nzI7i09D8RIi1oGDqUaKflADLtNft3YIe9M6dStGdvhIyCeYJ73mZXYyVvo7n5pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
85e1a5a17cbe4414-EWR
expires
Sun, 02 Mar 2025 13:13:57 GMT
title-thank-lazy.png
bay789a.win/images/ 		101 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/title-thank-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65-6082129b5b5af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PymaSNHHbDzDPlynIb8WBCA9IjQfzl%2FJhTJrm5arAbwEuC6vBUmqRFzxTxTkVLaMnig1COVQsP%2BVETqprS5rImM612SSZmW%2BmYe%2FchESgBFaqZZu%2Bsz6OD6F8th%2FnNzVnaufQ695S7rfyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a4b0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
101
lable-thank-lazy.png
bay789a.win/images/ 		99 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/lable-thank-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63-6082129aca94e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcpeKRyN8phLJJKfEPCHYIpPAiumX23S6TXkpW6jNhqnbvtCFbpuE9ajHb%2FkpruSxzITC%2Bomw0rvG9NW3y%2ByfvB69ljyvgELQR%2FfLrB10VMVFuUpLgD%2ByLxZ%2F83CIVM62Y8pRIoPmC%2B3mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a4d0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
99
dacotaikhoan-lazy.png
bay789a.win/images/ 		103 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/dacotaikhoan-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"67-6082129a300ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BGx1EE53z8UO2OAhWDcjCeFqI0TA62uFwtnhkNiNhqKHj0%2B3gjp%2B21lR32GiOTBfW%2Fii9v8W000QQwkEnSrVBefCpLzdV0dHSqHLcrdKagQrizOnf2mJo%2BZzRPfSnS5WWJABiC%2FmTZxfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a4f0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
103
adv-lazy.png
bay789a.win/images/ 		116 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/adv-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"74-60821297d0a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAIzgZX5rAQXbIiQ2hrkrhoqMEqpjtgKDVS%2Fv9Wfc%2FXnbzKG%2FbvlquUbU4deIcYEmbYO5XzQKjrZrPNL%2BWPWR4MnPf%2BfHTXp4TwFjot7qms%2F2PTY3WfXOzK3LWq2yoN7axtEuzGimjwoAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a500c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
116
loading.gif
bay789a.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/loading.gif
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"663-6082129af8b94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hI39mqej0tpoBQuGUR%2FN%2Bj4ZT3pnqUAyfcV2Q%2Fr7SJvL8f3QHI27iXzjxJUh%2BX9Ttv%2FuvTwnCOar%2Fztp3Q0Bbxa74KBCQwvyBK91XmMnQaehrYLhyZlDe4%2BQMuDIC9cLGq%2BBzIeOvcWZLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a510c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
1635
banner-lazy.png
bay789a.win/images/ 		131 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"83-603386e1c0a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQsouxhCzXDsaWOYBy1CIKB%2FTQN7llpZk8QOyqoUcQ91nCs4zvFhGWbk5koNGW7LfbEjVLe6rNhZ7xnhlg4HbjLQrpYYTZELrxysRV2wIo%2Fcc5HuZGF7StzM9DHbmUWTNFjhaimyw6GDdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a520c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
131
taigame.png
bay789a.win/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/taigame.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50eb-6082129b461d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnycxUVLtwg5nMfsngjPTaW9W3gsKpUVGomRp%2BRK4x4%2BPAvNZoLfC2AcP8pRm2C9dlIRiW8jK3QAL5QRijNXIWDtDGjHAx0Bu7NyGQ4T5ZWN9%2BTeZfQ%2B5TErzSyeLcurOrEVcYXhSRwmhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a530c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
20715
icon-close-modal.png
bay789a.win/images/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/icon-close-modal.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"30a-6082129ab595f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT9Ii4kDVMYqNbSdYXPPe0QRBeAHf3POEUGVvtN5XkpWWTI%2FOoqQiMUpMa1LlnkFLycoKYVtdsgXmAi2ErJzJ1xm848n84RwEGe%2B7iLApZOK1NCLrm5TW1aLOK4TdAz1v1kbrcFeiGLlWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a540c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
778
app.min.js
bay789a.win/build/ 		462 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/build/app.min.js?code=2.0.9
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Jun 2023 16:21:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7363c-5fd13d34a5823"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BQplaNTlNVRzwgtQzJL7x0aE2pv71DcQa2ZLfD4g5%2BcLwT5MZPewPlebkL5jjZZxh4b2P6IN3Io0NyEiLVAlBW1nsSw8mUarbCvccOTkJfAWRf3BUHIKRGmbrbb5H0K13fHc049yq0TUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
85e1a5a14a470c94-EWR
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 13:13:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
wxgx5gqw90EAFpczNF4NJuOoya4xKQvfssYWp1sx/diELzPSi8w7MCpneksToa86drg9NM0p7PZUC9V8CTW8Ng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
1
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ico_cursor-lazy.png
bay789a.win/images/ 		97 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61-6082129a89271"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1Xc3omFtt9xkZVW%2Fa92bD4cYr7Px1dscU9XkHjmMLAZgj6N3gOPSfcQLxKHPrVpLForCzlaRf4DemCfNiigFCDzga16rp0e%2BMQjVFGgqlAoowCwiO5Xp3oaqZAO%2F4lU3xVsIO1vwdxipw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a14a560c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
97
bg.jpg
bay789a.win/images/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/bg.jpg
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bay789a.win/build/style.min.css?v=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"44505-6082129927e2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywZ71DlOpEtfsoXM25B%2BHvHY8M8GEdropcjg5ORnDo7uL7PNcqfALSU%2BRJVfqtnP5pcBdqSUObM0W3O7AnlFoSQfZygpRi9RpwWh2vKjkB8hUBI3Ha2uPefogYwPZR051G4xrhswAKwAGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a17a7d0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
279813
Montserrat-Regular.ttf
bay789a.win/fonts/ 		240 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/fonts/Montserrat-Regular.ttf
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer
https://bay789a.win/build/style.min.css?v=0.01
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 10 Feb 2023 02:46:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3bfcc-5f44f7fd4824f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2frpjTXIDBsCgTHM%2F44c9NHsoZ32bUBTCbZuNmlvSTXpnPGaT1FI%2BplGG5RmukPAb%2FN0QJjmoikxxaiW09tq21DywFyFSxVDHEvkVqPr4p7T6%2BuoXq%2BErPNi9LVfKYTNcp6VL%2BArOycHpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
cache-control
max-age=14400
cf-ray
85e1a5a17a7e0c94-EWR
alt-svc
h3=":443"; ma=86400
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 12:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199830
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Mar 2025 12:44:38 GMT
1867070730413868
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1867070730413868?v=2.9.148&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9dcb5ea28b5c325f5bd77c6a988d84282a14fe7db09ddb0ef8fc9fa89e1bb340
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 13:13:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
RtiHgrop91/hFqEkJ/wyrWdSjLCC3mAZObq+vlvqK0KVG9jGdUPaGZsiYjkhryM1Zn9MBZVqZVfM6U6Ck6DjOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je42t1v9102164222za200&_p=1709385236673&gcd=13l3l3l3l1&npa=0&dma=0&cid=1563085386.1709385237&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709385236&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2070
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 13:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay789a.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1867070730413868&ev=PageView&dl=https%3A%2F%2Fbay789a.win%2F&rl=&if=false&ts=1709385236896&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709385236895.1809724995&ler=empty&cdl=API_unavailable&it=1709385236742&coo=false&rqm=GET
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 02 Mar 2024 13:13:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
icon-x64.png
web1s.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web1s.com/icon-x64.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1223218
content-length
2279
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 03:50:12 GMT
server
cloudflare
etag
"64e824f4-8e7"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRxaAaF6c0lUsCzIxSIqa2z2xLOz50QbDgDpRml2oltJ9P9SN%2F3KOm8WBRt%2BFNCCppv1OF4Rr9T%2F0MDSVb9UKHyCI0X24QwjnJd2OlF4JZpdCWdZLE9w05B2iAU22rPbPvb9kuyPAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85e1a5a4afc94414-EWR
expires
Sun, 16 Feb 2025 09:26:59 GMT
btn-dl-lazy.png
bay789a.win/images/ 		116 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dl-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"74-603386e2e7556"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh5k2v4Q8bsbwX5HagW9tsD35sbR7D2JD6V8R3S4BPuLyGGm%2F2A8KQlqhPPy6ltEU67L6njo75DH8a3vcRFOlERAc%2BBtb83hsdpqDV3nZtRbLdj%2B6ixvSLdYLXlvvvdsMjB3Nxjw3u%2BDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a49cb00c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
116
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bq7oYdQvM2J%2Bkb2NH9lqr4A7NJuVbvMeRjgCOTTqbrPJzJTe%2B%2B4HOp2bs7ZXklgkcJi4pRd4Bt4JbXRzLtdoRkFbjjOGa6n%2F8KK4N8hsM4eaZ7X13SmT%2BuGIl%2BHlp%2FXTmUtNynvfWugnTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a49cb20c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UK%2BJjKXFf6b%2FPtnJzCjrT6wsP6fCpXaAwNsisJ05cFWJ343by3TlnExiIvhOEAl6ria0ik%2F0MONYzek5BTY1SvTEiULSbHuse%2Bx31Px%2BzjTEJ4nn6ViJioNC4xnzMwWk78yKp6%2BBndruw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a49cb40c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22459
site-d-v3.js
web1s.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web1s.com/site-d-v3.js?id=7YiQMzv2YZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Fri, 29 Dec 2023 08:44:03 GMT
server
cloudflare
etag
W/"658e86d3-229f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFj6yR9tRe%2FdF4oXCmk52n9U8JrU%2FfIf3q7u5ao8iLAU0Ep5wmOqHR1vlVLQEHDKWcMF0n5QM28VP7Tgll4gsKwx1IT9IbHSX5gQRtJeTF%2BIIlCk9qL3fbEo0Lv2e1xgEu0EHL2xuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
85e1a5a49fc84414-EWR
expires
Sun, 02 Mar 2025 13:13:57 GMT
banner-lazy.png
bay789a.win/images/ 		131 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"83-603386e1c0a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAB0CFDip%2FWSES4dTEgfP%2FNax3Cmpe17VQXCUCOtP1drpJbpCUiSj7Y8g0%2FEg3VdOrQTnagIA%2BoOLat049sXCbD67GdEFpc7oWuaqKuRtpSU1wa3QlCoujAA25zYbe%2FBiluRgSU67IpJkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a4bccf0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
131
bg-notifications.png
bay789a.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/bg-notifications.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bay789a.win/build/style.min.css?v=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"952-60821298dd2de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0s5hAcmd4ZntqlUOvAH2frzHHVt9JgAMtJxDs8MfUoxbFfstR5NDYEJm8R2JYyuCOSaIB8qpuKhkyNciaf8Sr2M%2BoHXqjvlwfNzwwVfRop%2F0YsY7knyl1mC%2BBxkcgYB%2Bw%2FJypmkVZR%2FwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a4fd050c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
2386
id
api.bay789.vin/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bay789.vin/id?command=getCaptcha&sessionId=
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/app.min.js?code=2.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:adf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a538addc166084f4e0063de3d1c37e416a3f6468789c52305b272f9f48c7fa42

Request headers

Accept
*/*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bJNjNrQsECED4UcElRs3fmwtBhV1mWoOOvlGqb7LB7YHL6RMudU1WqK%2BvnToCpJYJOEQH%2Fi%2B61G6cO%2Bf5lI9UcdTX%2FYv5xiemlstsOloqQtwsIFNriWMIEQfB7ZBbgHBfCWTfutisfcpDP%2BZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
85e1a5a5ca4b9e16-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
alt-svc
h3=":443"; ma=86400
logo.png
bay789a.win/images/ 		592 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/logo.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iq9W9eHD%2BdqcN89G0AwJRmnlctCRDWkd9atLXywC3i%2FqM2cTpdyx1yh8KZl0GZ7BDpGTlOwBA6l1q7mjIqpDEJOMsMM6Wv0GmdLCOPbSjKFX51nXEkD21SESa7q0TkxASc7nH7IewuIcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
85e1a5a52d2d0c94-EWR
alt-svc
h3=":443"; ma=86400
btn-dangky.png
bay789a.win/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dangky.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d86-603386e3032a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBhAclLwsG4FNyxE2VyoQR2Jn9tYAnuI2WgXvoE41j2yBuzjGfmmpxXnJSDpbanED9I0R4sqWcfWNdGydA6lUqzEliITW%2BFbN%2FjRCV58kG45R9%2BJ5YmH%2BPyHsTH5Yn0i1DrdHjqOCwMmhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d2f0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
7558
ico_cursor.png
bay789a.win/images/ 		592 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebP0mcl2Hbxpf2nFNZsGrTekxze2qJ3k6aCuNIpUgHvxnJJKye3RdkaUkYH98bLOHkF1x7VvbYhqOZyyyC7PSpEldeyh3i1R9TPxAikk4g15mK8gAmKI2CvY2Eq65Cy30DThBbnItPraQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
85e1a5a52d310c94-EWR
alt-svc
h3=":443"; ma=86400
btn_quick_play.png
bay789a.win/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn_quick_play.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"32cd-603386e2d9e7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMHm3ppJ3aKS%2FhsWsPZgxSn9FxoZulwSficBvydi2PY4J1EMeGT0yutRj%2BZoEsaA9zchfEK7IqarQVBMBB14nGlEHkcah6I1knrJmj9vqWa9yrO5Dc8bknujlg4xlqDiHLWSEcHXaBtvTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d320c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
13005
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsM9ltiqJfMiJsAj2UCqHCcajQTN73Awg%2F76tzLQ5UwsSe1ESPDinI03TMzFxrktNXupgaKKy3yrjGewMepi6j1CQ04u9iLu4UD5No6rvxHBXNOsAJx1F4QZ2o7TqBBwDFiQlsMqADaIAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d330c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsswKpLjCKQpFK9XAzhLYfu8hrU1jU0%2FJ4swYxE9uLe8xzme6qy5APzThHxAWXmI8zSMlaUInox6W%2Foo118oVfw5BVhnqvk%2F%2FaFWpFrHf9AY4eCBgDSpyFm67LDq9ixhseCJc4yUdmgQ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d350c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22459
title-thank.png
bay789a.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/title-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ece-6082129b7153e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBFDiu%2FohmRuEuk38BGm%2FQCsz%2FX1R1RWZUyy2f3r8ecHYuHo14hCo7NpOII0b7dK6I0IKCGoielIlmdInhrdjg1YP%2Fwv4f3l1Pv7%2B50CfInGDxP8f6mXWP7fMIrPhpkrvSL2K3kL1HNxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d370c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
3790
lable-thank.png
bay789a.win/images/ 		592 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/lable-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2uHwpuEzuEmQhY3UJUq3xabCp4xXRvK0akq0I6XBe8BWHhRD76bmo%2ByB%2FiNZOLz4ENMNZEbRx%2F2nhm7r%2BnFX5OmXYueNIExI7%2F4PpMLI6CPVOGfjh7v32dd47YLhvzPMKVSBU8hf2fKQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
85e1a5a52d390c94-EWR
alt-svc
h3=":443"; ma=86400
dacotaikhoan.png
bay789a.win/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/dacotaikhoan.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"419-6082129a3eb0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uVN1MlbwJC4PH1reU0guo5hlihMZXxChJSYS3o%2FhPbc4OPR7eS8NqL6ZPOKWRwS2T33H8ctjp6UuKlRR1dZq%2BPG6%2BXDlVFzZ9NckeZ0TnjkJ1Jg8zJ%2FTHbcRpGFPaU%2BpHquNRDXJJjRVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d3a0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
1049
adv.png
bay789a.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/adv.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"615e-608212988394a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmoZ8mD5LaFdUqjjdpt41yTjBvHm60vTo9DR00dkvC1eoNBn1D51sk0hJoehcatJpZXKJOd7MWdEkwL9kvoVJvGqDinC%2FAqK%2BcJCQvuzXgcF5zMYrpi4AZmJqswyW4ADOiO4hfTri1zZFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d3b0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
24926
btn-android.png
bay789a.win/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-android.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b641-603386e2787eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu%2FCzP%2BOPMBamkeg0iffLhuJgnqZYC9ApF3qgAXhKMAoH3BYaUVjAUK7dWBu0r7XGDS%2FZNdLoRtPrHsSHxzrj9S6IHoAYHxOg9msYorSp8sYak3Iw4Ctq5My2JGbm2Gka%2B0apuC5m2SSjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d3d0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
46657
btn-chPlay.png
bay789a.win/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-chPlay.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b9d9-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7vzbAJuqcsiIMvqsrIFi8RoWc00Z15kL1%2FvC7XBH3WrNah%2F8gygV8aAkMaMBe%2FJl7FIcr9ooGWu7Xrpg8MraE9YBCvT1%2FgNRdoZgCWsnjJjNOUiOlqaXe%2FRQ6Ndq83aGmfcWZs4DfPFig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d3e0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
47577
btn-ios-appstore.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-ios-appstore.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eab5-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRm1zps0JFQP%2BPjRVGTRNGJErda5PNTzhhmrRd%2FlFbqHTted8bR8Sf9kv7%2FMwrxoCmzU2qhv2Byoz2%2F8cfxPa%2Fj%2BwGWhWK6kIaughiG6E5t2DZxfcnygPoRk5EAxmkwiFECxxhKbxVLKUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d3f0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
60085
btn-signApp.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-signApp.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eaec-603386e2d9a97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vg3ik%2Bqx7e45ZR5od0k%2BUCve6lRe5Q3Yt2nQniNNaVDVrmG6sYNPDcC8MS%2F9BZmgMYQdIzkm7HoHuYUN3Owj1kEceKnOMnRwDXqYTgaoxpUxx1DBAwwFlMAfv4YY1M4Uv%2FCpRbgSZHaGxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d400c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
60140
banner1.png
bay789a.win/images/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner1.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"48b02-603386e268234"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RX%2BHGiJ%2BjjufPPw%2BFTycDUmRKxXf8CRrJyX9VJBFzkrMhTKUB4C%2BObX7vZMmEyjnExLDjn0QsKITU3w%2FdS5jdFLFDF3fY%2BsKjD0ieL%2BKdKIPUAEkYwOeY9yk5qpy7GIDdOvneR8VC6u77Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d410c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
297730
banner2.png
bay789a.win/images/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3e18c-603386e259bbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKYHXBALqUv0R4ZJTRI7kAgZ2va6rZgXGzNYI3NwayPKwFBUNpLIoBGhR2pLNFkwJ0Z77KYsdK6LQRDF7MA6zH%2FB3nBMVOha2st6sxe7QnvyzBax70RicrD9LdfoIoEvSHmyxQkd8TfiZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d420c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
254348
banner3.png
bay789a.win/images/ 		592 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner3.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF5AfYo9ekGK2cB7WO2hZADojozbo3GummxqzU3qMpcG9jlCKyOpuaYWqL46z5pKRi9csJaNLVI78Ht3HkFn1VycmzMH%2BQTO7JIkUq6GG6QDePR%2BYzCOTesnN%2BzCaHblEMrEKcNe%2FvBmig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
85e1a5a52d430c94-EWR
alt-svc
h3=":443"; ma=86400
taigame.png
bay789a.win/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/taigame.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50eb-6082129b461d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLSn916FhW1hnWYjiB75n7C7NgQpEoY%2FC0ffS5KDXNle5OufF0OBTsdF7fNsmiu5%2FKVCNY8AGLrNNYfHCUyQlYFiJXLyBgp6pfQbO0Ew2norSY46Ium%2Bi5qHOevbIU6ngbSIaoc8Z6yd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a52d440c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
20715
fa-regular-400.woff
bay789a.win/vendor/fontawesome-free/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/fontawesome-free/webfonts/fa-regular-400.woff
Requested by
Host: bay789a.win
URL: https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FPJF2xaSfBHby6CrIqJwYuA0ML3FNsnK7IHPtRWrmU5F30k%2Fvk%2BOL3eXV82pJAsfS57AA0CimEO308cNrcvoo%2FuvwN9BCCtJh%2FoVjyxuqGCt9LRRQKLtxzYafIoeg78%2FZuZXHpYIKJC%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
85e1a5a52d450c94-EWR
alt-svc
h3=":443"; ma=86400
fa-regular-400.ttf
bay789a.win/vendor/fontawesome-free/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/fontawesome-free/webfonts/fa-regular-400.ttf
Requested by
Host: bay789a.win
URL: https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5xhGxQxdCu6XbjC3ieeHGMbQIzolJ88XcLk9ppYjrDaplrzLjZMijn8%2FPlADCGivIzHcwGJcddQDDkFJFWP1dUWsNxNrjP8EBmPEuF0ePo48yiD6BH%2FZn4PwF4DuXuHmqfTnIFjyW9Vgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
85e1a5a8c8870c94-EWR
alt-svc
h3=":443"; ma=86400
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
202ca7d7a1f60e30b06c7e956bed7697a91f96c1d30f026e11aca7202027a050

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
banner3.png
bay789a.win/images/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner3.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3394b-603386e25e20d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXNhwxmvLWKdoxN8KHnHCvAhoEL5k%2Fdp6ya4hmQtqSk2YHLEvW4ergDLPhoVZdOhGSFVzx%2BjA4%2BccsYRU8YvuPcJ6cJK%2FKFcZ48%2FHKliFqA0i%2FQBWw3myjGd51ZruEyu7K1HX%2FeXiERy1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a8d88b0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
211275
lable-thank.png
bay789a.win/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/lable-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d30-6082129ae2c05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFE52J0oSpoBQVqsFruixtBEd7VLSfpg7v0XGHZpAb3tOTafJCi9VmRk9nz12bY5Def%2FvOXgbVi178AFeJSl9%2FoX%2Fdyst2ARjm6iVnRpmkhASapjoT6FB6KBVCK68fjFTF1pOOkPxfPfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a8d88e0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
3376
logo.png
bay789a.win/images/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/logo.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20234-6082129b2cb9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7x4O6eiU2v8kWbagJgg4JgZyGY5kCIbTk%2FWBpui5KqyrYD4q4Tey%2FR6sVGqT8rHW%2BjWwzGac%2FdTQk49AO70SQ2GNo9LPsCn9KQTXuFuChFcE8ckDAQXLiJ3ZF22m8J2Ofe8bNDDDhmp1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a8d8910c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
131636
ico_cursor.png
bay789a.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"846-6082129a97cd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY9icKh3KXENfo9R14aVIBn4t7x2KIdfzmfXRiB3qfiJ01B8Y%2BFPrlQ%2Fc%2BKRrJzuIYhU3y3t1HNtvQaMGVc6KLjynJn2IODDkigujE1QnMiMjdSvyKKlhk98eM%2FGWcP%2FuVl4PWdIqz0Ekg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a8d8930c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
2118
title-thank.png
bay789a.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/title-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"ece-6082129b7153e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kb%2BBaZgrQdppBJpnlAr6zvirWai2PlXUC0ekmc97JWBaycvjre3fNdnocCD%2BIBT2iyBd3TGl1D5ZyNfzilx3xKmAqZhZ%2BZPeZWmo1IU6Eq8OMAqUhltHzrzayofhxHi9jeNwlzjUXLFcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a8d8960c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
3790
banner2.png
bay789a.win/images/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"3e18c-603386e259bbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkWHdUfs7okP01pUOBsTKYf7BJJiRRa0OUR8uAaLH1mH7GmN3EAhJM2BEJhG3VhBkX7cCkauNfjeOSlBIzM%2Fh25ZSNtlg4%2FriputsQ8xMJ7mbyg3vJROtVjOnJJsRUTYHOwL%2BBrxEr0%2Bjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a908cc0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
254348
btn_quick_play.png
bay789a.win/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn_quick_play.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"32cd-603386e2d9e7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNyl7nht0Z2O5CtFo1Y%2FRh9i0mvPGhcuFR0IT3P6JqfXOL8v6MXW0B2aboD1NeEbzCCm99L2pgV%2F623bvToLweY%2FXAkjMnlojIrDxhNf94JWFDRqXULqD0rDpLOZcX8E5XuySj0Pmw%2B0YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a908ce0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
13005
dacotaikhoan.png
bay789a.win/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/dacotaikhoan.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"419-6082129a3eb0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7e056mbz7quB7bQ2P1mGMyL3ZA26H3JIsPTLcEL7eC2VkWFRWrBjI%2FKAzGF961D%2Bl91H2dw%2BJcfQ%2BVm1VaelqbBQKvRI0tQoQhp48YC3kcFo9WG97L0BnoOC2ognN5pgJ0JIfzU%2BVYgBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a908cf0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
1049
btn-dangky.png
bay789a.win/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dangky.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:57 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"1d86-603386e3032a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lq2VmyPv0I4EhImQXO3Ra1smD%2B9NuxZ8i2Def53bEvK%2Bcq6yzL%2BlVjmTW3m57wfI3Kybfn2gPaE2FUImVk2RrgHKJrGdf6SPkdbnERUiKjJJkX%2BswDSqW9ifr%2FzqebTjusSGbk0YaRUI7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a908d10c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
7558
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTSn9ZtQz9g4mhiOXJQjM7jathvC0sihiDTI9ucdptrv71KSs%2FtI7D3OR5XUtRVkd%2B%2B301VG%2FSlKNsMgfRWA2gfggF23BMZRHeTVOYcMdWgyioKUZArv9g7gky1pCCwRrsxjJNqEkJeKDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a9d9840c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FseBYd44hsRCzBf65%2BLCmoODItiTTSF0jWk1KV8265P06ScRGsT3FcS8vKzAZMKWHIrYqUzZ1z5ROnR7cTR0kuT073ChQec0FiOvxHXOAD0E9SmVC1o9KmSr8MPu3nyiBVqMXBG8np061Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a9d9860c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
22459
adv.png
bay789a.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/adv.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"615e-608212988394a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSdabdzQk25SBVohUaZkJO7AtNd%2FTK4gPwCMVU5Vnvu7QXzHDtcbcR%2BY5uVEvyWJMX5QY2%2Fcnd8F8m2yiQpvKh9OZ931A44CusuwadQ58SKU%2Bx0yu0wu%2FoS1hu67PMzvlfIIIB52IQ2Rwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a9d9870c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
24926
taigame.png
bay789a.win/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/taigame.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"50eb-6082129b461d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjU1zCyTUGABsPw1f1yO9iEfDrJOONb2AqilD%2BUPkXqwxCT6aP5u7dIONAStU9SRzgEEnJFAVcXqJ4WjLMX4q4vv19uWXCE2c19ybfsCdk%2F9jCEpjyc2fW%2BAqZwq2XBG1bIGnKd4cU%2Bnlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5a9f99d0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
20715
btn-android.png
bay789a.win/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-android.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"b641-603386e2787eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xhN%2Fzw8V5s8VgULV39IvtEf38LH%2Fvfr2aaBWIrl%2FzqDi56NbKqn%2Fqz6c6ZKleE9mGODRJCvQ9J0eRRmHFSrkC9LdgaJ%2Bea0575x2%2Fmm502r52U%2B9gfcUclekIuLXqVDnOpKY4CftSHC1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5ab5aeb0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
46657
btn-chPlay.png
bay789a.win/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-chPlay.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"b9d9-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwOd3eXrJWmK6THoxUiINnI%2BeqvrHQ%2B14wTSPQ7d70S45XnT2isKZ%2FbbA887mlOZyBGYWCi%2FCYZMzWLZVup5HWgiIiC1yKdNR1Y5jp0gXBzC2txyCj2Mhtab6GiRbGrB6Y7Ef09mFEFPWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5ab5aec0c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
47577
btn-signApp.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-signApp.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"eaec-603386e2d9a97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeFMEN%2FcgfzpoYArS2W1a3jhZhOkDWDXhrWh52fEAdny9c1PMFtdANVFJOT8r7G6m94LkQICmugaSds%2BpMAFlVdsDtoVQj2uGzd5FZ1PkZqWGLYMxVjQUTsq45aDeC%2FByNGsVBbMrlhSQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5ab6af40c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
60140
btn-ios-appstore.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-ios-appstore.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"eab5-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Wu9KQ%2FSLI59MWNJb5oSV7qYlIoeltDqlF%2FHYaUlRwwSSJjYSeRq26D8oGTxoRg6WAV7Dl49M3JXeglILSEPJNquZVf3xOUce2YJGztwtOerEkawRkXP8nYSWAzP4XM3Q3u9yB0TCI%2FPBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5ab7b060c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
60085
banner1.png
bay789a.win/images/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner1.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:13:58 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"48b02-603386e268234"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IC2bg79zy3bYkhWKC18wPLd9lxvdHdyd4kv9Pm1807%2F66%2BoD7BPwiVI4nqJkb7muLExe%2Fr7T8bS%2F4re9v9BI03XOq9%2FM4JiCW%2FSP5wt%2Fb4seRStQ2Kl1aYRuJukbwGWQelEy7NfZkT%2BgkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1a5ae5d350c94-EWR
alt-svc
h3=":443"; ma=86400
content-length
297730
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je42t1v9102164222za200&_p=1709385236673&gcd=13l3l3l3l1&npa=0&dma=0&cid=1563085386.1709385237&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709385236&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=scroll&epn.percent_scrolled=90&_et=21&tfd=7093
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 13:14:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay789a.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| fbq function| _fbq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction function| onPlayWeb function| onSupportFB function| onSupportTELE function| onDownloadAndroid function| onDownloadIos function| onDownloadSignIos function| onDownloadCHPlay string| refCode function| playWeb string| v object| iv object| key object| conf string| wg function| onRegFrmSubmit function| onLoginFrmSubmit string| aff_id string| app_id string| userAgent object| sessionId boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill function| receiveMessage function| updateActions function| clearBGAutoFill function| lazyLoading function| onLogin function| onLoginFB function| onLoginFbSucceed function| onRegister function| onNotifications boolean| getRankNano number| rankTimer function| getRank function| onStoreRef function| $ function| jQuery object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| bay789 function| getFormData function| getCaptcha

3 Cookies

Domain/Path Name / Value
.bay789a.win/ Name: _ga
Value: GA1.1.1563085386.1709385237
.bay789a.win/ Name: _ga_VRM7WDM4CZ
Value: GS1.1.1709385236.1.0.1709385236.0.0.0
.bay789a.win/ Name: _fbp
Value: fb.1.1709385236895.1809724995

7 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1867070730413868?v=2.9.148&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://bay789a.win/images/banner3.png?v=2.0.8
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bay789a.win/images/lable-thank.png?v=2.0.8
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bay789a.win/images/logo.png?v=2.0.8
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bay789a.win/images/ico_cursor.png?v=2.0.8
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bay789a.win/vendor/fontawesome-free/webfonts/fa-regular-400.woff
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://bay789a.win/vendor/fontawesome-free/webfonts/fa-regular-400.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ru1.short.gy
api.bay789.vin
bay789a.win
connect.facebook.net
oiurptz.co
pt-rhg.urt3efs.bid
web1s.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:20::681a:aa3
2606:4700:3032::6815:1168
2606:4700:3032::6815:1715
2606:4700:3035::ac43:ad92
2606:4700:3035::ac43:adf1
2607:f8b0:4006:817::2008
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::200e
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
52.21.33.16
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a
1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264
202ca7d7a1f60e30b06c7e956bed7697a91f96c1d30f026e11aca7202027a050
207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905
487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01
4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061
726e1ef0b1795d1bace5df7db21361933530e7879170507646171bf809dbd344
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7
793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c
843dc16cc5cad5ff758016711a8dce853055e2d3e0c8a35db2b0414ee30fd969
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347
9dcb5ea28b5c325f5bd77c6a988d84282a14fe7db09ddb0ef8fc9fa89e1bb340
a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da
a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c
a538addc166084f4e0063de3d1c37e416a3f6468789c52305b272f9f48c7fa42
aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e
e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5
e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91
ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074
ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4