URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Submission: On May 14 via manual from US — Scanned from US

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 48 HTTP transactions. The main IP is 104.21.38.229, located in and belongs to CLOUDFLARENET, US. The main domain is ar.luckymodapk.com.
TLS certificate: Issued by GTS CA 1P5 on April 14th 2024. Valid for: 3 months.
This is the only time ar.luckymodapk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 104.21.38.229 13335 (CLOUDFLAR...)
1 104.21.38.236 13335 (CLOUDFLAR...)
1 142.251.111.97 15169 (GOOGLE)
4 142.251.167.157 15169 (GOOGLE)
11 172.253.115.139 15169 (GOOGLE)
1 104.21.235.147 13335 (CLOUDFLAR...)
1 104.21.235.148 13335 (CLOUDFLAR...)
2 172.253.62.139 15169 (GOOGLE)
1 142.251.167.132 15169 (GOOGLE)
1 104.21.40.19 13335 (CLOUDFLAR...)
7 172.253.115.119 15169 (GOOGLE)
2 172.253.63.155 15169 (GOOGLE)
2 172.253.62.132 15169 (GOOGLE)
1 64.233.180.106 15169 (GOOGLE)
48 15
Apex Domain
Subdomains
Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
www.google.com — Cisco Umbrella Rank: 2
70 KB
12 luckymodapk.com
ar.luckymodapk.com
143 KB
7 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 544
511 KB
5 googlesyndication.com
e2cc060a75938f1e0d917ceec0825ed4.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
49 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
172 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
301 B
2 downloadatoz.com
official.downloadatoz.com
rating.downloadatoz.com
22 KB
1 dfast.app
bt-log.dfast.app
494 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
97 KB
1 pubxmedia.com
cdn.pubxmedia.com
4 KB
48 10
Domain Requested by
12 ar.luckymodapk.com ar.luckymodapk.com
11 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
7 play-lh.googleusercontent.com ar.luckymodapk.com
4 securepubads.g.doubleclick.net cdn.pubxmedia.com
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 bt-log.dfast.app ar.luckymodapk.com
1 e2cc060a75938f1e0d917ceec0825ed4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rating.downloadatoz.com ar.luckymodapk.com
1 official.downloadatoz.com ar.luckymodapk.com
1 www.googletagmanager.com ar.luckymodapk.com
1 cdn.pubxmedia.com ar.luckymodapk.com
48 14

This site contains links to these domains. Also see Links.

Domain
www.luckymodapk.com
es.luckymodapk.com
ru.luckymodapk.com
pt.luckymodapk.com
id.luckymodapk.com
Subject Issuer Validity Valid
luckymodapk.com
GTS CA 1P5
2024-04-14 -
2024-07-13
3 months crt.sh
pubxmedia.com
GTS CA 1P5
2024-04-06 -
2024-07-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
downloadatoz.com
GTS CA 1P5
2024-03-31 -
2024-06-29
3 months crt.sh
dfast.app
Cloudflare Inc ECC CA-3
2024-01-13 -
2024-12-31
a year crt.sh
edgestatic.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh

This page contains 4 frames:

Primary Page: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Frame ID: EB7618B642A2E8FC54F05FC97641D83C
Requests: 45 HTTP requests in this frame

Frame: https://e2cc060a75938f1e0d917ceec0825ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 984A905B3AFD5EFF57BDCD60EC57DF13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95F2BDAFDAFB5FFC96A8A676310FDAE7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E35AD1CB7A037582044AFB5CF2759E8B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

JBS RH com Você‏ Mod APK 1.4.10 (Unlimited money) تحميل.

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

15
IPs

2
Countries

1068 kB
Transfer

1969 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request downloading.html
ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/
32 KB
8 KB
Document
General
Full URL
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a7e4331ac5af4135ae688a4ba89c68d7252e9a2204f81709dc7ed0b62c30d2

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
883d063f8f150f63-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 18:41:48 GMT
expires
Wed, 15 May 2024 18:45:25 GMT
last-modified
Tue, 14 May 2024 18:45:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ieGrDfBsmSNVjRQWzEVRpMZKC9m06dq%2FXter1d5C1h8u4OJgHaOmYuDdK3hY%2FQ6hTIY9rJbX2u09j7WfOalyZjp3%2FdNywyn78XZOdDPvEx0EZTCGUbUW6Bff12B8rFF2z%2B2tJ8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
page_ar.css
ar.luckymodapk.com/static/css/
20 KB
6 KB
Stylesheet
General
Full URL
https://ar.luckymodapk.com/static/css/page_ar.css?1.18
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59f93a5337f6493e96015ca733c6d0197708da0274fce182a373bf29914a7d9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 08 Nov 2023 01:33:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654ae582-4f6a"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0cGpxz6fScqyj9w5nYhHXharzRKrLrrKmiN3eJQyxUmpNn7lmCJMF3jx9yj79uDu7mFNuLxRY8ToegxPZcx%2FvT0iBVnKtK2kTVvrLHFhHgfZZEyY8s4HKoyxjXSF69dnZl%2B5V0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
883d06442ded0f63-EWR
alt-svc
h3=":443"; ma=86400
script.js
cdn.pubxmedia.com/library/luckymodapk.com/
9 KB
4 KB
Script
General
Full URL
https://cdn.pubxmedia.com/library/luckymodapk.com/script.js
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c866a23578680041142cbf849d4ac9ab10922d92a1fad038b05328fdfb00ec4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 28 Apr 2024 21:45:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
47030
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4REB1ZyqbRWmYOZxuA%2FpWNaHP8tNtV%2BQPGrfyaSf2kqV0%2F5npG0XdUN9ZBLniMNjM%2BhqrFbYtSqLqNp26wCFmbaWkD16g3rG9gkzciEyf%2BDcejXWeGVh4qPCY7j5pEp9UJIXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
883d06447da918c4-EWR
alt-svc
h3=":443"; ma=86400
expires
Tue, 21 May 2024 05:37:57 GMT
dfast_desc.png
ar.luckymodapk.com/static/img/
62 KB
63 KB
Image
General
Full URL
https://ar.luckymodapk.com/static/img/dfast_desc.png
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eae3de7f7471bff8141e50492b6912eae9d0b1af24d2f24c99727645509a698

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Apr 2022 01:45:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62577cd6-f81a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iK8lombh5tdTDeiyQez4KJba3m5xrYoBdvrkOBljlIfDMJblnlEJrKYpCGR%2FIuIXfrSKoJJOYGGROaxO%2FXyQ5pkZRHDnokoX2FjdhLgfv%2FigkDd%2BzwRxyLRIjlzOWpnEIgnxnwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
883d06442dee0f63-EWR
alt-svc
h3=":443"; ma=86400
content-length
63514
logo.png
ar.luckymodapk.com/static/img/
14 KB
15 KB
Image
General
Full URL
https://ar.luckymodapk.com/static/img/logo.png
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2f502cf4abb1534ed74de3c1696c936e33c3133ea7f8f28ae8b64d16b57a2c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jun 2020 08:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5eda070c-3998"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8prCFtKRgyPASoMeyEKU%2Fi3gtBqeM8f2JSyxa5r8lPvOS9Qp%2B6G7KDOMJTrb3O8j6ot3GSGOkjjEmxHUaIhLfqzfgKBAA56PJ%2BfBN0zcNf94GIbTPbL2neIa%2FZJG2tLKvZiVQdE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
883d06442df00f63-EWR
alt-svc
h3=":443"; ma=86400
content-length
14744
grey.gif
ar.luckymodapk.com/static/img/
43 B
494 B
Image
General
Full URL
https://ar.luckymodapk.com/static/img/grey.gif
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Jun 2020 08:49:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5eda0710-2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdnkUra15tUlGz6sTFEj1bTSe46BA8K3%2FO37yZjZSknX3Cwd3ju%2Fxun5QdUO%2FenXhbQOpsCCCWnmO6Q3gWDBboOavX%2BUVVWLSgOFCFzCmr9JqRbJGO5jR6gW6Dbm3woKHJi3DuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
883d064699b50f63-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
jquery-1.11.0.js
ar.luckymodapk.com/static/js/
91 KB
34 KB
Script
General
Full URL
https://ar.luckymodapk.com/static/js/jquery-1.11.0.js
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4324b38b9ec698fc427b815572e3aab9751db1df02d4dbe0a682e753aeeda897

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 10 Mar 2020 09:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e676445-16dc5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KECbhA9egjk4qRfkGqxsllir00XTB3nVY81Px5KbWxuqsjj%2FjeVN52UUcIQRuvlxcrm6AVo%2FUlYEcTWXHCQAfRl8iLa8QMEDQMWiUhyK2q9vb%2BW4ykwsyslHQLyyeorfvrwr%2FFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
883d064699b80f63-EWR
alt-svc
h3=":443"; ma=86400
lazyload.js
ar.luckymodapk.com/static/js/
4 KB
2 KB
Script
General
Full URL
https://ar.luckymodapk.com/static/js/lazyload.js
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d375b81cfccd24a85a39a3de8f2bf580868fcc77dae0416505eb37c1a1b23afe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 10 Mar 2020 09:56:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e676447-1083"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hqt2m%2BWLjqvAY%2FDt11Ddwmd%2F9HzI%2FLPdiyFBLfCZ%2BWVDXxGN2Aw95GPbYN7FkuZumeVqZHcfzC2KKEIp2e9ZSdiYUFfnvMc6XvDiQCEt05QfrRlMjetkjwsM9syU0QsxO3nTGhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
883d064699bd0f63-EWR
alt-svc
h3=":443"; ma=86400
future.js
ar.luckymodapk.com/static/js/
692 B
741 B
Script
General
Full URL
https://ar.luckymodapk.com/static/js/future.js
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4025822ba42e7165cd8397daed918f5a4400cc0f2d7f803c7957ffb69d3d5814

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 10 Mar 2020 09:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e676444-2b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NTKp9x6Au3bKRHtrDxTqlA2DG0u6I2m4G43xmUGaMampb%2BsgjvhM8DadM3QWN%2BOU2ZiQzHqz6LiOL6NK3X7jIUD5wW4rYx%2FAqBrvrRFLy6GoP2lee48aCZ41HUc81l2jike1eM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
883d064699c00f63-EWR
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
288 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GK870P74CF
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
38241bacb54d96f9c5abcccad4eb5c9568423b491a9d82b65ea4a530e8511a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99078
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 18:41:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
94 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.pubxmedia.com
URL: https://cdn.pubxmedia.com/library/luckymodapk.com/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
ef66f483197bdce046c4faed60427ea332cfab21f27e9c1fa3b4822cf61e46ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30066
x-xss-protection
0
server
cafe
etag
381 / 19857 / m202405090101 / config-hash: 658225500208705146
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 May 2024 18:41:48 GMT
icon-search.png
ar.luckymodapk.com/static/img/
453 B
910 B
Image
General
Full URL
https://ar.luckymodapk.com/static/img/icon-search.png
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/static/css/page_ar.css?1.18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cb261f14f0addb83cb1bad57928f2211bf711b88775cb2891b5f7a0c0117d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/static/css/page_ar.css?1.18
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 05 Jun 2020 08:49:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5eda0715-1c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FE%2B0W%2F8KqxQSrWA4E7PjnXWqzBWemlUwwAwzJEG7oWqMi86UgU06N%2Ff1ycRtaI1OdVaTmDN2WSTRm%2FszkUgWZHv4OJKei4ygsB0uberl8Qru6Q60w0SF04HfcNuEFoEPjXpfFSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
883d0646a9c50f63-EWR
alt-svc
h3=":443"; ma=86400
content-length
453
dfast_download2.png
ar.luckymodapk.com/static/img/
6 KB
6 KB
Image
General
Full URL
https://ar.luckymodapk.com/static/img/dfast_download2.png
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/static/css/page_ar.css?1.18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f147b29d88e289a5b7450cc32895b0358ce73c844b1a84b18c9cf5fb9b1565c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/static/css/page_ar.css?1.18
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Apr 2022 01:45:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62577cd4-1696"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzD2cuFQo0V%2FV5918yup40jjNlbaqYss0C5H5DV1wxFx%2BvwXBSUjKCqhDaOJRUJAf18z%2BfenGQAQpVt7qGCdbyPc1VUpffwEN7yKUWtj%2BdBXWoRURZaBcisLMLwlBqxXfaiHMtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
883d0646a9c70f63-EWR
alt-svc
h3=":443"; ma=86400
content-length
5782
dfast_download1.png
ar.luckymodapk.com/static/img/
4 KB
5 KB
Image
General
Full URL
https://ar.luckymodapk.com/static/img/dfast_download1.png
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/static/css/page_ar.css?1.18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1923a996d5e5bc4a5ef958d1dbf7c29a4575aac784c83f175f8ad4973f44be

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/static/css/page_ar.css?1.18
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Apr 2022 01:45:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62577cd5-10e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5FB8Go6gYs5W%2BRJt9roSzHUpvx5x1rUYtrJQiRmkdLf2FIZse6DKntDeOoAwRGnP64nafp9TWv3iT8703%2FwQ1rI559l3spO%2Bo5ULi31nXdUCxP3HYbSBvil1kzozTIBNzHODyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
883d0646a9cc0f63-EWR
alt-svc
h3=":443"; ma=86400
content-length
4324
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/
454 KB
142 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
17357
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145002
x-xss-protection
0
server
cafe
etag
8410536799634492291
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 14 May 2025 13:52:31 GMT
22387492205
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/22387492205?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
2296d29b5574530841a2a952e9684d5edb4c4478f9def7d20e61c705ee8f5aaf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ktS3UYUrq-nAhKhjXHom7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ktS3UYUrq-nAhKhjXHom7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7NfZP0PxEI8HG8e9G1iEzjQu-8ks5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgamhsZ6BUXyBAQCYNkOn"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
hm_apk_channel_down.js
official.downloadatoz.com/
2 KB
1 KB
Script
General
Full URL
https://official.downloadatoz.com/hm_apk_channel_down.js?0.2897010314737205
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/static/js/jquery-1.11.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3be77179358bf589f83ce244b5ffa48b5530b7d2f0728abad4d9951ba769fdf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Apr 2024 08:11:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6613a6ad-901"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIpWpAH%2BL7xZDa1TG58MaFKEok4np7BHmogHcsKdzgFq4nxLwfh5aOWkQDtO4yPqB2r2WK%2FYKwkq9vlPZt%2B3t3EfNEygndyg5H%2FZ6Sbxs0gTZeK%2FXdFoAQCQmykZt43oK4pcefpJQi9ywPa8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=864000
cf-ray
883d06497fd642a5-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 May 2024 18:39:15 GMT
new_star.min.js
rating.downloadatoz.com/
50 KB
20 KB
Script
General
Full URL
https://rating.downloadatoz.com/new_star.min.js?0.5528404579408492&domain=luckymodapk&hl=en&type=mod
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a828eebc41fea387689327e4f772e8309f1c672b5f4ff46d8d106abda8c975bf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 18:41:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FYvnJdY5cR9NfV1BHb51M61ULSzBgTtUudc3wAap1bDF%2BgY4C7%2FqozhMTTst7P8ZB4d8hafqkBnkeRgbl8LWyar7CswaIkVJwEnMa4HvXLlmvzJdMYaTvnkpmdrvtaxvC9SdoHFhQkndsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cache-control
max-age=14400
cf-ray
883d0649a8044263-EWR
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GK870P74CF&gtm=45je45d0v896044092za200&_p=1715712108979&gcd=13l3l3l3l1&npa=0&dma=0&cid=1196795255.1715712109&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715712109&sct=1&seg=0&dl=https%3A%2F%2Far.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&dt=JBS%20RH%20com%20Voc%C3%AA%E2%80%8F%20Mod%20APK%201.4.10%20(Unlimited%20money)%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1701
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GK870P74CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 18:41:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ar.luckymodapk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Fu3YvfTgDbDpGysCfwxfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Fu3YvfTgDbDpGysCfwxfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoExELcHG8f9G1iE9gx9b-rkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU01jMwjy8wAACwaCKL"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ar.luckymodapk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVcrSYiiv5disVFRAQ-Yy9aCD8mTBj-QFVWZ7QlD0KdSOPZPISQlZKOJs5ZWqjoQQ6IHru3gI5tP19N14le5LoxxjKFUSe7YQUvgKfkEf977ablw58zhm7oOogZ9WeXMDDpa6CfHw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcrSYiiv5disVFRAQ-Yy9aCD8mTBj-QFVWZ7QlD0KdSOPZPISQlZKOJs5ZWqjoQQ6IHru3gI5tP19N14le5LoxxjKFUSe7YQUvgKfkEf977ablw58zhm7oOogZ9WeXMDDpa6CfHw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NzEyMTA5LDEwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hci5sdWNreW1vZGFway5jb20vamJzLXJoLWNvbS12b2MtbW9kL2JyLmNvbS5qYnMucmguY29tdm9jZS9kb3dubG9hZGluZy5odG1sIixudWxsLFtbOCwiZkczaFdaMTUwWVEiXSxbOSwiZW4tVVMiXSxbMjAsIltudWxsLG51bGwsWzk1MzI5ODQyXSxudWxsLDRdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
fec9f54ddcd7d846825b7c9062a45067d834af28beeb006e41c2dcc82370afa1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fM3Qt4mq-N35x9kfY46-Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-fM3Qt4mq-N35x9kfY46-Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1ZBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7NfZP0PxOWOF1nrgViIm-Ptg75NbAIHXi91UtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDU01jMwii8wAACRZEaM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
945 B
516 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=585753086633245&correlator=2429744019679436&eid=31083430%2C44777897&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&gdpr=0&iu_parts=22387492205%3A22869266701%2Cluckymodapk.com.Banner0.1714339062&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C300x600%7C320x280%7C336x280%7C360x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1715712109118&lmt=1715712325&adxs=911&adys=146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Far.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&vis=1&psz=929x0&msz=300x0&fws=4&ohw=1600&ga_vid=1196795255.1715712109&ga_sid=1715712109&ga_hid=828030558&ga_fc=true&dlt=1715712108178&idt=663&adks=2572748113&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
acc599aa5689633fd84046e118567c657b7f2f8d9d8f66b3c46873450367d170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
485
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ar.luckymodapk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
784 B
375 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=585753086633245&correlator=2429744019679436&eid=31083430%2C44777897&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&gdpr=0&iu_parts=22387492205%3A22869266701%2Cluckymodapk.com.Banner0.1714339624&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x100%7C320x50%7C320x100%7C970x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1715712109127&lmt=1715712325&adxs=1300&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Far.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=1196795255.1715712109&ga_sid=1715712109&ga_hid=828030558&ga_fc=true&dlt=1715712108178&idt=663&adks=1379637181&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
41bbac32035ab31da78b2a3e304e8e2b66f5918277f8b670393cd7b08a0329c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ar.luckymodapk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e2cc060a75938f1e0d917ceec0825ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 984A
0
0
Document
General
Full URL
https://e2cc060a75938f1e0d917ceec0825ed4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://ar.luckymodapk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 18:41:49 GMT
expires
Wed, 14 May 2025 18:41:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWqPHyHfpTdrsCLjtoiHBDDcCz2ynyHx3-vZynl8hkPGSRUJxI-TzZAK5SP1s01pTuxePr21dVWQw9zTvKHipH5DBQL7399B2lYv2a9rG-1eysJ0OgR0HN2N2VFeZNCqxEXAuz_Iw==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWqPHyHfpTdrsCLjtoiHBDDcCz2ynyHx3-vZynl8hkPGSRUJxI-TzZAK5SP1s01pTuxePr21dVWQw9zTvKHipH5DBQL7399B2lYv2a9rG-1eysJ0OgR0HN2N2VFeZNCqxEXAuz_Iw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NzEyMTA5LDE2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYXIubHVja3ltb2RhcGsuY29tL2picy1yaC1jb20tdm9jLW1vZC9ici5jb20uamJzLnJoLmNvbXZvY2UvZG93bmxvYWRpbmcuaHRtbCIsbnVsbCxbWzgsImZHM2hXWjE1MFlRIl0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyOTg0Ml0sbnVsbCw0XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
7e2621da6196d3a2c8859122cac8272dc010f28a7e9a14c6addc9896480ea126
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MC_OFeq3YEhKlULpln1-Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-MC_OFeq3YEhKlULpln1-Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7NfZP0PxELcHG8f9G1iE7iw5m-ckkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBqaGxnoFRfIEBAGQoQ6g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
hm_hpt_download_log_web.php
bt-log.dfast.app/api/hm_to_hpt/
51 B
494 B
Script
General
Full URL
https://bt-log.dfast.app/api/hm_to_hpt/hm_hpt_download_log_web.php?callback=success_jsonpCallback&id=YTo4OntzOjM6InVpZCI7czoxODoiYXIubHVja3ltb2RhcGsuY29tIjtzOjI6ImlwIjtzOjE0OiIxODUuMTkxLjEyNC41MSI7czoxMjoiZmlsZV92ZXJzaW9uIjtzOjY6IjEuNC4xMCI7czo2OiJ1cmxfaWQiO3M6MjE6ImJyLmNvbS5qYnMucmguY29tdm9jZSI7czo5OiJmaWxlX3R5cGUiO3M6MzoiYXBwIjtzOjQ6InNpemUiO3M6NDoiOC41TSI7czo1OiJ0aXRsZSI7czoxOToiSkJTIFJIIGNvbSBWb2PDquKAjyI7czo0OiJpY29uIjtzOjExNToiaHR0cHM6Ly9wbGF5LWxoLmdvb2dsZXVzZXJjb250ZW50LmNvbS85LUxZR0lQdGJQZy1ocENiS0l3Zm1reEU4T2VBdk9LVTdfWWJ2bW1zUUN4b2FIZTNBMVB0X1I1dVZJWnY4QzJLQUNrPXcyNDAtaDQ4MCI7fQ==&device=&os=&_=1715712109616
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/static/js/jquery-1.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.40.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a36d5006be835b4dcdb305610bdb22c4cf34066b62acdc9afaeb0a1c3301eaf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWZewAXQTJToRr8Suk4RZ1Oa5fMumucxHDlhB6%2FOdzYcIgpcYW4JAjCkamGCVZQZKH8zYRp94QrKLrHIXP5B3UFm3Cejkea1KilH%2F7uECLyVRBltEC1H0DExYRnMtS6tdY%2Ff"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
883d064d9ac17c99-EWR
alt-svc
h3=":443"; ma=86400
x_uC8tvqqcQftUG9h6S6g4-HWnVTFFKebKNq6Y_2ER_82LCaK4tKAJUlKe9_9LvyTco=w240-h480
play-lh.googleusercontent.com/
121 KB
121 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/x_uC8tvqqcQftUG9h6S6g4-HWnVTFFKebKNq6Y_2ER_82LCaK4tKAJUlKe9_9LvyTco=w240-h480
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
fife /
Resource Hash
4158ad049514ecae3c9ef0df3ae50e46d788d191803e1a2910ae54e25342d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123513
x-xss-protection
0
expires
Wed, 15 May 2024 18:41:49 GMT
rrL2OEhUlEyb3TbZ4QqaamMr0RUcZxI4DrsWClDdq49pzmpVde8nGa9lrNZFTlL9TaI=s180
play-lh.googleusercontent.com/
51 KB
51 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/rrL2OEhUlEyb3TbZ4QqaamMr0RUcZxI4DrsWClDdq49pzmpVde8nGa9lrNZFTlL9TaI=s180
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
fife /
Resource Hash
fbe436a59423bb704e7e2e73b9a0d706ac3b33a6ad143bb53f780676238cc16f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52319
x-xss-protection
0
expires
Wed, 15 May 2024 18:41:49 GMT
HzNMR2sG_sCO0k34OAovYXGjJNK-FxfPacRmA-k3981W3Ui8_KEaQC3_aK3u1N-YC2A=w240-h480
play-lh.googleusercontent.com/
104 KB
104 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/HzNMR2sG_sCO0k34OAovYXGjJNK-FxfPacRmA-k3981W3Ui8_KEaQC3_aK3u1N-YC2A=w240-h480
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
fife /
Resource Hash
b1ac9de965723b16b888222a862f210a9f0b70917e36486c759398fb16f4a387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106193
x-xss-protection
0
expires
Wed, 15 May 2024 18:41:49 GMT
f141klC-dR_0_QBPpkEkyLAHrwCel0djagBcrV5S54n1OZEjXg2rk1zJSYwBFScegJTe=s180
play-lh.googleusercontent.com/
23 KB
23 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/f141klC-dR_0_QBPpkEkyLAHrwCel0djagBcrV5S54n1OZEjXg2rk1zJSYwBFScegJTe=s180
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
fife /
Resource Hash
ce3ce1c8b1933148d747f518096ea46d5d9835d87c8fa06ec2cd0c00e9a280e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23683
x-xss-protection
0
expires
Wed, 15 May 2024 18:41:49 GMT
eU-U4JmpY4OHkf_vPpDMisz-FWIbUuXJCKDp5xPTFwPynvIeFQXYp05Pgx0rtOoJix0=w240-h480
play-lh.googleusercontent.com/
112 KB
112 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/eU-U4JmpY4OHkf_vPpDMisz-FWIbUuXJCKDp5xPTFwPynvIeFQXYp05Pgx0rtOoJix0=w240-h480
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
fife /
Resource Hash
a58496bd7418f8d58453641423597891a346ecf78623ba387635a934c4fab708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114654
x-xss-protection
0
expires
Wed, 15 May 2024 18:41:49 GMT
F59CBX2KHebZh9Imk4G7n0XngT27vpU9jyHRTT-Xy4EJpgmsgehlfsylRZ7EPSS6IE8=w240-h480
play-lh.googleusercontent.com/
21 KB
21 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/F59CBX2KHebZh9Imk4G7n0XngT27vpU9jyHRTT-Xy4EJpgmsgehlfsylRZ7EPSS6IE8=w240-h480
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
fife /
Resource Hash
c1ea5c7c0a36e1f274b8b0431ea6e176209316e90954cb86941a23407e151d52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21350
x-xss-protection
0
expires
Wed, 15 May 2024 18:41:49 GMT
XjzlLdB7V4uYKBk-_NSKwv6DSfBKpZb3tmCFX2k2oBjAEV_-o-W3HqkQ6vjHIRL4PnMH=s180
play-lh.googleusercontent.com/
79 KB
79 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/XjzlLdB7V4uYKBk-_NSKwv6DSfBKpZb3tmCFX2k2oBjAEV_-o-W3HqkQ6vjHIRL4PnMH=s180
Requested by
Host: ar.luckymodapk.com
URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
fife /
Resource Hash
8af42b1a7330ce1c22a7af2da285552121f25e3f9ef77e785b5aaa23733769b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80654
x-xss-protection
0
expires
Wed, 15 May 2024 18:41:49 GMT
subAd._tagadvertising.
fundingchoicesmessages.google.com/f/AGSKWxVMOSY4N_-_PShWTC_pM1JwawjZcf9Tb4ZzMTHDxExhLRsdLzwp1INnvXVWouhH_WekWWwpnZXlO6-T3ijO43x7YgClPLPEl02dvOOEosAWQSfLbBi7so51bqEjSmrlczfj-VMbB5qkDkjm_JWcE_Qi8uyqX...
54 B
110 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVMOSY4N_-_PShWTC_pM1JwawjZcf9Tb4ZzMTHDxExhLRsdLzwp1INnvXVWouhH_WekWWwpnZXlO6-T3ijO43x7YgClPLPEl02dvOOEosAWQSfLbBi7so51bqEjSmrlczfj-VMbB5qkDkjm_JWcE_Qi8uyqXEfPqDZEtXfftRZ7EKU_q7shIPM_CEDn/_/sponsor-links./adometry./box_ad_/subAd._tagadvertising.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzZzRiEC_9ANqcycQujqiC6-A2jpQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
7eae3fec01a1b1c7ff31c23397ad7243ed70e3cf550cbcadba7513fa2b103be7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vbrDsABV4_KAyr02pF7Bgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-vbrDsABV4_KAyr02pF7Bgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0pBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7FfZP0HxEI8HG8f9G1iE1gws30-s5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgamhsZ6BUXyBAQCASEMs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/
85 KB
30 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzZzRiEC_9ANqcycQujqiC6-A2jpQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
87ef4be5f593f23f6a2c064185251923d9bc397cdfcb9eab38c0b4429d125bc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30705
x-xss-protection
0
server
cafe
etag
11611672620318507410
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 14 May 2024 19:39:31 GMT
AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5P1NZxgkc4jBFyDPaZYOVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5P1NZxgkc4jBFyDPaZYOVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1ZBicEqfwRoExEI8HG8f9G1iE9gwef1sZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKxnYB5fYAAAtnEigw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ar.luckymodapk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dOBObgQOETae7rTHvs4IxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-dOBObgQOETae7rTHvs4IxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw05BicEqfwRoExEI8HG8f9G1iE-i4eXMrs5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1NNYzMI8vMAAA1Z8i7g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ar.luckymodapk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XBPFxiGq37ip4uwLL55mfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-XBPFxiGq37ip4uwLL55mfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoExEI8HG8f9G1iE-hY8_Mms5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1NNYzMI8vMAAA2l0jAQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ar.luckymodapk.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXuaR9I4dAhHTYAIAUMtpWsLTHVux8uLOxLja32OtGx7JVpWFfe8JowIrYS1drJxW1mZwAnlvS2_JGgPptP9QyBnCz8ydBhhW_kvW9Fm13ZQzxHqIwGlztuhKWgFK0HNknPAnDNQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cNV51Bqx4ZZiyeSgTcmrWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 May 2024 18:41:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cNV51Bqx4ZZiyeSgTcmrWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoExEI8HG8f9G1iE9jx5N4tZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKxnYB5fYAAA7pIjSA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ar.luckymodapk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUglw9o0OeFZpFYmO4lH4Mk4tumK9pdOxe8iPhYpHFPSf3430salJa9aML-c6fip-P8mVxcyrXh52L3cvnyS2zW1omayfLeJf12Ds_xaakuyfFFP3veh__gzpCeln6Pn4RxJ3Ovgw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUglw9o0OeFZpFYmO4lH4Mk4tumK9pdOxe8iPhYpHFPSf3430salJa9aML-c6fip-P8mVxcyrXh52L3cvnyS2zW1omayfLeJf12Ds_xaakuyfFFP3veh__gzpCeln6Pn4RxJ3Ovgw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NzEyMTA5LDk3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hci5sdWNreW1vZGFway5jb20vamJzLXJoLWNvbS12b2MtbW9kL2JyLmNvbS5qYnMucmguY29tdm9jZS9kb3dubG9hZGluZy5odG1sIixudWxsLFtbOCwiZkczaFdaMTUwWVEiXSxbOSwiZW4tVVMiXSxbMjAsIltudWxsLG51bGwsWzk1MzI5ODQyXSxudWxsLDRdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
1888c0858cb945be3f5f8ad366464eb7b27962a03f2cff1942dcd5069f1320b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HbHV-tssq92959_6kpdHew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-HbHV-tssq92959_6kpdHew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQ71x8gfUgEK86coF1ExC3f77AOhWIv7NfZP0PxELcHO8e9G1iE3hx-je7kkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBqaGxnoFRfIEBAGD7Q4o"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWr1VWYWoXzoR-FaKTWhIWJXzL9OHP7w_LLncm0eOjDj3eMQ-wrZtEGVfMmM9YeB4ws-BOPJxR-_ixyDQFrHhIq6TN-Oidt4ODunKxbdTYRLKjtWTKgRpcdNrQji9BnpZKozYep-g==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWr1VWYWoXzoR-FaKTWhIWJXzL9OHP7w_LLncm0eOjDj3eMQ-wrZtEGVfMmM9YeB4ws-BOPJxR-_ixyDQFrHhIq6TN-Oidt4ODunKxbdTYRLKjtWTKgRpcdNrQji9BnpZKozYep-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fG3hWZ150YQ.es5.O/am=BgM/d=1/rs=AJlcJMxd-msHIaFAXidkwhNBfBWxoC2SKg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ckeK6ZZtYhnIZ4gXrR0Udw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 May 2024 18:41:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ckeK6ZZtYhnIZ4gXrR0Udw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1JBicEqfwRoExELcHO8e9G1iE3gwY6OikktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDU01jMwjy8wAACbuyJB"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ar.luckymodapk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GK870P74CF&gtm=45je45d0v896044092za200&_p=1715712108979&gcd=13l3l3l3l1&npa=0&dma=0&cid=1196795255.1715712109&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=2&sid=1715712109&sct=1&seg=0&dl=https%3A%2F%2Far.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&dt=JBS%20RH%20com%20Voc%C3%AA%E2%80%8F%20Mod%20APK%201.4.10%20(Unlimited%20money)%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84.&en=pv%3Aar.luckymodapk.com%2Fjbs-rh-com-voc-mod%2Fbr.com.jbs.rh.comvoce%2Fdownloading.html&_ee=1&_et=3&tfd=2775
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GK870P74CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 18:41:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ar.luckymodapk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
340a3e8477c2c81c0341c4db63327ce010dd48b0bf8582e99bb711282f026bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12624
x-xss-protection
0
favicon.ico
ar.luckymodapk.com/
9 KB
2 KB
Other
General
Full URL
https://ar.luckymodapk.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f27349e9c0c38fbcb308bea70384288998e4e12ed17fc8147c64099e78832f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 29 Apr 2024 06:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"662f406e-25be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y86bxy3TzqtU9OHnq1hMZ23%2BPP3dnDNP8jIQA2DDvPY%2BU1HANZM3Z4y7OMZRrenJdt8AEDwBABXB62JBWUfjmQ3HHjSiw%2FPSSXbVqZsamMs34rtvcloLi9xbN2L3v0R6vN4xuIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
883d06502f4d0f63-EWR
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ar.luckymodapk.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 18:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 May 2024 18:41:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95F2
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://ar.luckymodapk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
298478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 May 2024 07:47:12 GMT
expires
Sun, 11 May 2025 07:47:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E35A
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BX0jx7uusAxPptZQYvmo1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://ar.luckymodapk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BX0jx7uusAxPptZQYvmo1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 18:41:50 GMT
expires
Tue, 14 May 2024 18:41:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405090101&jk=585753086633245&bg=!cnGlcT7NAAbZcyKb-XM7ADQBe5WfOC7nD0jUD9SB-2fBZ5kZBXLu814idmDpv6d5ndlPIKrzCbAJv9WQl2yRHcRTs3acAgAAAD5SAAAAAmgBB34ANnI-vCWL9gZGbWk-QRczRXQ0LOl_TweXPSSCnrdkooCl7zxKllnVyuJ5AMtCpQPDEfC5Z44xDJkCnU5_sfM9xl8XTN89EQtNoTygWLMRnmWuHud7lQrgmFiAQGgC7seWj1KSH8TwqrvTKvxymWCpntaCASvIlQWohmwosuHudEUnewK9FdOD4eWln6ZpOyS21imtLZH0gdnyn3DhAe480_mRBvDuJpoxrV9IuVstP50KEchQ4tY87gX5dRia26pyDs1hfO02LbHMve8Ast_lIhj89z-4PDMW7QSMGVEs6d1oV81SvCqlDHFZqOHkrFj0ZBP60EHjk-ZPHicWWzyojDO_e3yT8vpGlDNbZPNM0jmrSOc5bSDfIjjgedtOXbfjI8R7s3XIxIhTR6TA1pr6taRub0ijtthrU_pmg1f5FL_guc36Wp8DGKVh4Z1_tMgS_Ol7g5DHziP30WGO2pHdyfagLae28hujEAGGTiKIJOgVuiesywk0u9TQU8Tenls2VFRsAdMxYmFGvuLzcrv8hjQWBKlnPIspUd2npzF_D8SsaycVF-sxucSCBH3WWv1KXbOwP2EGjSJZ1Xs6pPoUoLpgva57zkK5E_SJjMxOUKqpQaNNIw11eaWCyRNWfnN_UXcI05y-Q4twUrHw8nfCvehsI0yyO6b2bVgcpt5H8s-U0ndptoOc2L3fbnWkN5ozivbL8PV-_x1mYw7f1VF557S_7n2sRLGlZJU_KZBCgemmu9bQmT0mUA0vQSBB1qko-CfU2xhlXeKxyE2y3B4mN9nYthagh3Y2ByI5FV6Q5DfIMb4yV9-SenXIpqEkYCuEkbCjM-vGrlDolQ601FJvtRctUlbOx8pGPKCeLG48ljGpN7teCfMHO1ngHg_8_gr-6EYeCBpi4pQfOVdybKs4Ud7Wnmu_3cANhpaqy8TX_TA8Um7qg-pFTMpIdPIH898zMSC_OZgXqw

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| _0x2a4a function| _0x1c31 object| googletag function| downloadhm object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing function| $ function| jQuery string| link_url function| gtag number| ga_load_time_done string| sub object| parts function| ga_load_time object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzliYjgxNTkwOTNkZWNhOWxvYWRlcl9qcw== string| YzliYjgxNTkwOTNkZWNhOWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| google_unique_id string| apk_id function| downloadHmApk string| host object| pattern5 object| result5 string| domain1 string| domain3 string| is_vote object| cat string| device_type object| md object| androidos undefined| sss undefined| pattern2 undefined| result2 undefined| pattern3 undefined| result3 string| cookie_key string| cookie_comment undefined| data function| timetrans function| setCookies function| getsec function| getCookies function| json_decode function| json_encode function| MobileDetect string| starNum string| domain undefined| url_id undefined| uid string| device string| os string| country function| modifyAdText string| down_collect_data string| down_collect_link undefined| success_jsonpCallback function| openhappymod object| jQuery183005080672834268074 boolean| 4073807d-6c95-4efd-bb4d-f0addb92fc2f number| __google_lidar_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.luckymodapk.com/ Name: _ga
Value: GA1.1.1196795255.1715712109
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.luckymodapk.com/ Name: __gads
Value: ID=4301bd15d8d06b54:T=1715712109:RT=1715712109:S=ALNI_MZcMjTCFY6JFbQdyj0QbnxZwPqjYg
.luckymodapk.com/ Name: __gpi
Value: UID=00000e17f538ab86:T=1715712109:RT=1715712109:S=ALNI_MbOW0HzMeep7G2NNm-egxriqm-zCg
.luckymodapk.com/ Name: __eoi
Value: ID=7808e450b28b7f23:T=1715712109:RT=1715712109:S=AA-AfjYBh5RFCmkMf3A4DhWOgHla
.luckymodapk.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9RVN8uDF5pkE7NsNVW419S_A4Pw1ejfJZ9JYaUGoLHzx7P9r3b9T9KMPCylYyBRLb9HvGz5cAmad0eYi4JvW3Dqe0Z_HQVL-0ht_zs-LKxrOkwGzUeEcZe8ZMwcDL-F-flKZFfGE7X8RfqSuvoBZpwmZfx2A%3D%3D%22%5D%5D
.luckymodapk.com/ Name: _ga_GK870P74CF
Value: GS1.1.1715712109.1.0.1715712110.0.0.0

4 Console Messages

Source Level URL
Text
javascript warning URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html(Line 428)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://rating.downloadatoz.com/new_star.min.js?0.5528404579408492&domain=luckymodapk&hl=en&type=mod, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html(Line 428)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://rating.downloadatoz.com/new_star.min.js?0.5528404579408492&domain=luckymodapk&hl=en&type=mod, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ar.luckymodapk.com/jbs-rh-com-voc-mod/br.com.jbs.rh.comvoce/downloading.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ar.luckymodapk.com
bt-log.dfast.app
cdn.pubxmedia.com
e2cc060a75938f1e0d917ceec0825ed4.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
official.downloadatoz.com
pagead2.googlesyndication.com
play-lh.googleusercontent.com
rating.downloadatoz.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.21.235.147
104.21.235.148
104.21.38.229
104.21.38.236
104.21.40.19
142.251.111.97
142.251.167.132
142.251.167.157
172.253.115.119
172.253.115.139
172.253.62.132
172.253.62.139
172.253.63.155
64.233.180.106
0c866a23578680041142cbf849d4ac9ab10922d92a1fad038b05328fdfb00ec4
14cb261f14f0addb83cb1bad57928f2211bf711b88775cb2891b5f7a0c0117d1
1888c0858cb945be3f5f8ad366464eb7b27962a03f2cff1942dcd5069f1320b3
1eae3de7f7471bff8141e50492b6912eae9d0b1af24d2f24c99727645509a698
2296d29b5574530841a2a952e9684d5edb4c4478f9def7d20e61c705ee8f5aaf
2a36d5006be835b4dcdb305610bdb22c4cf34066b62acdc9afaeb0a1c3301eaf
340a3e8477c2c81c0341c4db63327ce010dd48b0bf8582e99bb711282f026bec
38241bacb54d96f9c5abcccad4eb5c9568423b491a9d82b65ea4a530e8511a13
3d1923a996d5e5bc4a5ef958d1dbf7c29a4575aac784c83f175f8ad4973f44be
4025822ba42e7165cd8397daed918f5a4400cc0f2d7f803c7957ffb69d3d5814
4158ad049514ecae3c9ef0df3ae50e46d788d191803e1a2910ae54e25342d4cf
41bbac32035ab31da78b2a3e304e8e2b66f5918277f8b670393cd7b08a0329c6
4324b38b9ec698fc427b815572e3aab9751db1df02d4dbe0a682e753aeeda897
5f27349e9c0c38fbcb308bea70384288998e4e12ed17fc8147c64099e78832f1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7e2621da6196d3a2c8859122cac8272dc010f28a7e9a14c6addc9896480ea126
7eae3fec01a1b1c7ff31c23397ad7243ed70e3cf550cbcadba7513fa2b103be7
87ef4be5f593f23f6a2c064185251923d9bc397cdfcb9eab38c0b4429d125bc7
8af42b1a7330ce1c22a7af2da285552121f25e3f9ef77e785b5aaa23733769b6
902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846
a58496bd7418f8d58453641423597891a346ecf78623ba387635a934c4fab708
a828eebc41fea387689327e4f772e8309f1c672b5f4ff46d8d106abda8c975bf
a9a7e4331ac5af4135ae688a4ba89c68d7252e9a2204f81709dc7ed0b62c30d2
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
acc599aa5689633fd84046e118567c657b7f2f8d9d8f66b3c46873450367d170
b1ac9de965723b16b888222a862f210a9f0b70917e36486c759398fb16f4a387
ba2f502cf4abb1534ed74de3c1696c936e33c3133ea7f8f28ae8b64d16b57a2c
c1ea5c7c0a36e1f274b8b0431ea6e176209316e90954cb86941a23407e151d52
c3be77179358bf589f83ce244b5ffa48b5530b7d2f0728abad4d9951ba769fdf
c59f93a5337f6493e96015ca733c6d0197708da0274fce182a373bf29914a7d9
ce3ce1c8b1933148d747f518096ea46d5d9835d87c8fa06ec2cd0c00e9a280e4
d375b81cfccd24a85a39a3de8f2bf580868fcc77dae0416505eb37c1a1b23afe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef66f483197bdce046c4faed60427ea332cfab21f27e9c1fa3b4822cf61e46ab
f147b29d88e289a5b7450cc32895b0358ce73c844b1a84b18c9cf5fb9b1565c2
fbe436a59423bb704e7e2e73b9a0d706ac3b33a6ad143bb53f780676238cc16f
fec9f54ddcd7d846825b7c9062a45067d834af28beeb006e41c2dcc82370afa1