ar.luckymodapk.com Open in urlscan Pro
172.67.140.112  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request downloading.html Show response ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/	32 KB 8 KB	928ms 484ms	Document text/html	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5451063eac7468148095d60a842902fa4ac6838ab234adff323e52939c16fee5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 883d050e6ae49b94-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 14 May 2024 18:40:59 GMT expires Wed, 15 May 2024 18:44:36 GMT last-modified Tue, 14 May 2024 18:44:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7tuJ%2BnZaw%2FPoRUMnIhA%2Fn%2FaKmvuOfsrRL4l3BCWG28ZUj9sChsXXf8DjsPYwQ%2BYxWkzWMHhqO3UBMeJvEzqNG3ZI2OvDC7F9pB29aZzg%2BVaK6vu%2BK2vOoXCa9Dq0V7aUqV6jc6Y%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Accept-Encoding
GET H3	200	page_ar.css ar.luckymodapk.com/static/css/	20 KB 6 KB	126ms 126ms	Stylesheet text/css	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ar.luckymodapk.com/static/css/page_ar.css?1.18 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c59f93a5337f6493e96015ca733c6d0197708da0274fce182a373bf29914a7d9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Wed, 08 Nov 2023 01:33:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"654ae582-4f6a" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5S9yuLwoREswVmPLjl%2FxVg5KEDn3DZ%2BnLyRFlxsD0q9%2FBG3mgIwWO5Qc70kqauJv9ln5iKsN7fimGDlOMPls2bGLZ9Xd88rgs4T4I115%2FgnQ9w3rAdk0f%2F5nPPW23CjbbVzb94%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 883d0511cfb19b94-FRA alt-svc h3=":443"; ma=86400
GET H2	200	script.js Show response cdn.pubxmedia.com/library/luckymodapk.com/	9 KB 4 KB	165ms 53ms	Script application/javascript	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pubxmedia.com/library/luckymodapk.com/script.js Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c866a23578680041142cbf849d4ac9ab10922d92a1fad038b05328fdfb00ec4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br cf-cache-status HIT last-modified Sun, 28 Apr 2024 21:45:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 46850 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yb7GoADrl9s2uPQP5WO8vDKEOSlT%2B%2BqDdhCs4b0z9Vs7a3dnPK5mX%2BJ1h%2BgT9JnEoAWdWPdmpad1dNwbYi%2B9RbQs3TXld%2F9qWDcSC7ogU%2F%2BI7Fzbm1fUXlB5mY8b9b8PqP7s1STWRUDiB%2BIAq%2FGOKg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 883d051279f2bbbc-FRA alt-svc h3=":443"; ma=86400 expires Tue, 21 May 2024 05:40:09 GMT
GET H3	200	dfast_desc.png ar.luckymodapk.com/static/img/	62 KB 63 KB	127ms 127ms	Image image/png	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ar.luckymodapk.com/static/img/dfast_desc.png Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1eae3de7f7471bff8141e50492b6912eae9d0b1af24d2f24c99727645509a698 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Apr 2022 01:45:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "62577cd6-f81a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWmT6cvH7cUYMDDqaBVO%2FLzCXQXI2wpzrCQJ7w49ENyP7yuzl93ubLGfK4F7x%2Ba%2BWc0b5n%2FETqgFpkuFcTujiJVBacTz32RfLzlAhYy%2BjcgheuodT3lpM3%2FhmKbcWdu%2B7PkvAo8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 883d0511cfb59b94-FRA alt-svc h3=":443"; ma=86400 content-length 63514
GET H3	200	logo.png ar.luckymodapk.com/static/img/	14 KB 15 KB	205ms 205ms	Image image/png	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ar.luckymodapk.com/static/img/logo.png Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba2f502cf4abb1534ed74de3c1696c936e33c3133ea7f8f28ae8b64d16b57a2c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT cf-cache-status REVALIDATED last-modified Fri, 05 Jun 2020 08:49:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5eda070c-3998" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QhNtprVChttwaV3oXow8bYaRlKRNDe18mssIKSn0PuvWZxQM%2BxGZxfJwwScUnQo4Y3TE%2BHugIfI%2B1a96fgqCUh33iV8JpHJH5lD7wpWY6S7GDiLW4sf9B%2FitZ3xpudDk7Jy0Sc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 883d0511cfb69b94-FRA alt-svc h3=":443"; ma=86400 content-length 14744
GET H3	200	grey.gif ar.luckymodapk.com/static/img/	43 B 496 B	131ms 131ms	Image image/gif	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ar.luckymodapk.com/static/img/grey.gif Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT cf-cache-status REVALIDATED last-modified Fri, 05 Jun 2020 08:49:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5eda0710-2b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9Khg05ac7x69PQcfhr%2FpcfcGZokovZjpMs0NWuKRGYFd6GPKarzif%2FFyp9GmL69Kivv9bd4jC8ylzoy37tp7rtQbNW%2F4teuuUKzCtvvTDJvTJ0fYXxh%2BCjpszJulF8KlFlMLGk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 883d0512c9179b94-FRA alt-svc h3=":443"; ma=86400 content-length 43
GET H3	200	jquery-1.11.0.js Show response ar.luckymodapk.com/static/js/	91 KB 34 KB	140ms 139ms	Script application/javascript	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ar.luckymodapk.com/static/js/jquery-1.11.0.js Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4324b38b9ec698fc427b815572e3aab9751db1df02d4dbe0a682e753aeeda897 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 10 Mar 2020 09:56:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5e676445-16dc5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2BdGupBRncrYAqV2jXXNTwt7r85KKGGI3HH4oX1gBpn3sxU3rdwbU6O9PTkq5AbqDJUQrZTkILUvBnv8FSOqU%2BJfKGP7eOa4MW0Vn%2BqpkSVVqegY0ia%2BItqKRNGUBVqd7m39Dx4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 883d0512c91a9b94-FRA alt-svc h3=":443"; ma=86400
GET H3	200	lazyload.js Show response ar.luckymodapk.com/static/js/	4 KB 2 KB	127ms 126ms	Script application/javascript	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ar.luckymodapk.com/static/js/lazyload.js Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d375b81cfccd24a85a39a3de8f2bf580868fcc77dae0416505eb37c1a1b23afe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 10 Mar 2020 09:56:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5e676447-1083" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVRh65kDmN2uZJ03NxgaE2vmHIHFUsn7EoTrbBjK%2FMa4OvqvoBFnRM68okyoWdn78q8EExTCZbuos5t7gZWmw57qgQsdAkDrrdhdHGK2rU1JSkrq%2FTERZXAADqd%2FkjcWPOU5iks%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 883d0512c91f9b94-FRA alt-svc h3=":443"; ma=86400
GET H3	200	future.js Show response ar.luckymodapk.com/static/js/	692 B 746 B	180ms 178ms	Script application/javascript	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ar.luckymodapk.com/static/js/future.js Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4025822ba42e7165cd8397daed918f5a4400cc0f2d7f803c7957ffb69d3d5814 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 10 Mar 2020 09:56:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5e676444-2b4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WRaoK%2FsTHxwyEs4JwL2nK8xhG45HPG8tnEybeVWW5il9y8OzReKb68CGehQQYjMcRR%2BAPENbS9uuBInXd9ywpczTYw01cyN6UJgFF%2BZ7X%2Fug8ycNboo5KMpZbcv1nNVnRVrEK%2Bo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 883d0512c9239b94-FRA alt-svc h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	288 KB 97 KB	155ms 69ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GK870P74CF Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ab7c6e1d31b4315f22cade6e34e29421fe2e71b82e3da9e26f106e65984fe97a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 99190 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 14 May 2024 18:40:59 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	94 KB 29 KB	162ms 82ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.pubxmedia.com URL: https://cdn.pubxmedia.com/library/luckymodapk.com/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e8c9fff5a4796d7fde796a74e55be43bbb3e34f9fe2cc680f0831bff1543cfc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30069 x-xss-protection 0 server cafe etag 587 / 19857 / m202405090101 / config-hash: 658225500208705146 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 14 May 2024 18:40:59 GMT
GET H3	200	icon-search.png ar.luckymodapk.com/static/img/	453 B 910 B	124ms 124ms	Image image/png	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ar.luckymodapk.com/static/img/icon-search.png Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/static/css/page_ar.css?1.18 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14cb261f14f0addb83cb1bad57928f2211bf711b88775cb2891b5f7a0c0117d1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/static/css/page_ar.css?1.18 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT cf-cache-status REVALIDATED last-modified Fri, 05 Jun 2020 08:49:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5eda0715-1c5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAXOeFC9fGfPWuoWPlBXvFk%2FbB25iG%2BuCdKsUERNcN1YI0t7aSJqvNHfvCsx1pyg12GMi2ngbBAzNBkWrIBGG9u%2FKh%2F33MXzCM2bf11RKxAp0NvPvkOsoNpMo1R974KypJ5EDF4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 883d0512d9299b94-FRA alt-svc h3=":443"; ma=86400 content-length 453
GET H3	200	dfast_download2.png ar.luckymodapk.com/static/img/	6 KB 6 KB	129ms 129ms	Image image/png	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ar.luckymodapk.com/static/img/dfast_download2.png Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/static/css/page_ar.css?1.18 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f147b29d88e289a5b7450cc32895b0358ce73c844b1a84b18c9cf5fb9b1565c2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/static/css/page_ar.css?1.18 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Apr 2022 01:45:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "62577cd4-1696" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zndBUcq73H7OUmtdvSuohs0VAU3YDYSofDJiM6YBUZ6SV3JIHgDK2vdDZIJ40VfF2FTFOXQcOtyF5KjONRHosa9kuzPz8S3i3dSyQpY74yZt9lM6wcMpASn5mkDrXU3ELCFdLwY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 883d0512d92d9b94-FRA alt-svc h3=":443"; ma=86400 content-length 5782
GET H3	200	dfast_download1.png ar.luckymodapk.com/static/img/	4 KB 5 KB	130ms 129ms	Image image/png	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ar.luckymodapk.com/static/img/dfast_download1.png Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/static/css/page_ar.css?1.18 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d1923a996d5e5bc4a5ef958d1dbf7c29a4575aac784c83f175f8ad4973f44be Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/static/css/page_ar.css?1.18 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Apr 2022 01:45:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "62577cd5-10e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmuOE%2F72Hl6tFlfB5LgAZh1RRijA2b%2FU6qxd5D53WXa2XQdVTg58YH%2BbrCZniwfvxQR02ii%2Frqqw4DIG3%2FTP8HFPbJrjGG6TsQQsvWlf7Nzja%2BRCt6tas1V5%2F%2Fdxv9tw2fH0ze4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 883d0512d9309b94-FRA alt-svc h3=":443"; ma=86400 content-length 4324
GET H3	200	hm_apk_channel_down.js Show response official.downloadatoz.com/	2 KB 1 KB	185ms 116ms	Script application/javascript	104.21.235.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://official.downloadatoz.com/hm_apk_channel_down.js?0.41373527972632673 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/static/js/jquery-1.11.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.235.147 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3be77179358bf589f83ce244b5ffa48b5530b7d2f0728abad4d9951ba769fdf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br cf-cache-status MISS last-modified Mon, 08 Apr 2024 08:11:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6613a6ad-901" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqhPdqLlw9iszd4tNfe5QLG7Z0WnYGExjMFdrKBS0l9vs8jb5xo0NfomYVrWoTdYxRkhAMn5Uj6XS3XNPB1SlxVKLhoDJvQ%2FgenzZBaWMn%2F0GZsc%2BT5EF5Z%2FAsluVMZ03ym3GnQjuzwAIWbh"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=864000 cf-ray 883d05146c2cf0a7-CDG alt-svc h3=":443"; ma=86400 expires Fri, 24 May 2024 18:38:25 GMT
GET H3	200	new_star.min.js Show response rating.downloadatoz.com/	50 KB 20 KB	212ms 143ms	Script text/html	104.21.235.148 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rating.downloadatoz.com/new_star.min.js?0.08717135015374877&domain=luckymodapk&hl=en&type=mod Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.235.148 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a828eebc41fea387689327e4f772e8309f1c672b5f4ff46d8d106abda8c975bf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 14 May 2024 18:40:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vScSf00ym5mXU6A3MbZ4kDO0K4%2Folvd%2BIWQlaQFzPkJL6BbRTlGUwCVoLTulgsNHfKHF5IB0W64IN7qkuoMxRFImmz7v3EslBh4%2Fhk88pts21wHGcp0FYvWK%2FwCxDOnBPzWl%2Fim6QIruSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=utf-8 cache-control max-age=14400 cf-ray 883d051468ca3c9f-CDG alt-svc h3=":443"; ma=86400
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/	454 KB 142 KB	39ms 39ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 10:36:40 GMT content-encoding br x-content-type-options nosniff age 29059 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 145002 x-xss-protection 0 server cafe etag 8410536799634492291 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 14 May 2025 10:36:40 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	137ms 46ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GK870P74CF&gtm=45je45d0v896044092za200&_p=1715712059498&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1168880579.1715712060&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715712059&sct=1&seg=0&dl=https%3A%2F%2Far.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&dt=JBS%20RH%20com%20Voc%C3%AA%E2%80%8F%20Mod%20APK%201.4.10%20(Unlimited%20money)%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1421 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GK870P74CF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 14 May 2024 18:40:59 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ar.luckymodapk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	22387492205 Show response fundingchoicesmessages.google.com/i/	182 KB 61 KB	169ms 72ms	Script application/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/22387492205?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c0d4f0aac6ba9a097da380a453fb17193fefa2b81bfa86c62ccb4e74be672849 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--ALq759RruVfhEoUx1vRrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-security-policy script-src 'report-sample' 'nonce--ALq759RruVfhEoUx1vRrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0pBiOHHrNtMFID7vdIfpOhAbaDxnsgBiia8vmbSAOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAnPTvPGsJEO9cfIH1IBCvOnKBdRMQt3--wDoTiL-zX2T9D8RljhdZ64BYiIdj94O-TWwCE17P-smkpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgamisZ2AUX2AAACmUS_o" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	hm_hpt_download_log_web.php Show response bt-log.dfast.app/api/hm_to_hpt/	51 B 501 B	186ms 115ms	Script text/html	172.67.174.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bt-log.dfast.app/api/hm_to_hpt/hm_hpt_download_log_web.php?callback=success_jsonpCallback&id=YTo4OntzOjM6InVpZCI7czoxODoiYXIubHVja3ltb2RhcGsuY29tIjtzOjI6ImlwIjtzOjE0OiIxODUuMTkxLjEyNC41MSI7czoxMjoiZmlsZV92ZXJzaW9uIjtzOjY6IjEuNC4xMCI7czo2OiJ1cmxfaWQiO3M6MjE6ImJyLmNvbS5qYnMucmguY29tdm9jZSI7czo5OiJmaWxlX3R5cGUiO3M6MzoiYXBwIjtzOjQ6InNpemUiO3M6NDoiOC41TSI7czo1OiJ0aXRsZSI7czoxOToiSkJTIFJIIGNvbSBWb2PDquKAjyI7czo0OiJpY29uIjtzOjExNToiaHR0cHM6Ly9wbGF5LWxoLmdvb2dsZXVzZXJjb250ZW50LmNvbS85LUxZR0lQdGJQZy1ocENiS0l3Zm1reEU4T2VBdk9LVTdfWWJ2bW1zUUN4b2FIZTNBMVB0X1I1dVZJWnY4QzJLQUNrPXcyNDAtaDQ4MCI7fQ==&device=&os=&_=1715712059763 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/static/js/jquery-1.11.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.131 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a36d5006be835b4dcdb305610bdb22c4cf34066b62acdc9afaeb0a1c3301eaf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:40:59 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aaXHFLCkt1i%2BsEbTdoBfcHz%2BAx3Vl1fx9mOtzGvAksdXClIiDxfxs51TIOm0YDzC6dtFqAVbDqbCJgxapnkFhUQy8QqBAGfuPQvziPGR4DNMFkCgiY5DT2j72Gho54eKwHmj"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 883d05161ffd1e30-FRA alt-svc h3=":443"; ma=86400
GET H2	200	x_uC8tvqqcQftUG9h6S6g4-HWnVTFFKebKNq6Y_2ER_82LCaK4tKAJUlKe9_9LvyTco=w240-h480 play-lh.googleusercontent.com/	121 KB 121 KB	264ms 164ms	Image image/png	2a00:1450:4001:80e::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/x_uC8tvqqcQftUG9h6S6g4-HWnVTFFKebKNq6Y_2ER_82LCaK4tKAJUlKe9_9LvyTco=w240-h480 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 4158ad049514ecae3c9ef0df3ae50e46d788d191803e1a2910ae54e25342d4cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 17:08:55 GMT x-content-type-options nosniff age 5524 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123513 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 May 2024 17:08:55 GMT
GET H2	200	rrL2OEhUlEyb3TbZ4QqaamMr0RUcZxI4DrsWClDdq49pzmpVde8nGa9lrNZFTlL9TaI=s180 play-lh.googleusercontent.com/	51 KB 51 KB	244ms 145ms	Image image/png	2a00:1450:4001:80e::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/rrL2OEhUlEyb3TbZ4QqaamMr0RUcZxI4DrsWClDdq49pzmpVde8nGa9lrNZFTlL9TaI=s180 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash fbe436a59423bb704e7e2e73b9a0d706ac3b33a6ad143bb53f780676238cc16f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 17:15:25 GMT x-content-type-options nosniff age 5134 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52319 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 May 2024 17:15:25 GMT
GET H2	200	HzNMR2sG_sCO0k34OAovYXGjJNK-FxfPacRmA-k3981W3Ui8_KEaQC3_aK3u1N-YC2A=w240-h480 play-lh.googleusercontent.com/	104 KB 104 KB	140ms 41ms	Image image/png	2a00:1450:4001:80e::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/HzNMR2sG_sCO0k34OAovYXGjJNK-FxfPacRmA-k3981W3Ui8_KEaQC3_aK3u1N-YC2A=w240-h480 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b1ac9de965723b16b888222a862f210a9f0b70917e36486c759398fb16f4a387 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 17:08:55 GMT x-content-type-options nosniff age 5524 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 106193 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 May 2024 17:08:55 GMT
GET H2	200	f141klC-dR_0_QBPpkEkyLAHrwCel0djagBcrV5S54n1OZEjXg2rk1zJSYwBFScegJTe=s180 play-lh.googleusercontent.com/	23 KB 23 KB	184ms 85ms	Image image/png	2a00:1450:4001:80e::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/f141klC-dR_0_QBPpkEkyLAHrwCel0djagBcrV5S54n1OZEjXg2rk1zJSYwBFScegJTe=s180 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ce3ce1c8b1933148d747f518096ea46d5d9835d87c8fa06ec2cd0c00e9a280e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 17:15:26 GMT x-content-type-options nosniff age 5133 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23683 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 May 2024 17:15:26 GMT
GET H2	200	eU-U4JmpY4OHkf_vPpDMisz-FWIbUuXJCKDp5xPTFwPynvIeFQXYp05Pgx0rtOoJix0=w240-h480 play-lh.googleusercontent.com/	112 KB 112 KB	271ms 172ms	Image image/png	2a00:1450:4001:80e::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/eU-U4JmpY4OHkf_vPpDMisz-FWIbUuXJCKDp5xPTFwPynvIeFQXYp05Pgx0rtOoJix0=w240-h480 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash a58496bd7418f8d58453641423597891a346ecf78623ba387635a934c4fab708 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 17:15:26 GMT x-content-type-options nosniff age 5133 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 114654 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 May 2024 17:15:26 GMT
GET H2	200	F59CBX2KHebZh9Imk4G7n0XngT27vpU9jyHRTT-Xy4EJpgmsgehlfsylRZ7EPSS6IE8=w240-h480 play-lh.googleusercontent.com/	21 KB 21 KB	257ms 157ms	Image image/jpeg	2a00:1450:4001:80e::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/F59CBX2KHebZh9Imk4G7n0XngT27vpU9jyHRTT-Xy4EJpgmsgehlfsylRZ7EPSS6IE8=w240-h480 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash c1ea5c7c0a36e1f274b8b0431ea6e176209316e90954cb86941a23407e151d52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 15:49:17 GMT x-content-type-options nosniff age 10302 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21350 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 May 2024 15:49:17 GMT
GET H2	200	XjzlLdB7V4uYKBk-_NSKwv6DSfBKpZb3tmCFX2k2oBjAEV_-o-W3HqkQ6vjHIRL4PnMH=s180 play-lh.googleusercontent.com/	79 KB 79 KB	175ms 175ms	Image image/png	2a00:1450:4001:80e::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/XjzlLdB7V4uYKBk-_NSKwv6DSfBKpZb3tmCFX2k2oBjAEV_-o-W3HqkQ6vjHIRL4PnMH=s180 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 8af42b1a7330ce1c22a7af2da285552121f25e3f9ef77e785b5aaa23733769b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 15:49:17 GMT x-content-type-options nosniff age 10302 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80654 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 May 2024 15:49:17 GMT
GET H2	200	AGSKWxXrVXLEyVPeKe_E2u5GCWr1_15CVRqnK5uL1dI8UyKmwlXV7q5KFevak3e4UNKfEVxLRIAozXsIL9H-mHgFVdVCwcUob5h8BDGS5vglmpa1pCTsr--JGzzEPp_9GN0oqkevoR_fSw== Show response fundingchoicesmessages.google.com/f/	400 KB 62 KB	142ms 142ms	Script application/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXrVXLEyVPeKe_E2u5GCWr1_15CVRqnK5uL1dI8UyKmwlXV7q5KFevak3e4UNKfEVxLRIAozXsIL9H-mHgFVdVCwcUob5h8BDGS5vglmpa1pCTsr--JGzzEPp_9GN0oqkevoR_fSw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NzEyMDU5LDkwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hci5sdWNreW1vZGFway5jb20vamJzLXJoLWNvbS12b2MtbW9kL2JyLmNvbS5qYnMucmguY29tdm9jZS9kb3dubG9hZGluZy5odG1sIixudWxsLFtbOCwiZkczaFdaMTUwWVEiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMw_QTUOn2bGdjvZzMIS4vT689phAQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 029ff9235773ee3fadc5ffd6a1ab4ea876c5060b1576e7fb2f1ccba1c45ac024 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zg5gHWaGbFDHhOsW7GYlWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:41:00 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zg5gHWaGbFDHhOsW7GYlWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7NfZP0PxELcHHse9G1iE1iwuYlbSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA1NBYz8AovsAAADAtQok" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	109 KB 6 KB	141ms 55ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fG3hWZ150YQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyo6yJ_-XR4VdSakhBxpSXngys73Q/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 14 May 2024 18:41:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 14 May 2024 18:41:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 14 May 2024 18:41:00 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	140ms 52ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Origin https://ar.luckymodapk.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 10 May 2024 22:45:56 GMT x-content-type-options nosniff age 330904 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 May 2025 22:45:56 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v142/	125 KB 126 KB	200ms 112ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: ar.luckymodapk.com URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Origin https://ar.luckymodapk.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 19:45:43 GMT x-content-type-options nosniff age 82517 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Mon, 08 Apr 2024 19:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 13 May 2025 19:45:43 GMT
POST H3	204	AGSKWxUc-onFMSN0HwoftSKh21ZFDwuwXcu9THWSC0nEGKGOyhSNx0-CFSZ4xXkMkElrODbxQMDqhTX1SwscyZymyUZinibw-UmQKGWIH1NhftadBXCPUJPrX7wAozT86jn5U94UGyIZEA== Show response fundingchoicesmessages.google.com/el/	0 29 B	142ms 62ms	XHR text/html	142.250.181.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUc-onFMSN0HwoftSKh21ZFDwuwXcu9THWSC0nEGKGOyhSNx0-CFSZ4xXkMkElrODbxQMDqhTX1SwscyZymyUZinibw-UmQKGWIH1NhftadBXCPUJPrX7wAozT86jn5U94UGyIZEA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMw_QTUOn2bGdjvZzMIS4vT689phAQ/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a8ipFli5JPywvorPQmzJww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 14 May 2024 18:41:00 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a8ipFli5JPywvorPQmzJww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0JBicEqfwRoAxELcHHse9G1iE-g4PbtAySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYmBoa6xmYxxcYAACM6iIY" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://ar.luckymodapk.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUc-onFMSN0HwoftSKh21ZFDwuwXcu9THWSC0nEGKGOyhSNx0-CFSZ4xXkMkElrODbxQMDqhTX1SwscyZymyUZinibw-UmQKGWIH1NhftadBXCPUJPrX7wAozT86jn5U94UGyIZEA== Show response fundingchoicesmessages.google.com/el/	0 29 B	141ms 62ms	XHR text/html	142.250.181.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUc-onFMSN0HwoftSKh21ZFDwuwXcu9THWSC0nEGKGOyhSNx0-CFSZ4xXkMkElrODbxQMDqhTX1SwscyZymyUZinibw-UmQKGWIH1NhftadBXCPUJPrX7wAozT86jn5U94UGyIZEA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMw_QTUOn2bGdjvZzMIS4vT689phAQ/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iDs-kogpe0fgiool5efaqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 14 May 2024 18:41:00 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iDs-kogpe0fgiool5efaqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoAxELcHHse9G1iE3hxZVe-kktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU01jMwjy8wAAC0ySKi" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://ar.luckymodapk.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	47ms 46ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GK870P74CF&gtm=45je45d0v896044092za200&_p=1715712059498&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1168880579.1715712060&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=2&sid=1715712059&sct=1&seg=0&dl=https%3A%2F%2Far.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&dt=JBS%20RH%20com%20Voc%C3%AA%E2%80%8F%20Mod%20APK%201.4.10%20(Unlimited%20money)%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84.&en=pv%3Aar.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&_ee=1&_et=2&tfd=2243 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GK870P74CF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 14 May 2024 18:41:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ar.luckymodapk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	favicon.ico ar.luckymodapk.com/	9 KB 2 KB	130ms 129ms	Other image/x-icon	172.67.140.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ar.luckymodapk.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f27349e9c0c38fbcb308bea70384288998e4e12ed17fc8147c64099e78832f1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 18:41:00 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 29 Apr 2024 06:38:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"662f406e-25be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwnVND%2FxoJkDMDhvWYWVUBKNq93OI0Bh3lezp1FnLOakFmU2NduZHGo%2B7z%2FUQxg22rSG%2Fk74kHArrE0NiEIhVBYZfXAeHZSKSr2orlNhNlRkmkkkDc9sYwo%2FYvuizMzRFmp9kQU%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 883d0519aa549b94-FRA alt-svc h3=":443"; ma=86400

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| _0x2a4a function| _0x1c31 object| googletag function| downloadhm function| $ function| jQuery string| link_url function| gtag number| ga_load_time_done string| sub object| parts function| ga_load_time object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing string| apk_id function| downloadHmApk string| host object| pattern5 object| result5 string| domain1 string| domain3 string| is_vote object| cat string| device_type object| md object| androidos undefined| sss undefined| pattern2 undefined| result2 undefined| pattern3 undefined| result3 string| cookie_key string| cookie_comment undefined| data function| timetrans function| setCookies function| getsec function| getCookies function| json_decode function| json_encode function| MobileDetect string| starNum string| domain undefined| url_id undefined| uid string| device string| os string| country function| modifyAdText string| down_collect_data string| down_collect_link undefined| success_jsonpCallback function| openhappymod object| jQuery18302989437020345269 object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzliYjgxNTkwOTNkZWNhOWxvYWRlcl9qcw== string| YzliYjgxNTkwOTNkZWNhOWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.luckymodapk.com/	1970-01-21 06:11:12	Name: _ga Value: GA1.1.1168880579.1715712060
			.luckymodapk.com/	1970-01-21 06:11:12	Name: _ga_GK870P74CF Value: GS1.1.1715712059.1.0.1715712060.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html(Line 428) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rating.downloadatoz.com/new_star.min.js?0.08717135015374877&domain=luckymodapk&hl=en&type=mod, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html(Line 428) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://rating.downloadatoz.com/new_star.min.js?0.08717135015374877&domain=luckymodapk&hl=en&type=mod, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.