kayqueaviator.online Open in urlscan Pro
143.244.203.79  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response kayqueaviator.online/	19 KB 5 KB	274ms 61ms	Document text/html	143.244.203.79 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://kayqueaviator.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.244.203.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3851d0059782df54e2ceeaf5b36589f3e4dbae0d3e88ffa19108d2460c50d681 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Fri, 15 Nov 2024 03:35:36 GMT etag W/"6732abcf-4ae3" last-modified Tue, 12 Nov 2024 01:13:51 GMT server nginx/1.18.0 (Ubuntu)
GET H3	200	poppins fonts.cdnfonts.com/css/	7 KB 1 KB	143ms 60ms	Stylesheet text/css	172.67.184.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/css/poppins Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e3e91c0591800530952fec5dccba5a3596944370166ef2bbe08ea409c3014b1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding zstd cf-cache-status HIT age 1111431 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxV3XBEgk67SGHHVAoKY3KaRyOemlpewA3kVzG4TiWB6d22pEghHQFtkMCC8E154OidWVZWn%2FCJubtwcd3KKxcvTaJ%2FWTX%2BSOgMOXjrsje7NYtwJFag26wKmNFGibK4XMyk7Ey0%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=30356&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4075&recv_bytes=4278&delivery_rate=104510&cwnd=12000&unsent_bytes=0&cid=96a72a7cc3576d10&ts=67&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 15 Nov 2024 03:35:37 GMT content-type text/css;charset=UTF-8 vary Accept-Encoding last-modified Sat, 02 Nov 2024 06:51:46 GMT priority u=0,i=?0 cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e2c3138aacfa674-MIA access-control-allow-origin * server cloudflare
GET H2	200	css2 fonts.googleapis.com/	832 B 860 B	187ms 72ms	Stylesheet text/css	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Archivo+Black Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98c0b4cc0a0140feb218b03fe7c0fa89c26c6e496b9ce21b09df13cacadd22b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 15 Nov 2024 03:35:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 15 Nov 2024 03:35:37 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 15 Nov 2024 03:35:37 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	856 B 470 B	188ms 74ms	Stylesheet text/css	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Sans&display=swap Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3dba4702b7ad3145a583f4103efab89de56a3132b3c823eef119fa61762af98b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 15 Nov 2024 03:35:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 15 Nov 2024 03:35:37 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 15 Nov 2024 03:35:37 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	123tapronto1731248474102-Prova+social+em+imagem.jpg 123pagebuilder.s3.us-east-1.amazonaws.com/	675 KB 675 KB	377ms 182ms	Image image/jpeg	16.15.192.255
General Check archive.org Show headers Download Go to Show image Full URL https://123pagebuilder.s3.us-east-1.amazonaws.com/123tapronto1731248474102-Prova+social+em+imagem.jpg Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 16.15.192.255 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash dac4b2074b2c2a78289798e41ee2367e9a366bbbf7a7b35be21a0b76093b96b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers x-amz-id-2 Kp5iArEMfz30jfSOnkepxsnemui35Y9m/iHqVzSw7OSyyd9wdhonbcGCDyZAQbNBQIS1pGhmHnHW7Sbz/oxPtzJ0BVSFxtm0 ETag "1a42aa92e4e59dd7e367bc81e9f10f91" x-amz-request-id KYCXYH47BP2HPPPA Accept-Ranges bytes Content-Length 691026 Date Fri, 15 Nov 2024 03:35:38 GMT Last-Modified Sun, 10 Nov 2024 14:21:15 GMT Content-Type image/jpeg Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	123tapronto1731279933209-72182.jpg 123pagebuilder.s3.us-east-1.amazonaws.com/	629 KB 630 KB	334ms 139ms	Image image/jpg	16.15.192.255
General Check archive.org Show headers Download Go to Show image Full URL https://123pagebuilder.s3.us-east-1.amazonaws.com/123tapronto1731279933209-72182.jpg Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 16.15.192.255 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash a01fa2a47bcfa5b7de5f651f7980f3a22bbbe4e84cfc8ba74ea601a9d9cbbc28 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers x-amz-id-2 tF/3vcWy+vju+1gs8M7UaQ9SoxAqCwuHyrICLJO7K4Hp6+MuJ6MF3Ii8rU2h9AwRP7X+mv0U8jzJu7gIZNca/U2DL4Yngps6 ETag "98d57bbf0b092ebef865490ea1e485c6" x-amz-request-id KYCHZ81R8WQHYG9Z Accept-Ranges bytes Content-Length 644546 Date Fri, 15 Nov 2024 03:35:38 GMT Last-Modified Sun, 10 Nov 2024 23:05:34 GMT Content-Type image/jpg Server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	googletagmanager.js Show response c1.cdn1tp.net/ghelper/	55 KB 18 KB	294ms 59ms	Script application/javascript	138.197.230.28
General Check archive.org Show headers Download Go to Full URL https://c1.cdn1tp.net/ghelper/googletagmanager.js Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 138.197.230.28 North Bergen, United States, ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 915d1c26e09c77b86be215d59a55cfa9f8b6a2920cbb0b0ef43bc5da4cf79edd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers cache-control max-age=315360000 content-encoding gzip etag "65d0283a-47db" expires Thu, 31 Dec 2037 23:55:55 GMT content-length 18395 date Fri, 15 Nov 2024 03:35:37 GMT content-type application/javascript last-modified Sat, 17 Feb 2024 03:30:02 GMT server nginx/1.18.0 (Ubuntu) vary Accept-Encoding
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	117ms 55ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-7YJPWXsa' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 15 Nov 2024 03:35:37 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-7YJPWXsa' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4424, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug xnYgIASpbe7ROfNb+feMuNSRqymKEfnNRZZ2uAYTsvi1TyRf2SoaVgiAryukN6116F4VbVQCT/ROuHNRKnfBvA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62152 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	/ player-vz-d4b78df6-757.tv.pandavideo.com.br/embed/ Frame 3B5F	0 0	286ms 101ms	Document text/html	18.165.83.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://player-vz-d4b78df6-757.tv.pandavideo.com.br/embed/?v=8b676310-edb7-444c-843c-967f8c5ef34a Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.83.80 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-83-80.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://kayqueaviator.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Fri, 15 Nov 2024 03:35:38 GMT etag W/"be7d0f99631300dbfbfbab066c456fb3" last-modified Wed, 13 Nov 2024 14:29:41 GMT server AmazonS3 vary Accept-Encoding via 1.1 035e691ec6c773baa108d5dd3cdf6b28.cloudfront.net (CloudFront) x-amz-cf-id TZenMUQv_QDL79TNoMa7Xh0K_kX79RPlSQIyVSn2SVgZTzxAd6cmXA== x-amz-cf-pop IAD55-P3 x-amz-version-id 14hQ6QlWdwsQP1Yw6iQZCOv6QAJ6efhf x-cache RefreshHit from cloudfront
GET H3	200	HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2 fonts.gstatic.com/s/archivoblack/v21/	18 KB 18 KB	122ms 57ms	Font font/woff2	64.233.180.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/archivoblack/v21/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Archivo+Black Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.180.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS pe-in-f94.1e100.net Software sffe / Resource Hash 25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kayqueaviator.online Referer https://fonts.googleapis.com/ Response headers age 575295 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 08 Nov 2025 11:47:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 08 Nov 2024 11:47:22 GMT last-modified Thu, 24 Aug 2023 21:16:32 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18604 x-xss-protection 0 server sffe
GET H3	200	JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 fonts.gstatic.com/s/bebasneue/v14/	13 KB 14 KB	123ms 59ms	Font font/woff2	64.233.180.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Sans&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.180.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS pe-in-f94.1e100.net Software sffe / Resource Hash 02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kayqueaviator.online Referer https://fonts.googleapis.com/ Response headers age 562439 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 08 Nov 2025 15:21:38 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 08 Nov 2024 15:21:38 GMT last-modified Thu, 24 Aug 2023 21:28:06 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 13820 x-xss-protection 0 server sffe
GET H3	200	Poppins-Bold.woff fonts.cdnfonts.com/s/16009/	64 KB 65 KB	542ms 508ms	Font font/woff	172.67.184.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/16009/Poppins-Bold.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/poppins Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a11b45f950168e9b74999a7fdb9d76f7eb2b08c045992ba1f9ae0b995be5cb9e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kayqueaviator.online Referer https://fonts.cdnfonts.com/css/poppins Response headers cf-cache-status MISS etag "10024-5d73bbbdf9a9a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlnV7g1tZ3aw4gqWGKQRekfZL5LdihRpvA2%2B7VDsENZzJ0nNi2YJ8Xo%2BDweC2N6kfMvgsbWJp13cCBG0m5PsMn7ciHQdiaEf3zoNyT8RZJWVvFsjXNW2fvQdDxpygf8RBpITxSg%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31151&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2207&recv_bytes=4542&delivery_rate=493&cwnd=12000&unsent_bytes=0&cid=2f8adf859f6352ed&ts=509&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 15 Nov 2024 03:35:37 GMT content-type font/woff last-modified Sat, 05 Feb 2022 02:00:38 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e2c3139c9e0747d-MIA accept-ranges bytes access-control-allow-origin * content-length 65572 server cloudflare
GET H3	200	Poppins-Regular.woff fonts.cdnfonts.com/s/16009/	65 KB 66 KB	570ms 537ms	Font font/woff	172.67.184.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/16009/Poppins-Regular.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/poppins Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16b5ed244caeaa43c5e9c70566868cff1f8a9747b49cb7e28b155d14085136fb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kayqueaviator.online Referer https://fonts.cdnfonts.com/css/poppins Response headers cf-cache-status MISS etag "103a0-5d73bbbdfa652" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18AiQyr7p0wGt%2FdMXUf%2BCbR8Gr%2BK3cwp%2BFtKM7ssbseMXwrfCnwpi4mlYAF2vH%2Fn1yD0MfJkeKkcD3OZkSCfeicioCL3nft0628YTa9kRK3KnmYavZyxp009iA8LnBE1SUeVM%2BU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31151&sent=21&recv=10&lost=0&retrans=0&sent_bytes=14207&recv_bytes=4542&delivery_rate=493&cwnd=12000&unsent_bytes=0&cid=2f8adf859f6352ed&ts=537&x=1", cfExtPri, cfHdrFlush;dur=3 date Fri, 15 Nov 2024 03:35:37 GMT content-type font/woff last-modified Sat, 05 Feb 2022 02:00:38 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e2c3139c9e4747d-MIA accept-ranges bytes access-control-allow-origin * content-length 66464 server cloudflare
GET H3	200	523721117165963 Show response connect.facebook.net/signals/config/	77 KB 16 KB	111ms 110ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/523721117165963?v=2.9.177&r=stable&domain=kayqueaviator.online&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 344f8758e6d7d3407bc2ed68dfb361531fa5a8bdce2cca190e156af7ec4742db Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-MxjIdpa2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 15 Nov 2024 03:35:37 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-MxjIdpa2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=54, rtx=0, c=76, mss=1232, tbw=70280, tp=65, tpl=0, uplat=55, ullat=0 pragma public x-fb-debug zh6OIhkij0R+NlaPOa9hg4TbT+ljn5rSVwCralvbKt+OI78YOZM2cLxywrO9pG7b8PthINWRbSbbbudjmtBSNw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 19 B	117ms 55ms	Image text/plain	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=523721117165963&ev=PageView&dl=https%3A%2F%2Fkayqueaviator.online%2F&rl=&if=false&ts=1731641737534&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731641737527.436304595786132437&cs_est=true&ler=empty&cdl=API_unavailable&it=1731641737379&coo=false&rqm=GET Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4569, tp=12, tpl=0, uplat=1, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Fri, 15 Nov 2024 03:35:37 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 192 B	239ms 177ms	Image image/png	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=523721117165963&ev=PageView&dl=https%3A%2F%2Fkayqueaviator.online%2F&rl=&if=false&ts=1731641737534&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731641737527.436304595786132437&cs_est=true&ler=empty&cdl=API_unavailable&it=1731641737379&coo=false&rqm=FGET Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437344629307009793"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xab03896c1ef985c5","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["8063847157049608"]},"debug_reporting":true,"debug_key":"2384750889500127051"} date Fri, 15 Nov 2024 03:35:37 GMT content-type image/png vary Accept-Encoding x-fb-debug R0oj3gMKiS367p9AdAA5Pl0Swb/xaam+x4YzKZE9cokaXenP1KLIggH9P1noJR5LrevsmdPMipv6rVD8Ho2vZg== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437344629307009793", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality GOOD; q=0.7, rtt=52, rtx=0, c=24, mss=1232, tbw=8569, tp=20, tpl=0, uplat=122, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	117ms 56ms	Image text/plain	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=523721117165963&ev=Contact&dl=https%3A%2F%2Fkayqueaviator.online%2F&rl=&if=false&ts=1731641737540&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731641737527.436304595786132437&ler=empty&cdl=API_unavailable&it=1731641737379&coo=false&rqm=GET Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4889, tp=14, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Fri, 15 Nov 2024 03:35:37 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 196 B	211ms 150ms	Image image/png	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=523721117165963&ev=Contact&dl=https%3A%2F%2Fkayqueaviator.online%2F&rl=&if=false&ts=1731641737540&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731641737527.436304595786132437&ler=empty&cdl=API_unavailable&it=1731641737379&coo=false&rqm=FGET Requested by Host: kayqueaviator.online URL: https://kayqueaviator.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437344630316493525"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xefc9f56ac92fa62b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["8603969726318018","8625145867602930","8546825108770729"]},"debug_reporting":true,"debug_key":"2283769075433641997"} date Fri, 15 Nov 2024 03:35:37 GMT content-type image/png vary Accept-Encoding x-fb-debug +xeWjrTQqRhW5KaFkCFIbStUmmOfKxU4Cfhmx/dy6ISbcKrtW/0ssGXzxhYT+d68RhBuGRvA5CWkoyOfjrh2GQ== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437344630316493525", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality GOOD; q=0.7, rtt=52, rtx=0, c=24, mss=1232, tbw=5097, tp=17, tpl=0, uplat=95, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	json Show response ipv4.wtfismyip.com/	332 B 528 B	708ms 314ms	XHR application/json	65.108.75.112 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ipv4.wtfismyip.com/json Requested by Host: c1.cdn1tp.net URL: https://c1.cdn1tp.net/ghelper/googletagmanager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.75.112 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS wtfismyip.com Software / Resource Hash 0c0acb22f691de9c54e739e27a4cdda4197f130df52ac35775bf157bfc3319d1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate x-fortune It's going to be a fucking glorious day pragma no-cache access-control-allow-methods GET expires 0 access-control-allow-origin * content-length 332 date Fri, 15 Nov 2024 03:35:38 GMT content-type application/json; charset=utf-8
GET H2	404	favicon.ico kayqueaviator.online/	63 KB 23 KB	120ms 120ms	Other text/html	143.244.203.79 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://kayqueaviator.online/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.244.203.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 9f660aa52e264c987793b4ed5c368b6381c5a5cb5890579222452a7c70dd6bea Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kayqueaviator.online/ Response headers content-encoding gzip date Fri, 15 Nov 2024 03:35:37 GMT etag W/"63b44bb3-fbe1" content-type text/html server nginx/1.18.0 (Ubuntu)
OPTIONS H2	204	access analytics.123tapronto.com/ Frame	0 0	288ms 142ms	Preflight	2606:4700:20::ac43:470c
General Check archive.org Show headers Download Go to Full URL https://analytics.123tapronto.com/access Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:470c , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://kayqueaviator.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e2c31414e81495c-MIA content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests date Fri, 15 Nov 2024 03:35:38 GMT expect-ct max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbgYZXo%2Btdq8DVojPBr1r05D7CTaRaqMPnFvhyQ%2Fra06GV7pfYgIAyu6gJtmbREUazFulbijUCNp2IdMfKoFR7lKhnrLICuSlzGNmwYuCcqtjuK5yCnJx0JRIMgcLU8mgmLA%2Ft2uh1Y6CRPCtwMsMJt4dFE9UBc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=29379&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2386&delivery_rate=134158&cwnd=253&unsent_bytes=0&cid=d602da21f8015313&ts=156&x=0" strict-transport-security max-age=15552000; includeSubDomains vary Access-Control-Request-Headers x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 0
POST H2	201	access Show response analytics.123tapronto.com/	0 426 B	105ms 102ms	XHR text/plain	2606:4700:20::ac43:470c
General Check archive.org Show headers Download Go to Full URL https://analytics.123tapronto.com/access Requested by Host: c1.cdn1tp.net URL: https://c1.cdn1tp.net/ghelper/googletagmanager.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:470c , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://kayqueaviator.online/ Response headers cf-cache-status DYNAMIC expect-ct max-age=0 x-permitted-cross-domain-policies none report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ku77cjI42uiUfRW%2BzJVsZntr1XnID4hVXO3hk6dNJGo%2BDRKgbjPj7zZ7MBw3F1vdM0sWriuWB3TNJbm1wG99M9H%2F8tbByZBUKp%2FTWOK4%2FQ97qBD0ukZcNc0Xg9Aj8lpX5FnEx8I0pr4dnBIKntlO%2F6cs7Y0Nts8%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=29690&sent=11&recv=13&lost=0&retrans=0&sent_bytes=5114&recv_bytes=2991&delivery_rate=134158&cwnd=254&unsent_bytes=0&cid=d602da21f8015313&ts=261&x=0" date Fri, 15 Nov 2024 03:35:38 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-dns-prefetch-control off referrer-policy no-referrer x-download-options noopen cf-ray 8e2c314228b9495c-MIA access-control-allow-origin * x-xss-protection 0 server cloudflare

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| fbq function| _fbq string| back_redirect_back_link object| _0xe339 function| _0x5796 function| _0x44d1 function| _0x2f4e function| v_123_getRndInteger object| v_123_date number| v_123_randomVisitors function| v_123_updateVisitors function| v_123_replace_tag_hoje function| v_123_replace_tag_dia function| v_123_replace_tag_mes function| v_123_replace_tag_ano function| v_123_replace_tag_hoje_extenso function| v_123_replace_tag_numero function| v_123_replace_tag_visitantes function| v_123_replace_tag function| v_123_request_analytics function| v_123_request_visitor_info number| width number| height object| v123_browserInfo function| findAndReplaceDOMText

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kayqueaviator.online/	1970-01-21 03:10:17	Name: _fbp Value: fb.1.1731641737527.436304595786132437

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kayqueaviator.online/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123pagebuilder.s3.us-east-1.amazonaws.com
analytics.123tapronto.com
c1.cdn1tp.net
connect.facebook.net
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
ipv4.wtfismyip.com
kayqueaviator.online
player-vz-d4b78df6-757.tv.pandavideo.com.br
www.facebook.com
138.197.230.28
143.244.203.79
16.15.192.255
172.67.184.158
18.165.83.80
2606:4700:20::ac43:470c
2607:f8b0:4004:c08::5f
31.13.66.19
31.13.66.35
64.233.180.94
65.108.75.112
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
0c0acb22f691de9c54e739e27a4cdda4197f130df52ac35775bf157bfc3319d1
16b5ed244caeaa43c5e9c70566868cff1f8a9747b49cb7e28b155d14085136fb
25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30
344f8758e6d7d3407bc2ed68dfb361531fa5a8bdce2cca190e156af7ec4742db
3851d0059782df54e2ceeaf5b36589f3e4dbae0d3e88ffa19108d2460c50d681
3dba4702b7ad3145a583f4103efab89de56a3132b3c823eef119fa61762af98b
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
5e3e91c0591800530952fec5dccba5a3596944370166ef2bbe08ea409c3014b1
915d1c26e09c77b86be215d59a55cfa9f8b6a2920cbb0b0ef43bc5da4cf79edd
98c0b4cc0a0140feb218b03fe7c0fa89c26c6e496b9ce21b09df13cacadd22b4
9f660aa52e264c987793b4ed5c368b6381c5a5cb5890579222452a7c70dd6bea
a01fa2a47bcfa5b7de5f651f7980f3a22bbbe4e84cfc8ba74ea601a9d9cbbc28
a11b45f950168e9b74999a7fdb9d76f7eb2b08c045992ba1f9ae0b995be5cb9e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
dac4b2074b2c2a78289798e41ee2367e9a366bbbf7a7b35be21a0b76093b96b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855