aviator4ra.fun Open in urlscan Pro
104.21.67.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aviator4ra.fun/
Effective URL:
https://aviator4ra.fun/
Submission: On February 12 via api (February 12th 2024, 6:10:04 am UTC) from BE — Scanned from DE

Summary HTTP 28 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 104.21.67.44, located in and belongs to CLOUDFLARENET, US. The main domain is aviator4ra.fun.
TLS certificate: Issued by E1 on February 5th 2024. Valid for: 3 months.

This is the only time aviator4ra.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.212.46 172.67.212.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.21.67.44 104.21.67.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:81c::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	4

1 172.67.212.46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aviator4ra.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.67.44 (None, )

ASN13335 (CLOUDFLARENET, US)

aviator4ra.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 489	3 MB
6	aviator4ra.fun 1 redirects aviator4ra.fun	1 MB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	76 KB
28	3

	Domain	Requested by
22	play-lh.googleusercontent.com	aviator4ra.fun
6	aviator4ra.fun	1 redirects aviator4ra.fun
1	cdnjs.cloudflare.com	aviator4ra.fun
28	3

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.youtube.com

Subject Issuer	Validity	Valid
aviator4ra.fun E1	`2024-02-05` - `2024-05-05`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://aviator4ra.fun/
Frame ID: D135577A741EC081FB9AD89A461D3C4C
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toca Kitchen

Page URL History Show full URLs

http://aviator4ra.fun/ HTTP 301
https://aviator4ra.fun/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

5149 kB
Transfer

6581 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.tocaboca.tocakitchen
Title: App store

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=6qrs58oyNSk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aviator4ra.fun/ HTTP 301
https://aviator4ra.fun/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
aviator4ra.fun/
Redirect Chain

http://aviator4ra.fun/
https://aviator4ra.fun/

2 MB
1 MB

991ms
904ms

Document
text/html

104.21.67.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.67.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700ae1243ea94f45f3df052ae28dbd97068689448da7ad2c8fc1588a263848d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Authorization
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8542aa61aa9337fe-FRA
content-encoding: br
content-language: de-DE
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 06:09:56 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcMqohnk%2BOerPKIj%2Fn6TcKH0TS3bJtQu%2B7ElqgCSpYK9laLJZ2%2BDcyHG9CW3WvY0gy6yc2ywsZLgmUb9cGxw%2F2N0%2BDfNBGLw7cI7p834oEZInpdvl3KhJHt8VPqJj3JBGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

CF-RAY: 8542aa60ca471e51-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 12 Feb 2024 06:09:55 GMT
Expires: Mon, 12 Feb 2024 07:09:55 GMT
Location: https://aviator4ra.fun/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E631r37XYFqNvPYNxuhw7BuOFtIKLw4jtmJ1KSS9hZ39DvDZAaFJB7F13XHf%2FGS9IOWfboNkVqiV4NmMzwFlC7vllWqj%2FiwRiSnjhsH1GnLNrO14pyEpv%2BpwthvLt3KmKg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 nhPQcLEUtGcNYdBc1_FVzZT-Oi9qhzEf6O92gn5w8gv03Xb4Qr1GeN-LZ5hMggFZ2Q=w50-h50-p
play-lh.googleusercontent.com/ 6 KB
6 KB 297ms
178ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/nhPQcLEUtGcNYdBc1_FVzZT-Oi9qhzEf6O92gn5w8gv03Xb4Qr1GeN-LZ5hMggFZ2Q=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

117608eaac5507b7dfea352f9923425bc812277205dc4c331607d8058a69517d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6126
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:57 GMT

GET
H2 200 8QpVRB9O8eDHUewMYgBXm3-s6A2MiGbCIexG3pPnyeqvC5uilWxhvmkK0193W9p9xPQj
play-lh.googleusercontent.com/ 213 KB
214 KB 465ms
347ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/8QpVRB9O8eDHUewMYgBXm3-s6A2MiGbCIexG3pPnyeqvC5uilWxhvmkK0193W9p9xPQj

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a2b5acfe0ecdb135e05e9aaa166a78c6ca3b8ddc0db446743b8134348064e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218586
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ef6937b4ca76a32f0b8a07d4c80f4451a64e6eeeba5514a0f7e0a729106ed3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb325e8d8cd3ad12e6455e9d2c08df3d2d13ac6ff063a1122973483e9cea9e96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 AW-9cXetkI0iGQ7KMx84ata-H0mNIFgtR0_izhg1e4t5IqYhd3vf30RLSQ5EuO39HA
play-lh.googleusercontent.com/ 215 KB
215 KB 432ms
315ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/AW-9cXetkI0iGQ7KMx84ata-H0mNIFgtR0_izhg1e4t5IqYhd3vf30RLSQ5EuO39HA

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

98463a5fc0ff09e68c2926e2a5699fb4ffe053b8c5ce4d7841c3a466cb74a909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220321
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 8QpVRB9O8eDHUewMYgBXm3-s6A2MiGbCIexG3pPnyeqvC5uilWxhvmkK0193W9p9xPQj=w900-h500-p
play-lh.googleusercontent.com/ 565 KB
565 KB 551ms
434ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/8QpVRB9O8eDHUewMYgBXm3-s6A2MiGbCIexG3pPnyeqvC5uilWxhvmkK0193W9p9xPQj=w900-h500-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9aa5d30a1ad2c569a0c2efdead199385bb3baf22294dd395d0f0f6e822f48292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 578408
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 TDEHcVUdIa_9iZqqE6eSsG7lfzZeI01k8DleQiWDsMzfgdXXkzuMwIG78azjrKP-3A8
play-lh.googleusercontent.com/ 270 KB
270 KB 308ms
191ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/TDEHcVUdIa_9iZqqE6eSsG7lfzZeI01k8DleQiWDsMzfgdXXkzuMwIG78azjrKP-3A8

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4625e01cd5880d0071e291a5983ae304f5a5ce6f6bd96aab431175971065c90f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276265
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 bDDviPT1AvGzDwgfkyIxs27qH7NoUuTr_ka4_aQuevWIv8iNHqOLHRA3XRzVja-3TdE
play-lh.googleusercontent.com/ 233 KB
233 KB 487ms
370ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/bDDviPT1AvGzDwgfkyIxs27qH7NoUuTr_ka4_aQuevWIv8iNHqOLHRA3XRzVja-3TdE

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5e1e3ae0e613243b7b3a6e62011519082670a02fa7b3fe58a5ea22f692434ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 238430
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 lqgHRwJg-Z-bTtpblYTs2B-P4dFdoFwqqxb_dxLrvarXphB_6OJKAszCaVIQeFK-0RFD
play-lh.googleusercontent.com/ 206 KB
206 KB 305ms
303ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/lqgHRwJg-Z-bTtpblYTs2B-P4dFdoFwqqxb_dxLrvarXphB_6OJKAszCaVIQeFK-0RFD

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d88a5392c6f05613c4d847be947dc292ca4e80e546ae37b85bfa6bdb5733ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211092
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 hGvAe2JknA0F35K9mdCfGlMXuPRiudaIja0JGC5QRNXtE2sVI3MmsR0NdD_a7qSv6A
play-lh.googleusercontent.com/ 185 KB
186 KB 291ms
289ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/hGvAe2JknA0F35K9mdCfGlMXuPRiudaIja0JGC5QRNXtE2sVI3MmsR0NdD_a7qSv6A

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b4e97eede43184e19fe4caa8f55e634786350b717ce002ac20a9b68aa6925bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189830
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 nf1isUeNKxGc1vq5b4w2CDeYAU8DY6ArnA1lZs2DPW9ILNNXvmF4YMW92BgW7VsEec0
play-lh.googleusercontent.com/ 253 KB
254 KB 381ms
379ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/nf1isUeNKxGc1vq5b4w2CDeYAU8DY6ArnA1lZs2DPW9ILNNXvmF4YMW92BgW7VsEec0

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a333abf8a1c91eb8d3b1c418358201097a71925425e718dfb833f13787727d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259481
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 mpO4cpXHkALD5AbmYYZKbsVmboYD6ukNt87dExGeB0BgLo5i4JfSBZAaBZjiT1O-Fg
play-lh.googleusercontent.com/ 191 KB
191 KB 330ms
328ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/mpO4cpXHkALD5AbmYYZKbsVmboYD6ukNt87dExGeB0BgLo5i4JfSBZAaBZjiT1O-Fg

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1ec0da899c16a8ea4801d4a43d8742911de22b067d70c9b2745c3bef2693b2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 195311
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 7qooLAehk5F8xfKblrPZsXV17EkfQHuPEMtlJdNJoqYbvdG1vA3h0R_aYznS7uNmT20
play-lh.googleusercontent.com/ 223 KB
223 KB 304ms
301ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/7qooLAehk5F8xfKblrPZsXV17EkfQHuPEMtlJdNJoqYbvdG1vA3h0R_aYznS7uNmT20

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d769e971d9aa3365eaa422fc3023b122e428da7b5ecc1e550ae7df240eae1395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228030
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 RKa6d88h-VhFlD0YS0ffqBAzsq1Pf-gatUhauTMluBJMpUpXe9Qrt1btVZ8kpdagmRU
play-lh.googleusercontent.com/ 240 KB
240 KB 314ms
312ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/RKa6d88h-VhFlD0YS0ffqBAzsq1Pf-gatUhauTMluBJMpUpXe9Qrt1btVZ8kpdagmRU

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91f40112827fa69682de6d58e365c27b67619d89137fc392ffbd6a8e2076f932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245549
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 fbz4r2nAIH18N1LIQHzUvp5c8dHs99Iog5no3vaYgrBxVQs96scTRHtXnXC45-pxSw8R
play-lh.googleusercontent.com/ 308 KB
308 KB 588ms
587ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/fbz4r2nAIH18N1LIQHzUvp5c8dHs99Iog5no3vaYgrBxVQs96scTRHtXnXC45-pxSw8R

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

30ab2be9f12b12bc2e19735a5ef9899408d349b9def86b4b0cad12e7997ee47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315134
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 4RLn5Pn_N1sPFXG0e9qUFx9SDJgKafH66gkl4JiTFHa0n7T7nmnPjjC8aIhtT3_0a4I
play-lh.googleusercontent.com/ 246 KB
246 KB 307ms
306ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/4RLn5Pn_N1sPFXG0e9qUFx9SDJgKafH66gkl4JiTFHa0n7T7nmnPjjC8aIhtT3_0a4I

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17e01a7a900e67936f205deedd8a38291cd772a41f3fae3f8543ba99784f5454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252156
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 ALV-UjWGhIVGxNbV8UTFFf0EQ59ZNuJz5buD6jCsILAOrWzhfw=w50-h50-p
play-lh.googleusercontent.com/a-/ 2 KB
2 KB 501ms
500ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjWGhIVGxNbV8UTFFf0EQ59ZNuJz5buD6jCsILAOrWzhfw=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e29222b85eadfeb74e989cedf951b82daa0c6fb8aac09acdd9c287a9b97d5e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v44"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1784
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 ALV-UjVkdtLuMXn_qYlrT_iscjLJL3jhKaevbGKawcYfDj1ri6s=w50-h50-p
play-lh.googleusercontent.com/a-/ 2 KB
2 KB 388ms
387ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVkdtLuMXn_qYlrT_iscjLJL3jhKaevbGKawcYfDj1ri6s=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5b3e319ec828ef17cdf70c3e19e8a003c13f3dead208a9c41a28fb5a114e4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2db"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1849
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 ALV-UjWlpmtzEa6mwSGy5kXgZ0GMS2qz1Q7GgvExEu0yVniMrA=w50-h50-p
play-lh.googleusercontent.com/a-/ 2 KB
2 KB 407ms
405ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjWlpmtzEa6mwSGy5kXgZ0GMS2qz1Q7GgvExEu0yVniMrA=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c49d45c905aceca3f81e386b7365ab10fbbb279b9efaddaa7e3c78b24b1cd217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v21"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2050
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 ALV-UjUtvf4bS0QM8wPf69aPUz92UrykFbyqDXLuQcsqtg4UYtY=w50-h50-p
play-lh.googleusercontent.com/a-/ 2 KB
2 KB 391ms
389ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjUtvf4bS0QM8wPf69aPUz92UrykFbyqDXLuQcsqtg4UYtY=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cbc7856db993c7a58f4a59e450185440acac2facdb81ec01841f8fbb13ed2c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v105c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2118
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 EGemoI2NTXmTsBVtJqk8jxF9rh8ApRWfsIMQSt2uE4OcpQqbFu7f7NbTK05lx80nuSijCz7sc3a277R67g=w50-h50-p
play-lh.googleusercontent.com/ 274 B
573 B 44ms
43ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/EGemoI2NTXmTsBVtJqk8jxF9rh8ApRWfsIMQSt2uE4OcpQqbFu7f7NbTK05lx80nuSijCz7sc3a277R67g=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8794428c292b568ee3b1813a7b75db10da340af8370eb8c74ad3abbac5876937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:11:36 GMT
x-content-type-options: nosniff
age: 14301
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Feb 2024 02:11:36 GMT

GET
H2 400 ACg8ocI2UbXqE9P4tCJ6OPLpoUuAKaQWCFK8RG78s2b4IPXh=mo=w50-h50-p
play-lh.googleusercontent.com/a/ 0
0 52ms
50ms Image
text/html 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play-lh.googleusercontent.com/a/ACg8ocI2UbXqE9P4tCJ6OPLpoUuAKaQWCFK8RG78s2b4IPXh=mo=w50-h50-p
Requested by: Host: aviator4ra.fun
URL: https://aviator4ra.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 ALV-UjX6qEizJxQIyKAC9odaobfGSfUh0jYhoEO34nRxPcv0_Q9D=w50-h50-p
play-lh.googleusercontent.com/a-/ 2 KB
2 KB 337ms
336ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjX6qEizJxQIyKAC9odaobfGSfUh0jYhoEO34nRxPcv0_Q9D=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

974dae3f619d1f7f425ff26b766610323e16b50d5a35eb77e9d10ab02e4cbc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v51fc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1982
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 ALV-UjUiWrDfymaPk8nwbAXfegw5I3R2dirolilDZwVbBZilaw=w50-h50-p
play-lh.googleusercontent.com/a-/ 5 KB
5 KB 357ms
355ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjUiWrDfymaPk8nwbAXfegw5I3R2dirolilDZwVbBZilaw=w50-h50-p

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a5aef1b1d67983f98e5b18f6fc03f07385c02bff026bf2d2d43acaf7265895d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v70"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4903
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:09:58 GMT

GET
H2 200 email-decode.min.js Show response
aviator4ra.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 42ms
42ms Script
application/javascript 104.21.67.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aviator4ra.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.67.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Feb 2024 15:36:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bd0be2-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzJKL2%2B36laiUN%2BJaXX56PKqW8TGhl2Fdk4neOcQjl1a8aruU4yewk3%2BJ2B5CWI919g7QIFqjBnPxDNsgu2fdh%2FxSvlQAcDsCDx4%2FcQtcMAydAQc6j4gBTZWQxH4kBB1SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8542aa6ff80f37fe-FRA
expires: Wed, 14 Feb 2024 06:09:57 GMT

GET
H2 404 earphone.png
aviator4ra.fun/img/video/ 555 B
555 B 428ms
428ms Image
text/html 104.21.67.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator4ra.fun/img/video/earphone.png
Requested by: Host: aviator4ra.fun
URL: https://aviator4ra.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.67.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aviator4ra.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q99tyWKTxUBYsajlsxi5KrY0FfX6HI0YVzz8w3Qh9pQ2tC4Hl5fpEnGb3roM5nYWFjX3rs%2BuXJXuCWNbPkoXQXbeQB28d2BLtJKU2FgF5jUvZ4okCiC%2Fycwuy7IyLZiD4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8542aa70182137fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 mobile-bg.png
aviator4ra.fun/img/clients/ 555 B
555 B 429ms
429ms Image
text/html 104.21.67.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator4ra.fun/img/clients/mobile-bg.png
Requested by: Host: aviator4ra.fun
URL: https://aviator4ra.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.67.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aviator4ra.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znh3kTMwDhzBDm262tVOsNTcvtREYUDd4aezORlUTgQYm6ibBbRzGmQTjteUGQS8nx4niScziszf5PY%2FIBiTEqVum2W0cL%2ByZA%2BMkT%2BNbjQ9MDfDmPBFgNqlHMv4OlD7aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8542aa70182237fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 dotted.png
aviator4ra.fun/img/clients/ 555 B
555 B 433ms
433ms Image
text/html 104.21.67.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aviator4ra.fun/img/clients/dotted.png
Requested by: Host: aviator4ra.fun
URL: https://aviator4ra.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.67.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aviator4ra.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wqa1oACLsXp%2Bh7d3kAc79f84GPFiDlqn1MzgGGME6rzzAPVhUbvFmFSQqBGYAuH5btUbsgBSk54ouElV%2FDWbPgv4LQwn2qVw0rPFAmlg03Uij9mBocl1XskpMbyuuSHBew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8542aa70182437fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 133ms
48ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2

Requested by

Host: aviator4ra.fun
URL: https://aviator4ra.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://aviator4ra.fun/
Origin: https://aviator4ra.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:09:57 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 986566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PL%2BPh3BW4NBpuU3Bfvl2S7jbvLqEH%2FOKl5M9qN4Zk3uQFFgh6E18j9bX%2BFpRTBiZPAiL5xfXQgIMUsaZYEFXmsqiR6AfwNjfatNKLoCaHiGy3A0r5d0TA4AZl0DKVR7apYzjt%2Brow%2FhNKAHAbPb2bpnY"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8542aa70a8041e60-FRA
expires: Sat, 01 Feb 2025 06:09:57 GMT

GET
DATA 200
OK truncated
/ 615 KB
615 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00f9608b3cbbb28d65eca172de8b338e505e76c228ca385e25f3f6784e29552c

Request headers

Referer
Origin: https://aviator4ra.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 54 KB
54 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf1694791b58019367c4bdfcbc4e85e9b2fc02e460b720cc1c9c0bcbe0bd4779

Request headers

Referer
Origin: https://aviator4ra.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: application/font-woff

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://play-lh.googleusercontent.com/a/ACg8ocI2UbXqE9P4tCJ6OPLpoUuAKaQWCFK8RG78s2b4IPXh=mo=w50-h50-p Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://aviator4ra.fun/img/video/earphone.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aviator4ra.fun/img/clients/mobile-bg.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aviator4ra.fun/img/clients/dotted.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aviator4ra.fun
cdnjs.cloudflare.com
play-lh.googleusercontent.com
104.21.67.44
172.67.212.46
2606:4700::6811:190e
2a00:1450:4001:81c::2016
00f9608b3cbbb28d65eca172de8b338e505e76c228ca385e25f3f6784e29552c
0a5aef1b1d67983f98e5b18f6fc03f07385c02bff026bf2d2d43acaf7265895d
0d88a5392c6f05613c4d847be947dc292ca4e80e546ae37b85bfa6bdb5733ffc
117608eaac5507b7dfea352f9923425bc812277205dc4c331607d8058a69517d
17e01a7a900e67936f205deedd8a38291cd772a41f3fae3f8543ba99784f5454
1ec0da899c16a8ea4801d4a43d8742911de22b067d70c9b2745c3bef2693b2a6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30ab2be9f12b12bc2e19735a5ef9899408d349b9def86b4b0cad12e7997ee47d
4625e01cd5880d0071e291a5983ae304f5a5ce6f6bd96aab431175971065c90f
5e1e3ae0e613243b7b3a6e62011519082670a02fa7b3fe58a5ea22f692434ddc
680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9
700ae1243ea94f45f3df052ae28dbd97068689448da7ad2c8fc1588a263848d4
7a2b5acfe0ecdb135e05e9aaa166a78c6ca3b8ddc0db446743b8134348064e2d
8794428c292b568ee3b1813a7b75db10da340af8370eb8c74ad3abbac5876937
8ef6937b4ca76a32f0b8a07d4c80f4451a64e6eeeba5514a0f7e0a729106ed3a
91f40112827fa69682de6d58e365c27b67619d89137fc392ffbd6a8e2076f932
974dae3f619d1f7f425ff26b766610323e16b50d5a35eb77e9d10ab02e4cbc83
98463a5fc0ff09e68c2926e2a5699fb4ffe053b8c5ce4d7841c3a466cb74a909
9aa5d30a1ad2c569a0c2efdead199385bb3baf22294dd395d0f0f6e822f48292
a333abf8a1c91eb8d3b1c418358201097a71925425e718dfb833f13787727d97
b4e97eede43184e19fe4caa8f55e634786350b717ce002ac20a9b68aa6925bad
b5b3e319ec828ef17cdf70c3e19e8a003c13f3dead208a9c41a28fb5a114e4ca
bf1694791b58019367c4bdfcbc4e85e9b2fc02e460b720cc1c9c0bcbe0bd4779
c49d45c905aceca3f81e386b7365ab10fbbb279b9efaddaa7e3c78b24b1cd217
cb325e8d8cd3ad12e6455e9d2c08df3d2d13ac6ff063a1122973483e9cea9e96
cbc7856db993c7a58f4a59e450185440acac2facdb81ec01841f8fbb13ed2c9d
d769e971d9aa3365eaa422fc3023b122e428da7b5ecc1e550ae7df240eae1395
e29222b85eadfeb74e989cedf951b82daa0c6fb8aac09acdd9c287a9b97d5e71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

aviator4ra.fun Open in urlscan Pro 104.21.67.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

5149 kBTransfer

6581 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aviator4ra.fun Open in urlscan Pro
104.21.67.44 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

5149 kB
Transfer

6581 kB
Size

0
Cookies

28 HTTP transactions
4 data transactions