urlscan.io logo urlscan.io
SecurityTrails logo

aviaplay.lol Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aviaplay.lol/
Effective URL: https://aviaplay.lol/
Submission: On August 19 via api from LU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 24 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is aviaplay.lol.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time aviaplay.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
aviaplay.lol
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:133e (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a03:2880:f050:f:face:b00c:0:3 (Hamburg, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
10    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
10 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 324
2 MB
4 gstatic.com
fonts.gstatic.com
89 KB
3 aviaplay.lol
aviaplay.lol
133 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
24 7
Domain Requested by
10 play-lh.googleusercontent.com aviaplay.lol
4 fonts.gstatic.com fonts.googleapis.com
3 aviaplay.lol aviaplay.lol
2 www.facebook.com aviaplay.lol
2 connect.facebook.net aviaplay.lol
connect.facebook.net
2 fonts.googleapis.com aviaplay.lol
1 kit.fontawesome.com aviaplay.lol
24 7

This site contains links to these domains. Also see Links.

Domain
play.google.com
rcf9c5e16.app-ads-txt.com
Subject Issuer Validity Valid
aviaplay.lol
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-28 -
2024-08-26		 3 months crt.sh
edgestatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://aviaplay.lol/
Frame ID: E42360920DA9B8A68932C3347BA5355F
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Virat Kohli Wallpapers

Page URL History Show full URLs

  1. http://aviaplay.lol/ HTTP 307
    https://aviaplay.lol/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

2040 kB
Transfer

2541 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aviaplay.lol/ HTTP 307
    https://aviaplay.lol/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aviaplay.lol/
Redirect Chain
  • http://aviaplay.lol/
  • https://aviaplay.lol/
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aviaplay.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d683efae876c6bb674898cb6c684916ebfd9284eb156931ddb17a5cf5a0aaf13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b5717188f142c75-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Aug 2024 03:34:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5lUtzO4zdIGqtmTi80Z8s1Bu1DEa0QnABQLmR4609cwSKZR2BVthjKVOjsaNMWPdKBCj50GD%2FFgEh2q%2ForheoUIl6yR1pfuktBdVT2lxkeYE7YiW7MhF4g4ZzrcG04%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://aviaplay.lol/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		15 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7008ae01573011e879d4edd1c5ec15a2df5944fcc969062d58d1e178387fa5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 03:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 03:34:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 03:34:52 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09b4de76e295495530bbd9fa7b6b61d7bc00e2df4e23d2ceacfb4e002e5a9f7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 03:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 03:34:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 03:34:52 GMT
42d5adcbca.js
kit.fontawesome.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/42d5adcbca.js
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://aviaplay.lol/
Origin
https://aviaplay.lol
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:52 GMT
cf-cache-status
MISS
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
vary
Accept-Encoding
cf-ray
8b571721aeb19b34-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
content-length
9
x-request-id
F-0D3-T-o5mo3gdIEASC
main.c4b97f68.js
aviaplay.lol/static/js/ 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aviaplay.lol/static/js/main.c4b97f68.js
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e4a6888c8c04d7e2fb76077a7c693c9ba7cb47e168616157fd505fb8afacfe

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Dec 2023 13:06:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658589bc-64635"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHTYD5nElgx17AM7VzqpTPSUBW9J68WgvKdLA7r7G%2FE5q1yiaF3DNLu72EinMhZBrD9BHZXMwNcbS5Ox18T8BCcNjs2ZpC8ywfe4MjDO7FJSTUFsFizw5OceymwclQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8b571721dbfd2c75-FRA
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 19 Aug 2024 03:34:52 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
JPq0nBUglMb+hRHdHiGFsTtqggruOSlIA8VaAzld4ErshWSaMv7uXSqzsdqLHBcKL9xoAiynhPYSAAcU6uThsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
nhnGhbJHLYup0E1zDMEvRiHFCD7O6FVqakNKROvKlVFmbPcTFmYX224wDgEpQNEXh6k
play-lh.googleusercontent.com/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/nhnGhbJHLYup0E1zDMEvRiHFCD7O6FVqakNKROvKlVFmbPcTFmYX224wDgEpQNEXh6k
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
53248840f755f6d116df9ffdddac27143de7ddaf2af7194596a2a02bbef522db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113324
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
1sEXvFGjrNkqIU8wdLkBGGHmStizGDGk2FkoUZes-BA9BIeGbZgCfAnJ9NdYxTIHaHQ
play-lh.googleusercontent.com/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/1sEXvFGjrNkqIU8wdLkBGGHmStizGDGk2FkoUZes-BA9BIeGbZgCfAnJ9NdYxTIHaHQ
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0835f758b2820ed6aecee984c4b43a00a19c25f246782718f6d39a15cd1df8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210152
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
9kQpcJc3tzGJGTxLiKOxe7MBe9GVCtTP8gA9JWWTxchuSNYfCrA95aibh6V-7mVexXAp
play-lh.googleusercontent.com/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/9kQpcJc3tzGJGTxLiKOxe7MBe9GVCtTP8gA9JWWTxchuSNYfCrA95aibh6V-7mVexXAp
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7d4dc61952ecda29078c79eff5640de09e6b9a77f64f3a907495498a1de8d79b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
262650
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
qGZq3NJ7eb6EGfnso11brmfb0i2y-YvTA8yJIWz2Wqi_gVqtkpTlIrHqne0LsUVJWdU
play-lh.googleusercontent.com/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/qGZq3NJ7eb6EGfnso11brmfb0i2y-YvTA8yJIWz2Wqi_gVqtkpTlIrHqne0LsUVJWdU
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c8ee60365529a69ca4ac2edb0be8d1eee1bbb138915b4c05ebb056689a94526e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188453
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
VSKxrQ7nAyf46VTscD4BkUK0rhC4MinKEMbCbZye06QLS7LmfzQjA-59y2k18wuKhII
play-lh.googleusercontent.com/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/VSKxrQ7nAyf46VTscD4BkUK0rhC4MinKEMbCbZye06QLS7LmfzQjA-59y2k18wuKhII
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e8c8262667df74e1f9aae00a91aca35c5e8bcfd1f8cd8eb170b97359061664a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179029
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
szdkOY_xa7KaBq1q4M_KVprgNTPYsj2W2c7rKY25uJe8ZTDu-IgkdGJEyzGSpIC-mTw
play-lh.googleusercontent.com/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/szdkOY_xa7KaBq1q4M_KVprgNTPYsj2W2c7rKY25uJe8ZTDu-IgkdGJEyzGSpIC-mTw
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0c665497b0be297a00270501468375e4aa83120ee4b54e5e61a242fc7afa53db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239708
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
5oQp9t_NCnCwu5x5sPvWGdqq0esCds0py8Ucv-Soar6DsoIhjsLWBAu3_gMXKejrlNg
play-lh.googleusercontent.com/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/5oQp9t_NCnCwu5x5sPvWGdqq0esCds0py8Ucv-Soar6DsoIhjsLWBAu3_gMXKejrlNg
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ef871cecbca496076a2d548399ac0e0843ac94358b4cd71889b253432e9ab982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181541
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
4IaMR5rDkXprrXzCrPHOlW-W55lAqJjl9m8AyEMp0tT2Lo78MtPFA3JkTBXQarE8PJfH
play-lh.googleusercontent.com/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/4IaMR5rDkXprrXzCrPHOlW-W55lAqJjl9m8AyEMp0tT2Lo78MtPFA3JkTBXQarE8PJfH
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3a19ba71b1b435a1083913403d0c974223c3ed8b3ffeaa1b96f304d85eb83d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196752
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
mX_GQhdcRzc1uUNCqrdVX1eAajbe3cvi8pJ48FT_PBAdAkGutNK88XiHzRtveQ18mx4
play-lh.googleusercontent.com/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/mX_GQhdcRzc1uUNCqrdVX1eAajbe3cvi8pJ48FT_PBAdAkGutNK88XiHzRtveQ18mx4
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e2a21087dc3bbb066e7382ad3bf2621ac9368a2d80f5a6409def08c6a1e6c70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155965
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
Ak7cqSzf9Vk_L-Ux33A_qWtK9XZkTRKfDz5J5w2exYGs1zydlMUZtbYSth_-zt-V9A
play-lh.googleusercontent.com/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/Ak7cqSzf9Vk_L-Ux33A_qWtK9XZkTRKfDz5J5w2exYGs1zydlMUZtbYSth_-zt-V9A
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
53c5f1b8231e1b7a123990008bd5e15c66e98749530c2147066d5a5696a14085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52426
x-xss-protection
0
expires
Tue, 20 Aug 2024 03:34:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aviaplay.lol
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:08:32 GMT
x-content-type-options
nosniff
age
480381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:08:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aviaplay.lol
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:09:26 GMT
x-content-type-options
nosniff
age
480327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:09:26 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aviaplay.lol
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:40:54 GMT
x-content-type-options
nosniff
age
478439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18492
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:40:54 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aviaplay.lol
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:08:03 GMT
x-content-type-options
nosniff
age
480410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:08:03 GMT
299031215850405
connect.facebook.net/signals/config/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/299031215850405?v=2.9.164&r=stable&domain=aviaplay.lol&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2eb6c9d5b941638b0f6cc971d888f46040916a5ebd277e1f607ccfa8c1be08cc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 19 Aug 2024 03:34:53 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=44, mss=1297, tbw=64404, tp=-1, tpl=-1, uplat=105, ullat=0
pragma
public
x-fb-debug
Y847Whek1KZm2hoQj0DTIfYAqy5Wyb/UQ9RqXREJcqCEmY4C3xuSJAOzwZTjvYWuonZ5bMryotuShAvNCCBFtA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=299031215850405&ev=PageView&dl=https%3A%2F%2Faviaplay.lol%2F&rl=&if=false&ts=1724038493499&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1724038493469.66955434690898135&ler=empty&cdl=API_unavailable&it=1724038493178&coo=false&rqm=GET
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=1, c=1, mss=1297, tbw=2827, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 19 Aug 2024 03:34:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=299031215850405&ev=PageView&dl=https%3A%2F%2Faviaplay.lol%2F&rl=&if=false&ts=1724038493499&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1724038493469.66955434690898135&ler=empty&cdl=API_unavailable&it=1724038493178&coo=false&rqm=FGET
Requested by
Host: aviaplay.lol
URL: https://aviaplay.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 19 Aug 2024 03:34:53 GMT
document-policy
force-load-at-top
x-fb-server-load
21
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404688945370228157", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=1, c=7, mss=1297, tbw=3144, tp=-1, tpl=-1, uplat=137, ullat=0
pragma
no-cache
x-fb-debug
fs3OPVNzZj6IrGEt6PrJa3lcmfbQo6F+TnVJ/Ln5kIGwl4/Acj7bIEgbjFkG2I7JlbB5t5AdJxlgyPtIO+LTyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404688945370228157"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
aviaplay.lol/ 		548 B
542 B 		Other
General
Check archive.org
Download Go to
Full URL
https://aviaplay.lol/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://aviaplay.lol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 03:34:54 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qy5QEqhgT%2BSra0WOOU04XfwIdpOBtELSoCY4Jkss0MAIsbaHwQIoEaKL%2BKTKW0cnIX6Wy5ntj9l6w%2FF3W9bJxzkgvZz%2FslobwtGjB6YKxyJr99dibbXZhKnEYdeGVYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
8b57172d6a0b2c75-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pageData function| fbq function| _fbq

6 Cookies

Domain/Path Name / Value
aviaplay.lol/ Name: piuid9r5u7b
Value: fe553f40-5ddb-11ef-a128-63223f5c789f
aviaplay.lol/ Name: pcpn51xnnq
Value: white1
aviaplay.lol/ Name: pwaid5cv5bu
Value: EALh
aviaplay.lol/ Name: splitidth3a5a
Value: -1
aviaplay.lol/ Name: sdataawc7n4
Value: qtUl66zrv8QL7PdO8XK8LHh1LRMPcNEog318mYm4wmk%3D
.aviaplay.lol/ Name: _fbp
Value: fb.1.1724038493469.66955434690898135

2 Console Messages

Source Level URL
Text
network error URL: https://kit.fontawesome.com/42d5adcbca.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://aviaplay.lol/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aviaplay.lol
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
kit.fontawesome.com
play-lh.googleusercontent.com
www.facebook.com
188.114.97.3
2606:4700::6812:133e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2003
2a03:2880:f050:f:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
0835f758b2820ed6aecee984c4b43a00a19c25f246782718f6d39a15cd1df8ec
09b4de76e295495530bbd9fa7b6b61d7bc00e2df4e23d2ceacfb4e002e5a9f7e
0c665497b0be297a00270501468375e4aa83120ee4b54e5e61a242fc7afa53db
2eb6c9d5b941638b0f6cc971d888f46040916a5ebd277e1f607ccfa8c1be08cc
3a19ba71b1b435a1083913403d0c974223c3ed8b3ffeaa1b96f304d85eb83d5e
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
53248840f755f6d116df9ffdddac27143de7ddaf2af7194596a2a02bbef522db
53c5f1b8231e1b7a123990008bd5e15c66e98749530c2147066d5a5696a14085
7008ae01573011e879d4edd1c5ec15a2df5944fcc969062d58d1e178387fa5b9
7d4dc61952ecda29078c79eff5640de09e6b9a77f64f3a907495498a1de8d79b
80e4a6888c8c04d7e2fb76077a7c693c9ba7cb47e168616157fd505fb8afacfe
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c8ee60365529a69ca4ac2edb0be8d1eee1bbb138915b4c05ebb056689a94526e
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d683efae876c6bb674898cb6c684916ebfd9284eb156931ddb17a5cf5a0aaf13
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e2a21087dc3bbb066e7382ad3bf2621ac9368a2d80f5a6409def08c6a1e6c70b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c8262667df74e1f9aae00a91aca35c5e8bcfd1f8cd8eb170b97359061664a2
ef871cecbca496076a2d548399ac0e0843ac94358b4cd71889b253432e9ab982