urlscan.io logo urlscan.io
SecurityTrails logo

pk.login2urchance.tk Open in urlscan Pro
2606:4700:3034::6815:3ec  Public Scan

Go To Rescan Add Verdict Report
URL: https://pk.login2urchance.tk/
Submission: On April 20 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3034::6815:3ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is pk.login2urchance.tk.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.
This is the only time pk.login2urchance.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2606:4700:3034::6815:3ec (United States)

ASN13335 (CLOUDFLARENET, US)
pk.login2urchance.tk
29    2606:4700:3036::ac43:8592 (United States)

ASN13335 (CLOUDFLARENET, US)
static.islamway.net
media.islamway.net
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
2    2.20.142.41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-20-142-41.deploy.static.akamaitechnologies.com
api.livechatinc.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
13    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8e08ae4a52c53f87e4f18584dc9dd588.safeframe.googlesyndication.com
12    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
29 islamway.net
static.islamway.net
media.islamway.net
530 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
8e08ae4a52c53f87e4f18584dc9dd588.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
164 KB
14 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
189 KB
5 login2urchance.tk
pk.login2urchance.tk
19 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
171 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
40 KB
3 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5414
api.livechatinc.com — Cisco Umbrella Rank: 4996
29 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 3425
adservice.google.de — Cisco Umbrella Rank: 5261
939 B
83 9
Domain Requested by
28 static.islamway.net pk.login2urchance.tk
static.islamway.net
13 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
pk.login2urchance.tk
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 pk.login2urchance.tk pk.login2urchance.tk
static.islamway.net
4 www.googletagservices.com static.islamway.net
securepubads.g.doubleclick.net
4 www.google-analytics.com pk.login2urchance.tk
2 api.livechatinc.com cdn.livechatinc.com
2 www.google.com pk.login2urchance.tk
tpc.googlesyndication.com
1 8e08ae4a52c53f87e4f18584dc9dd588.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cdn.livechatinc.com pk.login2urchance.tk
1 media.islamway.net pk.login2urchance.tk
1 www.google.de pk.login2urchance.tk
1 stats.g.doubleclick.net www.google-analytics.com
83 16
Subject Issuer Validity Valid
*.login2urchance.tk
GTS CA 1P5		 2023-03-01 -
2023-05-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://pk.login2urchance.tk/
Frame ID: 0A45E7E541486F680975B654ADA2656C
Requests: 49 HTTP requests in this frame

Frame: https://pk.login2urchance.tk/eid
Frame ID: 4B9494E1775263A6FC8C0BCBB965E98B
Requests: 10 HTTP requests in this frame

Frame: https://8e08ae4a52c53f87e4f18584dc9dd588.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E184D8B3EFECFD1881251F21A35DE37
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjkLsSmtQ1_m0OdAZ2dOw5OgMfMl_eAUeR2gWKsndzMdVUjpe7rNAbTWoSzejRVZIieGWybpGsdHMdjzT0wE-gsBjrPWknlEwFnY1jwiLIOZvKipSBKHTOB7MedQKvlvuAJkG76WepVrGnpoVbZLraDP_rUgy_i4dEjw2Lmch8QqBb-LMx9rRJCX_fmlds145OPYvgjiKSmwbgWBH-hwOsb599gaGr0L_9dhSNufrWT4WMLYe-lqTUG59wRVA6NG6pHH84zljrazx-6UloUQXPObf_bqPpOJO7Pn_8W99tn7JVdVHStoVSNiqUSlxl1fkqEOgdOxmD6sNKEkm5l9-enE7j5rT2Eg&sai=AMfl-YTuPPAxylxVg5sXJUclCX1jSq2aWsAWAGxawva33cr1ycgzjaC6y4mccVJz_JFqfA1L4kcDtP6mGKMYgW1tH8WvTJJGBkCJ4afPBCAgcjXYta5-jvX_Hy_uKz61TL4BrJ0hRvSqBRi20_f5rjw&sig=Cg0ArKJSzMltoJ_uO9M-EAE&uach_m=[UACH]&adurl=
Frame ID: 4769AA1DDA4FD4E035472BF393344D22
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunmB1R_EPPS-JV6H4Zg-gJxi9775W3Ucs4I95dChRAVgAyzyi9WILgzdtgbTQTwz763b9HWCpJ2MzuDrAHva0oAhtQPUlzDHhtOSEvkznYaf9MbfXJ2dwif7GNlH-7ssXsp7GEsRLEy7ILepv378ERtacLX7R-RLdoph_79nUPglNV4SSKaiQbLTjjSSJhkJHEU2k80lgbm44uFo8U4Au7SM0Z9uqHAYRo7h5cNYk5GivHlaHRxkfHEoRNtTCrxGFIV-fWE6-jgW_jJIER8YvKOjbcDT4LFt7fL3N8tRV8nYBU9_01-S6zK3V4qraNhfYsMnh-irX0VhPg9YBNI0SmjodngHGN8g&sai=AMfl-YSeqIUZNRaFQtNvaYl7JHks4KfmUow4DS1oGKB-AMP-BmqO-tTgU4RJnrIUTMOD3xxSuHhXszs2OGehpt8vpvf2rvNmEoIlYWbwYvzoNsBOnkoAdbI9ir1P4kQSS6DOzuERa1QklSPkuVp-X-c&sig=Cg0ArKJSzF-m4qx5errKEAE&uach_m=[UACH]&adurl=
Frame ID: EB41070676F64F801D677A0FE3104ABA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOCW3erTG51SQqwvfVwOLIAbh4ebDXNJP4sxlpnlY1zSJjlgOXaqF7eFHPS_gB277_zs_IQV2in45Pbg2ZaBz_jUPdxVZrVPS-bnoOEiQRLr1Lv7iVjUPn2ZVI2QicCx9XegaBbodg8UvFxzN9-RHqOJMYxMYfxQxeRYV7EVwPmLXGAEtoGxTiohxAXf5ggNcXoWG2QUaRw8h1U5O9Q2n9oDhZvJusHhgVjWlbkedxtMRz3_8TzIMJqWM1hG9kGYdal4tohR6YHfjzO6R6ypSnHB7umZ0qbsFSVrtnkUHMayQOX_MX4Lh_V6tVNq5hMSd46GrCOHdAD88Gfefso_qt4U3-g5LgLg&sai=AMfl-YQXBWTKLh4E5VMUerP6xFhHV1SLCYX3d-VKRQiDNGOQ2SlkQPfug7Wat5Bdep7og77FFDGJRKWMwFvb-AX-fxwHmOZXG4dd-Fnbn_7mfuGzR4s_q27cXy6f7fZ7Dm7W6Pfeug7QUVogLNvGUZfK&sig=Cg0ArKJSzOvCI4rXchGrEAE&uach_m=[UACH]&adurl=
Frame ID: 274669296028B58ED1C90DDEEA7E3A86
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF1CFB3340073A5D67EC75C97DB617E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EF8C1F4C4A3866E3319177CD7BA06F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Islamway

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

99 %
HTTPS

86 %
IPv6

9
Domains

16
Subdomains

15
IPs

3
Countries

1145 kB
Transfer

2797 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pk.login2urchance.tk/ 		81 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
6336f491c00c9c7889ac281a06a2f3c304254ba59b7392c25ab919a7efc207fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7baefe83ce55994b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Apr 2023 17:09:18 GMT
expires
-1
front-end-https
on
link
<https://static.islamway.net/bundles/islamway/css/bootstrap-3.3.4.min.css>; rel="preload"; as="style",<https://static.islamway.net/assets/1.1.15/css/main_ltr.min.css>; rel="preload"; as="style",<https://static.islamway.net/bundles/islamway/js/lab-2.0.3.min.js>; rel="preload"; as="script"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu7bLTZaRgBzGumqFb453fI59yIWuPI9qC5tLxIH7fOmqBR8bp1hVQrEKJHxPjDLog%2F5jnRsSBXEA1P%2BeneWfke7Gee9VkHMO54pgnVWRpludfzY5jrwcVadazPRsBcBjYfJOtT0sVOHIqJUbsM%3D"}],"group":"cf-nel","max_age":604800}
s
HE
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-powered-by
PHP/7.0.33
bootstrap-3.3.4.min.css
static.islamway.net/bundles/islamway/css/ 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/css/bootstrap-3.3.4.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7a19173e444dc0f49ae56520f7bf6ae876e5dc3bb1230022e00dd184697c9d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 May 2018 14:44:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6781992
etag
W/"5b0d674a-1ca3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rfk77z4VfjM2fN24tkLZQMAKHf5qhVUH67F6L4q6rNn9zXH6d0T3GCIbnSqo%2FRmZIz8vzG7z1udGGN82iCXpZAZU%2BOKGUlZkAIQ%2BAvZNvfl%2FV5N8HsyU2bnS6Rn05Hd6F1L4FYtFJkRgNxGdcJeSPx7a"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=63072000
cf-ray
7baefe86ceba3686-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 31 Jan 2025 05:16:06 GMT
main_ltr.min.css
static.islamway.net/assets/1.1.15/css/ 		162 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/assets/1.1.15/css/main_ltr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf40fe23b2b76815ed13c3e0b71c73a17f70e1392bcfbb3d0d33b5e46676c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2019 20:38:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4353051
etag
W/"5cbcd4b1-2869a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZRcfICJjOcE%2BTOEoRWWlmtj1jESSDq26MqtKtJcz6VkN30Nz2h%2F7%2BKe68NMlj87WqomuDsEznBgaEYVkZf2NPMoa0KK%2BMPC%2BBkdQPyU6pr4GYh0IAHnU9eg7EKw3bjcENh0XbPeNKqUx9dqd7LVHoAA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=63072000
cf-ray
7baefe86cebd3686-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 28 Feb 2025 07:58:26 GMT
lab-2.0.3.min.js
static.islamway.net/bundles/islamway/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/js/lab-2.0.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef54cbf2d9d5e44594b1bc098bbab1062968d8a283bab94afb7ba0bf8127c537

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 29 May 2018 14:43:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5b0d672b-1576"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94ItaXk%2BIwBNQRrAdf2hjSfKdcCTLhp0uyQMghf62XdADCf8xyFN9aToTWW83V8GmAr%2FWqTsCf4%2BZhOYAHiBNiBn6m0846TwgGIOo2QiRF9SlLe0QBL0g%2F0swiOzRii2vYmAcjf19uOJe%2Bh4tfGU2b%2Bp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe86cec13686-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 19 Apr 2025 17:09:19 GMT
iw-icons-1.4.woff2
static.islamway.net/bundles/islamway/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/fonts/iw-icons-1.4.woff2
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304e742f6f5fc7966f9bfcd85111e2ef5d803908d8c8e270242fde6f3ca20f2d

Request headers

Referer
https://pk.login2urchance.tk/
Origin
https://pk.login2urchance.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15412
last-modified
Tue, 29 May 2018 14:40:42 GMT
server
cloudflare
etag
"5b0d666a-3c34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghmK59ntS%2BqJlgglQCxh7%2BRllymWj1qxanrfP2G91eJhMtlXUt6iZ%2BggVnEWBCRSruVaPR0rI0iGSIMeFwxTWMniADG6jvxlEujYYU%2FqKPYyaFSAlS8Zoo%2F8WEJhChAmA5IpvgSGoyR5qp04pe2hhDxf"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=63072000
accept-ranges
bytes
cf-ray
7baefe86c8cb9b7c-FRA
expires
Sat, 19 Apr 2025 17:09:18 GMT
maven-pro-v11-latin-regular.woff2
static.islamway.net/bundles/islamway/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/fonts/maven-pro-v11-latin-regular.woff2
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d6fc4a7ad75340e3673193cd5b6baef8d6ea79f99992ddd859b2d70a9f08f9

Request headers

Referer
https://pk.login2urchance.tk/
Origin
https://pk.login2urchance.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14988
last-modified
Tue, 29 May 2018 14:40:51 GMT
server
cloudflare
etag
"5b0d6673-3a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajioe4wGwR2F0xtBToD9BrNhW4BDl1AeIr3WvAofNwErj1XJX6gYGnprOItO%2FYmfIPbgzwLoriDbhhOGbwkhpPvq9oJEeu0qC1NTye7GshaHeMvA%2FHB4w%2Bue8zo7rZ1lOJokV%2FVLN4VWAD4ENkODxlJy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=63072000
accept-ranges
bytes
cf-ray
7baefe86c8cc9b7c-FRA
expires
Sat, 19 Apr 2025 17:09:19 GMT
noto-sans-v7-latin-regular.woff2
static.islamway.net/bundles/islamway/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/fonts/noto-sans-v7-latin-regular.woff2
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9

Request headers

Referer
https://pk.login2urchance.tk/
Origin
https://pk.login2urchance.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15572
last-modified
Tue, 29 May 2018 14:41:31 GMT
server
cloudflare
etag
"5b0d669b-3cd4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlGd2c1nhsRgJB53AsU6O82UKg15R5pn3S7ptfzrhERd%2Fzv3gqa2%2FOWExbaRez3iMdGy1tQEGrNN9rLbBSDMwCCAZaXJA667CSaa70wiqkMokW8P18PJ8vP48PrxFj4lag0iFvB9ROSnXpDUZOSPjY9L"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=63072000
accept-ranges
bytes
cf-ray
7baefe86c8cd9b7c-FRA
expires
Sat, 19 Apr 2025 17:09:18 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 16:27:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2493
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 20 Apr 2023 18:27:45 GMT
ramadan1444.css
pk.login2urchance.tk/bundles/islamway/css/ 		812 B
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pk.login2urchance.tk/bundles/islamway/css/ramadan1444.css
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03d4c13caa890eab9ed6ce25447a0983fd8fd25b624b6ec9dabd29b148ef82b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=987
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 16:22:33 GMT
server
cloudflare
etag
W/"641b2b49-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBDqeL3HPwX81XP8n%2Bi23cfud06Qtuv3ox5WWgAZ6pm78opcB1yHWgn3NcDcVqajePlgD2db2ODjLe5zhoWx%2BQ4hzpUwL9pL84FeOCwhFFUtp6Sb3fQL4fcYuSGMfqK8SnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
s
HE
cf-ray
7baefe868a84994b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
en-logo.png
static.islamway.net/bundles/islamway/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/bundles/islamway/images/en-logo.png
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f127aa9164c2135b65c42d0d5b73bc8f678634d9a3b41782cc5a442e2065f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5367572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13031
last-modified
Tue, 29 May 2018 14:41:38 GMT
server
cloudflare
etag
"5b0d66a2-32e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FWLQpO593p0M40f0jCYROg3BPrWJ9%2B9n55i7ps3sfOn7i15RChp6FfnYfMLh9Ufzxa4A2S8yqnKiru3iFYbiNkWn3d8tDQdJbyluwQe5RC3X4uLGOV%2FN9jXU04q3c7PaMCsrrOzY2yKOOWxp6%2BPjVcL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe872f5b3686-FRA
expires
Sun, 16 Feb 2025 14:09:45 GMT
spotlight-default.jpg
static.islamway.net/uploads/spotlights/_260xh/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/uploads/spotlights/_260xh/spotlight-default.jpg
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfce38d0eea0514bd89cb857510c00208fd12cbdbf8fbdd9b3e27f92f433b523

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10073
last-modified
Wed, 29 Nov 2017 13:23:28 GMT
server
cloudflare
etag
"5a1eb4d0-2759"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTkFQ0VSijtBjbWbYykOn7li7l5lDbvEpqN4OoaqYqHnEyIZedwHHBRSauK7dXvaBCV9Fu0UjSEMtPVekHG6dIH2bJvyNDyn9wUud%2Fxz6KjUhOGxtJPUqh12SiWQ%2FR2ACXKQj5WwiyiflgJGcI7PjwrZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe872f5c3686-FRA
expires
Sat, 19 Apr 2025 08:51:45 GMT
The%20Sweetness%20of%20the%20Eyes1.png
static.islamway.net/uploads/spotlights/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/uploads/spotlights/The%20Sweetness%20of%20the%20Eyes1.png
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b958dca32a8f64c981c5a85fd5e0d4e3048a935b98944e58f61d06ae853670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7988
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
164008
last-modified
Fri, 11 Nov 2022 05:22:02 GMT
server
cloudflare
etag
"636ddbfa-280a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xwmdot88pSfVdi2DCfrNz6aAIDfiOIknsY4huSSFtekalII4R0KYJlsfnZQ9cn3yvRv1ploQIsJxHy3FVF5jB08o%2FE0OTzHNXiDEOelpayOOuJgd7KsEUlPluTE79I0rnRYmy%2BhctaTLeWyqj4tioZh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe872f573686-FRA
expires
Sat, 19 Apr 2025 14:56:10 GMT
1344042575_shawwal.jpg
static.islamway.net/uploads/spotlights/_260xh/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/uploads/spotlights/_260xh/1344042575_shawwal.jpg
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f665f28bc13bde6289a4e0c7d37a94a93bbbb9f28b1cf5b8a19cd9c8c1aa0edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7988
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18463
last-modified
Fri, 29 May 2020 16:46:25 GMT
server
cloudflare
etag
"5ed13c61-481f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dKRz4XURUc%2BF%2BVoSLULXBRm1GKi%2Fe8OC3ge%2BljgAQCXIbVDSz7BTO%2FBy%2BpnCdxNjMeGbKpCOnqURnqZX6%2B6XRYMBOeTh0VPhNQiGOiv5qcw1PifqHqvwd7V%2Bx0r9fuRuoIzClBvmtxjVVOtMwJTzB%2B9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe872f593686-FRA
expires
Sat, 19 Apr 2025 14:56:10 GMT
no-photo.png
static.islamway.net/uploads/authors/_40x40/ 		956 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/uploads/authors/_40x40/no-photo.png
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c3f28e2ebdf55537ac6bc960b35249193a2b52e010c4a9c928bd89cbcbb221

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6773196
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
956
last-modified
Wed, 22 Jul 2015 13:31:08 GMT
server
cloudflare
etag
"55af9b1c-3bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb7bQADH5yG1VxxGk0LdLZG%2B31vJH24UVXmXzZUlMkE0f26ggGH%2FltkEgUbXD%2FjEikqYo9w15RkZkreE55pcx6OFU3PhsIo97GvB2j9mHTAAoyDeanfLM2v8%2FF4Mq5zHXuK%2F3%2FJjHxDXDPSPj6Ez4ZJw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe872f5a3686-FRA
expires
Fri, 31 Jan 2025 07:42:42 GMT
aud-ph1.png
static.islamway.net/bundles/islamway/images/ 		450 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/bundles/islamway/images/aud-ph1.png
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca43cb745b0905a0932d65ae5c41cc96bbdf664a3b450e5304af02a5f88ec4a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6756859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
450
last-modified
Tue, 29 May 2018 14:41:33 GMT
server
cloudflare
etag
"5b0d669d-1c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcHWBeSCamlm4dW%2BLEa%2Fj295SrEhTssmoV7BBi1ZDvwhKV4oAJ7dY4g10aM8LZqgn39qNpeUuob6xFRW4x8qvnCRQZEwdf3hWSNnDeIxs8oUXs983HGacsGivOD5YAhBbL2s9vkSGNpzqeCY23kkmaNk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe872f503686-FRA
expires
Fri, 31 Jan 2025 12:14:59 GMT
aud-ph2.png
static.islamway.net/bundles/islamway/images/ 		238 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/bundles/islamway/images/aud-ph2.png
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e381afcde1bfef25dd32b5eee301fa5565d93087b9938427d277384c5aca19aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6756859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
238
last-modified
Tue, 29 May 2018 14:41:33 GMT
server
cloudflare
etag
"5b0d669d-ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29xzP9YsoJJP98%2Bi2U1F%2BugIvMIs7FplEXW5Z%2Be2Z0xEX29BJqkSOo%2B2hZcVebDPnUNrr%2BKS8%2BA8JhKb3s9B8WXEeUVp5kPEPxJL2xrxdl2PDsPo%2F5Zyrap94vsbsgDJOsVK1kTHr2BO6bLaJMy1jwZH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe872f533686-FRA
expires
Fri, 31 Jan 2025 12:14:59 GMT
eid
pk.login2urchance.tk/ Frame 4B94 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pk.login2urchance.tk/eid
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
1bee359399eab1a49e3f663e7f19c2b976364d1dc10db1f10f3233b1d3314845

Request headers

Referer
https://pk.login2urchance.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7baefe872d163677-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Apr 2023 17:09:18 GMT
expires
-1
front-end-https
on
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2B%2FGg6v2YGxY7QIBniatYI0UElF8mq93ZPrW8prgFS579nDdFHlU4kOtDkiOcL75aSI%2F%2BmN4i1Q3sFu8bSo%2FwiTtENsAnlylc6X4KYilxT88LFcB9SWvduqtL49a%2BW6rT%2FA%3D"}],"group":"cf-nel","max_age":604800}
s
HE
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-powered-by
PHP/7.0.33
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb123b67cb68ab16bef8428564ed48d30babb7b18a59b0a134bc936a21a65615

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
world.png
static.islamway.net/bundles/islamway/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/bundles/islamway/images/world.png
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/assets/1.1.15/css/main_ltr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76212478859a61a8f8aa39150faa8595dd5040b213d6f16c22d9d38db14f8223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.islamway.net/assets/1.1.15/css/main_ltr.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1669
last-modified
Tue, 29 May 2018 14:42:09 GMT
server
cloudflare
etag
"5b0d66c1-685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7PHMmNde2Lx17vIbT4ioLOdHYdVpF27aCFEmMwuafUQSobtm976X2AYzWQvfbNN75ownOjt72Qtf187LFPfWJ6n46rebKkQntYOjWFPW5OmvvxamFtPbDAT3YPT4z48o3%2F2xnHeF%2FnmXhSFTBP6QdvQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe874f7c3686-FRA
expires
Sat, 12 Apr 2025 22:20:51 GMT
noto-sans-v7-latin-700.woff2
static.islamway.net/bundles/islamway/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/fonts/noto-sans-v7-latin-700.woff2
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/assets/1.1.15/css/main_ltr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32325b414fac16d7b02f331d94d282aa099b76a05607557dd5b2fdeba66f5c7

Request headers

Referer
https://static.islamway.net/assets/1.1.15/css/main_ltr.min.css
Origin
https://pk.login2urchance.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15628
last-modified
Tue, 29 May 2018 14:41:23 GMT
server
cloudflare
etag
"5b0d6693-3d0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXvneyc5G40PvlqcEngv%2BqtBINI0swsejztcL1Er9Pch7TYbqpXD9VtktMPLJpy9JOqopv6aWFK5GT3kvbGi2HT8akDWwyiBEnZyOyWUDpMg77525aIV5%2FLe9jLPr7lQjC8WrWpm8feWyWeHWpORZ%2Bce"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=63072000
accept-ranges
bytes
cf-ray
7baefe87598f9b7c-FRA
expires
Sat, 19 Apr 2025 17:09:18 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-383411-1&cid=1087955608.1682010559&jid=922799683&gjid=981506708&_gid=1374856681.1682010559&_u=YGBAgAABAAAAAEAAI~&z=1822170049
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pk.login2urchance.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Apr 2023 17:09:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pk.login2urchance.tk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1204038317&t=pageview&_s=1&dl=https%3A%2F%2Fpk.login2urchance.tk%2F&ul=en-us&de=UTF-8&dt=Islamway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAAAAI~&jid=922799683&gjid=981506708&cid=1087955608.1682010559&tid=UA-383411-1&_gid=1374856681.1682010559&z=388836576
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 02:03:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54333
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-383411-1&cid=1087955608.1682010559&jid=922799683&_u=YGBAgAABAAAAAEAAI~&z=1425585669
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 17:09:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-383411-1&cid=1087955608.1682010559&jid=922799683&_u=YGBAgAABAAAAAEAAI~&z=1425585669
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 17:09:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
med-bg-white.gif
static.islamway.net/bundles/islamway/images/loading/ Frame 4B94 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/bundles/islamway/images/loading/med-bg-white.gif
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63493d32c96bfbbb61cd04efc7b6215ceafaedf3a9b14f35770efe25eac3a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48509
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4295
last-modified
Tue, 29 May 2018 14:43:26 GMT
server
cloudflare
etag
"5b0d670e-10c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Fiabt%2BPzxJ8gDTrvY9RVribQc6dRdaNMt9VOUx2yVSrYHKvAD%2F%2FhSTaT0B7DI5zfjSfOQe8dgTGvBZdqAuYIyY3a1rHI26sfQ449JGRHtnUREFQkdOHSgB%2FvT%2F2KDw4H4YJHWf3DTaNhIdVQP1KTcLk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe89390c3764-FRA
expires
Sat, 19 Apr 2025 03:40:49 GMT
jwplayer.js
static.islamway.net/bundles/viewers/jwplayer-8.4.0/ Frame 4B94 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/viewers/jwplayer-8.4.0/jwplayer.js
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7173b70aa9161ba695e69822aa94e2c998ecdf08f32317706db2cca8c8f8b60c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6788418
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jun 2018 18:58:13 GMT
server
cloudflare
etag
W/"5b2d46c5-1214f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB2VaExPvbjuHCcflYbz4UxKEGJi%2FTVKY%2Fhg38KdoDkJCt5mdQqUd6seZn%2F6cg%2BJrSSVq9g8eeBBRNT2rA4cWdPUT%2BEMTfqcP0nALMdk8RrSB%2FGj1BoKqzhxTKyuvC%2FNNObTk%2BayTcGik9Bgzvb0Cp3J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe89390e3764-FRA
expires
Fri, 31 Jan 2025 03:28:59 GMT
analytics.js
www.google-analytics.com/ Frame 4B94 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 16:27:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2493
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 20 Apr 2023 18:27:45 GMT
jwplayer.core.controls.html5.js
static.islamway.net/bundles/viewers/jwplayer-8.4.0/ Frame 4B94 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/viewers/jwplayer-8.4.0/jwplayer.core.controls.html5.js
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/viewers/jwplayer-8.4.0/jwplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190c337d5825b94e76175c908b3f4bce9b733afca07385532e9191cf908c7310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590237
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jun 2018 18:57:20 GMT
server
cloudflare
etag
W/"5b2d4690-3bbeb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3zdKjZ%2Ft3CudJEnA20Of7aAqMNj6KXE9sBHwCL4Bk%2F7uktkPxoxZHLVOpal5JIgdD4m6wVgIS7AYAwsGZo0kKR99TRTeWHNwe0jRp58GP4m6bw5ApyHefU3iZt37iHVi5G1iqROvsNoE%2B45zTzvjZ8w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe89997f3764-FRA
expires
Sat, 12 Apr 2025 21:12:01 GMT
collect
www.google-analytics.com/ Frame 4B94 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1644392529&t=pageview&_s=1&dl=https%3A%2F%2Fpk.login2urchance.tk%2Feid&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%84%D9%87%20%D8%A3%D9%83%D8%A8%D8%B1%D8%8C%20%D8%A7%D9%84%D9%84%D9%87%20%D8%A3%D9%83%D8%A8%D8%B1%D8%8C%20%D8%A7%D9%84%D9%84%D9%87%20%D8%A3%D9%83%D8%A8%D8%B1%D8%8C%20%D9%84%D8%A7%20%D8%A5%D9%84%D9%87%20%D8%A5%D9%84%D8%A7%20%D8%A7%D9%84%D9%84%D9%87.%20%D8%A7%D9%84%D9%84%D9%87%20%D8%A3%D9%83%D8%A8%D8%B1%D8%8C%20%D8%A7%D9%84%D9%84%D9%87%20%D8%A3%D9%83%D8%A8%D8%B1%D8%8C%20%D9%88%D9%84%D9%84%D9%87%20%D8%A7%D9%84%D8%AD%D9%85%D8%AF&sd=24-bit&sr=1600x1200&vp=470x100&je=0&_u=ACCAgAABAAAAAAAAI~&jid=&gjid=&cid=1087955608.1682010559&tid=UA-383411-1&_gid=1374856681.1682010559&z=1787578848
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 02:05:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54238
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ar-logo.png
static.islamway.net/bundles/islamway/images/ Frame 4B94 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/bundles/islamway/images/ar-logo.png
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3709d8c3d8fed7b1dd74479e334b98413c5aaa0b19ec1f04c403bcd16d3c4559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2123
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1979
last-modified
Tue, 29 May 2018 14:41:32 GMT
server
cloudflare
etag
"5b0d669c-7bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2F2DHTyPEsVhOKNJtQMGpLNz7fvwrDnjL2F2wb9ZQ1NEmuheqApTpE5DiIQIjLuBPoJP4tuoaNNw5lSAp86Cj1pwVAiOOLbtctXlotfOv1No9t5ZkGm04fyqrXd9Pzmiuaa5NcbVq3UzoXni%2FNPszjcz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe8a0a353764-FRA
expires
Sat, 19 Apr 2025 16:33:56 GMT
poster3.jpg
static.islamway.net/uploads/eid/ Frame 4B94 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/uploads/eid/poster3.jpg
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17e00d3f7355320b6797b5b693091125748094d5e005c0a9325730634594f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2123
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16360
last-modified
Sun, 05 Mar 2017 09:15:21 GMT
server
cloudflare
etag
"58bbd729-3fe8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKIjgHUx86ts0mUcRR%2BE%2F0SdgQ8uJQPYXcA41DJ%2BRtAeiJ1T1%2B9Zo57PEyJtrZ3Qsl15C7CrFpvQzyNZeMimSPTmurshglue7TpkBJ5%2BGweMy2HuR9VM1rcBqhyyVmtiGfa14B%2FAFCAurGaNNQRkqde%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe8a2a5f3764-FRA
expires
Sat, 19 Apr 2025 16:33:55 GMT
cc6e8c30-e950-4e41-9a7e-257a1a76f672
https://pk.login2urchance.tk/ Frame 4B94 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://pk.login2urchance.tk/cc6e8c30-e950-4e41-9a7e-257a1a76f672
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
eid.mp3
media.islamway.net/ Frame 4B94 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://media.islamway.net/eid.mp3
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/eid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pk.login2urchance.tk/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers
tracking.js
cdn.livechatinc.com/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f3597ddd0e1f7410c7185c4261d2bd66606745e49804541c5047841441b60e04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
QBYX3R6qNypbKSfia.qp_26XtnfXmz08
content-encoding
br
date
Thu, 20 Apr 2023 17:09:19 GMT
last-modified
Mon, 17 Apr 2023 07:16:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
etag
W/"7e88bf7f25d5ca44cc21ac09544fab98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
IbuLDymjUr-12W23bP4noPLU08AC3bgzKeEJiXo4dYUBkhlAyZA16g==
content-length
26531
expires
Fri, 21 Apr 2023 01:09:19 GMT
jquery-3.1.1.min.js
static.islamway.net/bundles/islamway/js/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/js/jquery-3.1.1.min.js
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/islamway/js/lab-2.0.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 29 May 2018 14:44:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5b0d6738-152b9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7W6ypgAliYRhjGvgr%2BP5wy4f8jR84NZzB8wRQzmr5yITXdy9mJjVkbOoDgsqXJuSJLs685IlyGy2bBVsSEhXm%2F1iM%2FfQM44PCa6ZYwzkxB1aaxw9guxnUvND0NZNcFVicUjb1ZJQ0P31ZZFXGHHQ17gY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe8a6ab83764-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 19 Apr 2025 17:09:19 GMT
bootstrap-3.3.4.min.js
static.islamway.net/bundles/islamway/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/js/bootstrap-3.3.4.min.js
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/islamway/js/lab-2.0.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 29 May 2018 14:43:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5b0d671f-8c75"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRMDUo8G85Jrx8cxB17BEp19gtu71Xrs7Ojwelf0w7UlUQWQo8QCSQIFXfCiIweAbYErtlYoXBWOA%2FZ6aLMZu27ESwP%2FaxWcx1Hc%2BectbCZzLZDw2e3PUh63spsu8ctgtB6aFgN3WpsmWJXE1Sg47qge"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe8a6aba3764-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 19 Apr 2025 17:09:19 GMT
main_en.min.js
static.islamway.net/assets/1.1.15/js/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/assets/1.1.15/js/main_en.min.js
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/islamway/js/lab-2.0.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a311a6f281302eac2a35ac97ae1bccf367eea26fe59fe0b67b108bc4297152

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Apr 2019 20:38:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6775523
etag
W/"5cbcd4bf-15690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jShCh877T%2BRzWJdB%2Bk%2BVbB%2F9Jv2ExDQZmVHnYtdm3%2B%2BmkBur6%2Fg3G52AQHUfBoVZZdM%2BYUawh12UydhEg21lir2ULNx%2FaLdX7GFaAhIIo3otN4nngyMEsaUnTWILQg7aNlHvJiwjBZQpICm21Qt6FD3z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe8a6abc3764-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 31 Jan 2025 07:03:56 GMT
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 		888 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=7499411&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fpk.login2urchance.tk%2F&channel_type=code&jsonp=__wqommutqk9m
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fff3478bc10593b761b9a96fc156e5a4713c02b6b79633e6a274b4c33b52a045
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://pk.login2urchance.tk/;
X-Frame-Options allow-from https://pk.login2urchance.tk/

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://pk.login2urchance.tk/;
date
Thu, 20 Apr 2023 17:09:19 GMT
content-length
888
vary
Accept-Encoding
x-frame-options
allow-from https://pk.login2urchance.tk/
content-type
application/javascript; charset=UTF-8
horizontal.gif
static.islamway.net/bundles/islamway/images/loading/ 		723 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/bundles/islamway/images/loading/horizontal.gif
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6788486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
723
last-modified
Tue, 29 May 2018 14:43:18 GMT
server
cloudflare
etag
"5b0d6706-2d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=080TAXS8I5SgqabzyN%2FZnTu4dThQdaTwSGTP%2FEJJvd7TO5wubzpaO%2BjFxldVyTrVzvtwYdMrGXxLxtLIm2xPPFrRD7kZ5edL6OHuzYxv3dazjhfi4GRXiXhUtOb5oQKA7cbnwgJqwcfQbcRuJ4FfKVhG"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe8d0ed03764-FRA
expires
Fri, 31 Jan 2025 03:27:53 GMT
1549.png
static.islamway.net/uploads/authors/_40x40/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/uploads/authors/_40x40/1549.png
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0ff238b352576fb395fc34f290f2403979e35fc97fed54eb2f92427c527c317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171972
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3494
last-modified
Wed, 22 Jul 2015 14:24:12 GMT
server
cloudflare
etag
"55afa78c-da6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDDS1zajavJhTEq6%2FnWVLSzm%2FRPp4fqTXztGKE5JCjSsZmuK%2B0SjnMcqjFdDMbT%2BeKY5%2BSsIPHD9wt%2B6LR6sTXzFUBIn%2FkuHB3VRwf%2FaVi5qmI5PjqMvtLfli2Rl33CAzjj6aFoo8Tby%2FUdTJCt14Bx8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe8d2ee83764-FRA
expires
Thu, 17 Apr 2025 17:23:07 GMT
aafifi.jpg
static.islamway.net/uploads/authors/_40x40/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.islamway.net/uploads/authors/_40x40/aafifi.jpg
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
061ef5bf650bf5ab7bfbb7a8971eae91a36da1a439d04e70ff9e13d75bb37a1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5688233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1123
last-modified
Thu, 19 Mar 2020 04:19:31 GMT
server
cloudflare
etag
"5e72f2d3-463"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvwkUYAVtAj1%2FQYQT0bQQAd%2BpsuCfx3FAgbwrG2xdapgXbK0CHcnQQu%2BBpSQr%2BZc%2FOgtVg50uvlfTS1oP392k0dX34eEp9kGa2rg8oIH2YVA3LwCgapR8gdETEPY17aUTsMQxzEY0ta%2FDeaKzT1Zfulx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
7baefe8d2ee93764-FRA
expires
Wed, 12 Feb 2025 21:05:26 GMT
prayer-time
pk.login2urchance.tk/ 		266 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pk.login2urchance.tk/prayer-time?&country=DE
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/islamway/js/jquery-3.1.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
495b465541fe15dc876629398ea63f33dd05422bf678e1b96518ac282611069b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pk.login2urchance.tk/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2107
x-powered-by
PHP/7.0.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-digest
en495b465541fe15dc876629398ea63f33dd05422bf678e1b96518ac282611069b
server
cloudflare
vary
Accept-Encoding
front-end-https
on
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6hd%2Fcl4hgalLWAoAytvrZVlR1ZRqKvfOaYR%2By0KTjLEswavMhXKKp%2BXW7aSzP4VmYkfwF6Xl64y6DzbOKNNqSt2IlsxFUWE%2BQIgMoBfQ6HUcqb0V%2FbgdHbsytbaOnfrqOk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=5948, public, s-maxage=5948, max-age=0
s
HE
cf-ray
7baefe8d2e073677-FRA
expires
Thu, 20 Apr 2023 17:09:19 GMT
get_configuration
api.livechatinc.com/v3.4/customer/action/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=669e9aa2-1e2e-4467-a11e-a33c62a2e7b1&version=3865.353.353.58598.8491.9333.586.506.93.492.52.18.1204&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c457d8a04a36a7d5f167d819109289595c71e9e7fd207479291478c222f2af0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:19 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
1645
expires
Thu, 20 Apr 2023 17:19:19 GMT
hot-topics
pk.login2urchance.tk/ 		478 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pk.login2urchance.tk/hot-topics?country=DE
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/islamway/js/jquery-3.1.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
d8711a762067499c1684cc4c8881dfb1e8fff706fe413b6dccb605bcebda3872

Request headers

Accept
text/html, */*; q=0.01
Referer
https://pk.login2urchance.tk/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1974
x-powered-by
PHP/7.0.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
x-content-digest
en347c31b1c6dad7c9285267b606619476d02ba44a73f38f964dc11ca341fc743b
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
front-end-https
on
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw7IQwFK57rN1uoGmypVdStnapmIyughSNhaQ1vcij7idvBH29levVUiynRk7rUs4qBA0MdHYnK0b8Mek69ayAGHeXCF0eMsSKBFOeaE14Fqq2hRsL2dxNE4EYw2Oj3SQ0Axe8ObvZQg6raM3yY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, s-maxage=10800
s
HE
cf-ray
7baefe8f493c3677-FRA
expires
-1
owl.js
static.islamway.net/bundles/islamway/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/js/owl.js
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/islamway/js/jquery-3.1.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697b1d832e73cd1f44fb96fe38541b824f8aa709d87237036d0b0497867b04ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 29 May 2018 14:44:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5b0d6733-9dd2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji%2BC0le9qjvZr4f5s5FmU3AFfPe5jZCH%2Fa%2Fi26TLQANtdB4RG19rqY%2Bgb%2BdBzwcDF4L03DWYof8VcDDfIBtSGqvvIZP5SUwzq7Pi5Bwzy5FRRs4EDBfTusQAcmJXuzgePfHViTI2fykn4X3JhAXP3L%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe8f4a1b3764-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 19 Apr 2025 17:09:19 GMT
gpt.js
www.googletagservices.com/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/assets/1.1.15/js/main_en.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c2bb91d46340cf6b8c4525a1b274e386dc5714a51f88acd8583b39842fdf8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25400
x-xss-protection
0
server
cafe
etag
745 / 19467 / 31073954 / config-hash: 10766022344853647766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Apr 2023 17:09:20 GMT
intro.min.js
static.islamway.net/bundles/islamway/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.islamway.net/bundles/islamway/js/intro.min.js
Requested by
Host: static.islamway.net
URL: https://static.islamway.net/bundles/islamway/js/jquery-3.1.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3570eeb37490982dcc59cd8e5c7c48e487cc81b1a17b8d84156972c5556e9685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 29 May 2018 14:43:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5b0d6721-6a9b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z8i%2F2HvRaPO%2Fz4TwVEL3kvu91II%2FlPwlfyZehJyoNaFMQMIg%2BFJklML1nBhUZVdcQgzZ3V00hWK1CmNVxy2A5w%2FRxm5KmhZT%2F1W%2B2KLJdd4hUoP%2FXS2dJP7TYnZ0Jz3qY0AFQV302d91QgvDBbPNebm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=63072000
cf-ray
7baefe8f5a253764-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 19 Apr 2025 17:09:20 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/ 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 16:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
2473
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126857
x-xss-protection
0
server
cafe
etag
11988808581808118609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Apr 2024 16:28:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		42 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pk.login2urchance.tk
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c1bcbe72e2ba55ec08f838b8bca9f1384cf82c67106e47ec7cce664bdb2320b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
expires
Thu, 20 Apr 2023 17:09:20 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pk.login2urchance.tk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pk.login2urchance.tk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		693 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=629835457085557&correlator=1755216700189255&eid=31072878%2C31073318%2C31073829%2C31073865%2C31073954%2C31073998&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fif&iu_parts=4519186%2CEN_200x90_W_top_allpages&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x90&ifi=1&adks=384501256&sfv=1-0-40&cust_params=UrlHost%3Dpk.login2urchance.tk%26UrlPath%3D%252F%26UrlQuery%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682010560435&lmt=1682010560&dlt=1682010558479&idt=1912&adxs=438&adys=75&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpk.login2urchance.tk%2F&frm=20&vis=1&psz=200x15&msz=200x0&fws=0&ohw=0&ga_vid=1087955608.1682010559&ga_sid=1682010560&ga_hid=1204038317&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
588adc7d513657679581c105ca7065c9e8c8bc553bb9b3c58494b7715970b568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
355
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pk.login2urchance.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=629835457085557&correlator=1755216700189255&eid=31072878%2C31073318%2C31073829%2C31073865%2C31073954%2C31073998&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fif&iu_parts=4519186%2CEN_728x90-320x100_WTM_top_allpages&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=1117512336&sfv=1-0-40&cust_params=UrlHost%3Dpk.login2urchance.tk%26UrlPath%3D%252F%26UrlQuery%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682010560445&lmt=1682010560&dlt=1682010558479&idt=1912&adxs=650&adys=75&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpk.login2urchance.tk%2F&frm=20&vis=1&psz=728x15&msz=728x0&fws=0&ohw=0&ga_vid=1087955608.1682010559&ga_sid=1682010560&ga_hid=1204038317&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0438ac682774c5732e1c8f2f61c5dbdfc7ac811f09a16cba789c9f08c372585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20992
x-xss-protection
0
google-lineitem-id
4792372015
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138290668647
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pk.login2urchance.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=629835457085557&correlator=1755216700189255&eid=31072878%2C31073318%2C31073829%2C31073865%2C31073954%2C31073998&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fif&iu_parts=4519186%2CAR_300x250_WTM_middleR_allpages&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=2605569991&sfv=1-0-40&cust_params=UrlHost%3Dpk.login2urchance.tk%26UrlPath%3D%252F%26UrlQuery%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682010560449&lmt=1682010560&dlt=1682010558479&idt=1912&adxs=413&adys=5061&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpk.login2urchance.tk%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1087955608.1682010559&ga_sid=1682010560&ga_hid=1204038317&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
983fdaf2859f2838027e48314c524a81d778ee320e9760b84da9d1bc91738024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20995
x-xss-protection
0
google-lineitem-id
112939386
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138230310521
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pk.login2urchance.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=629835457085557&correlator=1755216700189255&eid=31072878%2C31073318%2C31073829%2C31073865%2C31073954%2C31073998&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fif&iu_parts=4519186%2CAR_300x250_WTM_middleL_allpages&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=1293871679&sfv=1-0-40&cust_params=UrlHost%3Dpk.login2urchance.tk%26UrlPath%3D%252F%26UrlQuery%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682010560453&lmt=1682010560&dlt=1682010558479&idt=1912&adxs=743&adys=5061&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpk.login2urchance.tk%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1087955608.1682010559&ga_sid=1682010560&ga_hid=1204038317&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3acaecfa3cdf6c7645cc96311e69cd01a2dd881b920bc825bd70d2d2e9124382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21001
x-xss-protection
0
google-lineitem-id
112939386
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138216882348
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pk.login2urchance.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		556 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=629835457085557&correlator=1755216700189255&eid=31072878%2C31073318%2C31073829%2C31073865%2C31073954%2C31073998&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fif&iu_parts=4519186%2CAR_250x250_WTM_left_homepages&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=5&adks=2238940681&sfv=1-0-40&cust_params=UrlHost%3Dpk.login2urchance.tk%26UrlPath%3D%252F%26UrlQuery%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682010560456&lmt=1682010560&dlt=1682010558479&idt=1912&adxs=1144&adys=334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpk.login2urchance.tk%2F&frm=20&vis=1&psz=331x290&msz=250x-1&fws=0&ohw=0&ga_vid=1087955608.1682010559&ga_sid=1682010560&ga_hid=1204038317&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31222f7b87399d83d8b3fdb3c3aea3d7bc6c783556ed11780b14aed03f75cc31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pk.login2urchance.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e83e9f71801354ac09eaa6997e45949fd1e530fd13e49a4cdb3fb1ca810971ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11306
x-xss-protection
0
container.html
8e08ae4a52c53f87e4f18584dc9dd588.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E18 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e08ae4a52c53f87e4f18584dc9dd588.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pk.login2urchance.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 17:09:20 GMT
expires
Fri, 19 Apr 2024 17:09:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4769 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjkLsSmtQ1_m0OdAZ2dOw5OgMfMl_eAUeR2gWKsndzMdVUjpe7rNAbTWoSzejRVZIieGWybpGsdHMdjzT0wE-gsBjrPWknlEwFnY1jwiLIOZvKipSBKHTOB7MedQKvlvuAJkG76WepVrGnpoVbZLraDP_rUgy_i4dEjw2Lmch8QqBb-LMx9rRJCX_fmlds145OPYvgjiKSmwbgWBH-hwOsb599gaGr0L_9dhSNufrWT4WMLYe-lqTUG59wRVA6NG6pHH84zljrazx-6UloUQXPObf_bqPpOJO7Pn_8W99tn7JVdVHStoVSNiqUSlxl1fkqEOgdOxmD6sNKEkm5l9-enE7j5rT2Eg&sai=AMfl-YTuPPAxylxVg5sXJUclCX1jSq2aWsAWAGxawva33cr1ycgzjaC6y4mccVJz_JFqfA1L4kcDtP6mGKMYgW1tH8WvTJJGBkCJ4afPBCAgcjXYta5-jvX_Hy_uKz61TL4BrJ0hRvSqBRi20_f5rjw&sig=Cg0ArKJSzMltoJ_uO9M-EAE&uach_m=[UACH]&adurl=
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Apr 2023 17:09:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 4769 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 17:09:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 4769 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 12:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
16243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 12:38:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4769 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 17:09:20 GMT
16154994048593396749
tpc.googlesyndication.com/simgad/ Frame 4769 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16154994048593396749
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16806aa3463360924e266675c24829971b41688dbe9c53a70bd3229bb1d77f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 03:10:34 GMT
x-content-type-options
nosniff
age
136726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14947
x-xss-protection
0
last-modified
Wed, 11 Apr 2018 17:38:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Apr 2024 03:10:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EB41 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunmB1R_EPPS-JV6H4Zg-gJxi9775W3Ucs4I95dChRAVgAyzyi9WILgzdtgbTQTwz763b9HWCpJ2MzuDrAHva0oAhtQPUlzDHhtOSEvkznYaf9MbfXJ2dwif7GNlH-7ssXsp7GEsRLEy7ILepv378ERtacLX7R-RLdoph_79nUPglNV4SSKaiQbLTjjSSJhkJHEU2k80lgbm44uFo8U4Au7SM0Z9uqHAYRo7h5cNYk5GivHlaHRxkfHEoRNtTCrxGFIV-fWE6-jgW_jJIER8YvKOjbcDT4LFt7fL3N8tRV8nYBU9_01-S6zK3V4qraNhfYsMnh-irX0VhPg9YBNI0SmjodngHGN8g&sai=AMfl-YSeqIUZNRaFQtNvaYl7JHks4KfmUow4DS1oGKB-AMP-BmqO-tTgU4RJnrIUTMOD3xxSuHhXszs2OGehpt8vpvf2rvNmEoIlYWbwYvzoNsBOnkoAdbI9ir1P4kQSS6DOzuERa1QklSPkuVp-X-c&sig=Cg0ArKJSzF-m4qx5errKEAE&uach_m=[UACH]&adurl=
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Apr 2023 17:09:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame EB41 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 17:09:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame EB41 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 12:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
16243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 12:38:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB41 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 17:09:20 GMT
4106479742780270296
tpc.googlesyndication.com/simgad/ Frame EB41 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4106479742780270296
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff51f78374f38c805de1ee021c99d30d415aa0c2ea143c03893766860b3b7658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 23:39:44 GMT
x-content-type-options
nosniff
age
62976
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44436
x-xss-protection
0
last-modified
Mon, 14 Oct 2019 09:18:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Apr 2024 23:39:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOCW3erTG51SQqwvfVwOLIAbh4ebDXNJP4sxlpnlY1zSJjlgOXaqF7eFHPS_gB277_zs_IQV2in45Pbg2ZaBz_jUPdxVZrVPS-bnoOEiQRLr1Lv7iVjUPn2ZVI2QicCx9XegaBbodg8UvFxzN9-RHqOJMYxMYfxQxeRYV7EVwPmLXGAEtoGxTiohxAXf5ggNcXoWG2QUaRw8h1U5O9Q2n9oDhZvJusHhgVjWlbkedxtMRz3_8TzIMJqWM1hG9kGYdal4tohR6YHfjzO6R6ypSnHB7umZ0qbsFSVrtnkUHMayQOX_MX4Lh_V6tVNq5hMSd46GrCOHdAD88Gfefso_qt4U3-g5LgLg&sai=AMfl-YQXBWTKLh4E5VMUerP6xFhHV1SLCYX3d-VKRQiDNGOQ2SlkQPfug7Wat5Bdep7og77FFDGJRKWMwFvb-AX-fxwHmOZXG4dd-Fnbn_7mfuGzR4s_q27cXy6f7fZ7Dm7W6Pfeug7QUVogLNvGUZfK&sig=Cg0ArKJSzOvCI4rXchGrEAE&uach_m=[UACH]&adurl=
Requested by
Host: pk.login2urchance.tk
URL: https://pk.login2urchance.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Apr 2023 17:09:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 2746 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 17:09:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 2746 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 12:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
16243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 12:38:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2746 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 17:09:20 GMT
17306042125645438485
tpc.googlesyndication.com/simgad/ Frame 2746 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17306042125645438485
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
867f7a43682cd0d3df900ab369b621357bce47722a45de6ce480634844ee86af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 10:19:41 GMT
x-content-type-options
nosniff
age
110979
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36044
x-xss-protection
0
last-modified
Mon, 13 Nov 2017 14:29:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Apr 2024 10:19:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 17:09:20 GMT
truncated
/ Frame 4769 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97ee2467506cc66c6a222870abe54590790cf7808792dfdf3eef724fef855caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4769 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss993YXAlTPyvKtxo_V6LvQiAkbSfjP-7DWdVfwLM8xtEneDPsTF_E1Mw3d8EqYB7nZpPZIslq0K5yFqxJqBp7G4466mA1Sk03ixDwMOOXTgYZVVdvdKHsaVMKS5cKOB-LVn1h2pehY1jcJu1zZiUfcnUewUBMga3e6hoyGSyjCMcoFtyojpXySKunnnHEhZObE_6jrResXhfQwIIXE8YKt4z6t0znE3BQd3nSxu-OPpTL5jruJKGPahG5LCUJWxkunaoHASDhkFqWxZtjjfKVu_pHc9hwEsx8DbWHXZPTOdJVfuOL4HRpLl_4UzR4JPq0kiq6_jxKQHNJpr0kyZDbNQe8pdSd7gP0F&sai=AMfl-YSnRoIgRpxY4yiPrMW-DvBCeP-S5f3SuD1fZwl1MCJ2xZnwkpcnbt60ECQaGdClMYkNBROot3cu-ThiX9CoGyT6QFMa3I9Njfpf-H8lZLlPIGXlKL2BkxhA59IDkY_Sko3iyrU-Q7hVgJCBv2s&sig=Cg0ArKJSzJFRXmg3mrIeEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Apr 2023 17:09:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF1C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pk.login2urchance.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4031
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 16:02:09 GMT
expires
Fri, 19 Apr 2024 16:02:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7EF8 		783 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bda3a2418dd4d69352aa7b233667b08ebcc53d87787a258b0ee66c37518a3678
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8QjPFDbP6YyT995H8CMHoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pk.login2urchance.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-8QjPFDbP6YyT995H8CMHoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 17:09:20 GMT
expires
Thu, 20 Apr 2023 17:09:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame AF1C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 05:55:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
213232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14288
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 05:55:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7EF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304170101&jk=629835457085557&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
truncated
/ Frame EB41 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
292ed5be0a0e0e8f3e1f61d04ee2976bb07dca28b8839c58504d43ed185d7ebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EB41 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbH2RjU0DQoKRM2vv3hxRL0C9wMBo-uVxBFCYSzqB1dG3M-bbRlIoJ1YrNvnBSHU1RMNx6wyiNhMF1NrtxKTKYPOMOAr-nieUVENP9ah9ZSRicLAsVtAmHsOtmqRvmyCIzWWJcCzS2VmSvz3mok9JwHj4WsPPtvOphtx5Ii5Z3mJIkiqKaATwsSa8xuKnqHQISUUioaMGY9P3VqZ49h1MocGQhNx6_XOuJKvlMV5ZlkH0m6M5DIr-HyiCS28ySnfBgpgmDLBabIvvbY_vk3jv7KvExVlFUiUh9oCqYEkNgf5bhoojjFy9ZPgcqwwihiY2AIlhBhrM8LlTtAgAV6R4ww-yKdxHZTyso&sai=AMfl-YSSC4hBVIAfD18Jbsd8LIuXS1VR9K_J6K3iQodXaiOzssHzTapRmQ2T1k61ELWju3O-ETm-RXb_fWbE5_3RZZGv1Wxz-fYJTrKmnvmwXQM4lYB9XjzNFRWnqzrbTqh6EViO2AgC8qHOtJrT6yk&sig=Cg0ArKJSzK_HZpUDGcpzEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Apr 2023 17:09:20 GMT
truncated
/ Frame 2746 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7defb258dbc348b6efa544ca362305a090dd1797842e47e53e7bb944b25a3397

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTtO4hZqrUknFzedgtTU8GG3HPz3YpEL8M9cLf_RZ7VYu96zhGsgaCBVpmsIkPTTSitCpT3demhFeTPtTNtH-acMTBLh87pkE8_L1P29_pFti1rnL_ieZcA4HYfzORJiMEkMTq8qjs4w93uDDDL6gdy9YtCOHyVROm9LiTAUiOPpf78MQ7yF-FaYsUQ_f4ZedudwFgFiKBoD7MmLM4t3rXjyhyiGTjcImvbLnZ83KSajnEZHrWIxwy2ASTUbHl9u3KSLYWafiII7RvrEnQUDn8WMbqZQeGs9I_WbVfn-vcebJmmjsRBVE2quvuariuE7M7iqORvMvNM_uIb7jhRXCNwa0MvJdsIDxg&sai=AMfl-YRFkiQuG1u-7ly63Zq1dgN2cBa7G2zDZRkwXxQKMDF0-aqCTlD9hJ1SHum8NTl0qcxLNdBA9SSmXV4D4R1IVXP-S-CECT0IYtKRRBfMizCqXNzui9-8eATDvkLHLlnQ3DpRHuWwMCar4Z5Hh0-9&sig=Cg0ArKJSzHJxNcya3G6OEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Apr 2023 17:09:21 GMT
generate_204
tpc.googlesyndication.com/ Frame AF1C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XnOi_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:09:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304170101&jk=629835457085557&bg=!xMelx5PNAAZA7GLoYOw7ADkAdvg8WvI0m-1YyDxKgnpkaFuhEOucdWhDqi3G_9a0r96vrMRZgVzkxBooZW0zWFvpMwvxtE30ng0CAAAAWVIAAAACaAEHmQLfwu83FS_MMT73PgFx812abR477qbs0GO41Ns-QFir8EeWH6ZZoUK4PwTGZ8z8y5FjyfwDYXOWFkf2Pn-FYLAVdCE7l3ZNNv2LbIa3yaXQLQuLl03WifBDQJ_HqczM5184O6Yn_bDPQa7-aqfnYQf1QhVVkFA2PI7nCiowhTMHvjZ6QCwCJQj7T1wgAs9A9gGwQt9Z3COZUxOAM7MHwHtxj52KgMA7pKTpmALYGGjrKmQsV9xCPU-RwBH5Rp7FKhAjgpppYuRx-k4gFtLYEUejgkGyEnVebvtMf_11O0lVy-d04EBbfugbV-D7kxJ4A_o0jcToHHTfwh4fm0f7Pegrfyt9TSJ3pDzJO9J8sUYJsrcg73zIzHpmZ1kd7IVRNOKfi_h2cusjqP6n1oA9vesJenqQ6xf9MZoo2HL8rLANqInkK4f77unLWRpUvOJX1-69N_GDVtkQ7aH0jmgRBf3h98ECyD8XqG16qi9OWBK8iaVCTlwSUjfWUbkUnfcvFgYyK6LSJcsM8XenB_GxvLjDafSUnBUmlXaCeVT2qXGV8zbplAU7fOvm52An7OlVvtb6kK-l0HlMcjXUsaULM0zQSujFOyI4YWzo0fQwtRVWoOxqvQEYOYa7CCbvKCw9RdsL0OkuuRa6S56uWNlBLahkHWEaIP6kPAzv9D_BRJ5J4XYgqd5KEf37AVX_nN_OrViUHn-IMHhR9qXRwtXX35yy74FUWOZQGCwWSNthvYLbSiZQZbGyYY76EyaGsVADBYYnpHUavwqZIXeKouu-D-QWclAiZt3AbgntHgRQ1pJfeOBPE0OlvvvucYZ5pGc3ljT7wzcxIsieAKqW-448X6zBwTevDKgXQTm9tHuOcMYF2w6zaRx2SlLB0uESvFwkmmeWjqa_ALOkIrTqex-eUaEmH-Ws1wmM2PXJVq610iX_6gNokw-hwfe99AvjNhuVFcuAQQT6iVIAQsrx98cf8fIj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame EB41 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscqU3odHmm72OoO70GVoEfFuBqU6WizRiWtcL1lGZgqEoUR7P0NgE1MI6sDm8oD8zXLwKpSmpTXgkQfC-MpENEMNDf4HoDZAiUCPYCak6XImG-uSz0&sig=Cg0ArKJSzAoe_LMA3pYHEAE&id=lidar2&mcvt=1000&p=75,650,165,1378&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1117512336&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682010560611&rpt=357&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pk.login2urchance.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 17:09:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless function| ga boolean| isOldIE object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| $LAB boolean| __domReadyHandlerExecuted string| imgLoader string| modalTitle string| BaseUrl string| CDN_HOST function| runDeferredScripts object| CONFIG object| __lc boolean| __lc_inited object| LC_API function| $ function| jQuery object| trans string| friendshipOptionSelector string| friendshipOptionsContainerSelector object| friendShipLoader function| setupUnlimitedScroll function| loadPage function| createModalDialog function| ajaxifyFormSubmit function| setupEditor function| setupEditors function| showSharingIcons function| sendToFriend function| getSharingCounts function| _pinterestCallback function| _gplusCallback function| loadFacebookLib function| getQueryStringValue function| parseUrlParams object| Device function| rateEntry function| updateLikeBox function| setupContentServices function| setupTags function| SubmitCommentForm function| displayModalBox function| prepareAdsZones function| setupLayout function| setupAds function| showHints function| setupSearchControls function| setupEntryControls function| downloadCollection function| setupCollectionControls function| setupMediaPlayer function| displayMediaPlayer function| pauseAllPlayers function| setupContentList function| setupPaging function| ifLoggedIn function| addBookmark function| deleteBookmark function| addEntryToFavourites function| removeEntryFromFavourites function| setupFollowButtons function| showEditEntryDialog boolean| updatingPrayerTime boolean| getFromStorage function| updatePrayerTime function| carouselsRtl object| Session function| setCookie function| getCookie function| setupRelatedEntriesSlider function| setupSpotlightsSlider object| bootbox string| CKEDITOR_BASEPATH string| CKFINDER_BASEPATH object| urlParams string| prayer object| googletag object| ggeac object| google_js_reporting_queue function| introJs undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
pk.login2urchance.tk/ Name: __country
Value: DE
pk.login2urchance.tk/ Name: _ga
Value: GA1.1.1087955608.1682010559
pk.login2urchance.tk/ Name: _gid
Value: GA1.1.1374856681.1682010559
pk.login2urchance.tk/ Name: _gat
Value: 1
.login2urchance.tk/ Name: __gads
Value: ID=a37562e4c6f7836e:T=1682010560:S=ALNI_MbSh_I5P1lO0N5lp6amEkH7V2C5hA
.login2urchance.tk/ Name: __gpi
Value: UID=00000bede22f9ffa:T=1682010560:RT=1682010560:S=ALNI_MZWTRSzJuH-Rth2u1Yw1IN4P2LnYg
.doubleclick.net/ Name: IDE
Value: AHWqTUlVLovXzg7bkU7o-_2jW-xGrlUod9a3pfb7upbBGU6c5RruBX1wFEjp4SUupFY

1 Console Messages

Source Level URL
Text
network error URL: https://media.islamway.net/eid.mp3
Message:
Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8e08ae4a52c53f87e4f18584dc9dd588.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.livechatinc.com
cdn.livechatinc.com
media.islamway.net
pagead2.googlesyndication.com
pk.login2urchance.tk
securepubads.g.doubleclick.net
static.islamway.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
2.20.142.41
23.36.162.25
2606:4700:3034::6815:3ec
2606:4700:3036::ac43:8592
2a00:1450:4001:801::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
061ef5bf650bf5ab7bfbb7a8971eae91a36da1a439d04e70ff9e13d75bb37a1b
16806aa3463360924e266675c24829971b41688dbe9c53a70bd3229bb1d77f7d
17c2bb91d46340cf6b8c4525a1b274e386dc5714a51f88acd8583b39842fdf8e
190c337d5825b94e76175c908b3f4bce9b733afca07385532e9191cf908c7310
1bee359399eab1a49e3f663e7f19c2b976364d1dc10db1f10f3233b1d3314845
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
292ed5be0a0e0e8f3e1f61d04ee2976bb07dca28b8839c58504d43ed185d7ebc
304e742f6f5fc7966f9bfcd85111e2ef5d803908d8c8e270242fde6f3ca20f2d
31222f7b87399d83d8b3fdb3c3aea3d7bc6c783556ed11780b14aed03f75cc31
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
3570eeb37490982dcc59cd8e5c7c48e487cc81b1a17b8d84156972c5556e9685
3709d8c3d8fed7b1dd74479e334b98413c5aaa0b19ec1f04c403bcd16d3c4559
3acaecfa3cdf6c7645cc96311e69cd01a2dd881b920bc825bd70d2d2e9124382
3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9
3f127aa9164c2135b65c42d0d5b73bc8f678634d9a3b41782cc5a442e2065f76
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
43a311a6f281302eac2a35ac97ae1bccf367eea26fe59fe0b67b108bc4297152
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
495b465541fe15dc876629398ea63f33dd05422bf678e1b96518ac282611069b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588adc7d513657679581c105ca7065c9e8c8bc553bb9b3c58494b7715970b568
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6336f491c00c9c7889ac281a06a2f3c304254ba59b7392c25ab919a7efc207fc
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926
67b958dca32a8f64c981c5a85fd5e0d4e3048a935b98944e58f61d06ae853670
697b1d832e73cd1f44fb96fe38541b824f8aa709d87237036d0b0497867b04ac
7173b70aa9161ba695e69822aa94e2c998ecdf08f32317706db2cca8c8f8b60c
76212478859a61a8f8aa39150faa8595dd5040b213d6f16c22d9d38db14f8223
7defb258dbc348b6efa544ca362305a090dd1797842e47e53e7bb944b25a3397
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c3f28e2ebdf55537ac6bc960b35249193a2b52e010c4a9c928bd89cbcbb221
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867f7a43682cd0d3df900ab369b621357bce47722a45de6ce480634844ee86af
8c1bcbe72e2ba55ec08f838b8bca9f1384cf82c67106e47ec7cce664bdb2320b
97ee2467506cc66c6a222870abe54590790cf7808792dfdf3eef724fef855caf
983fdaf2859f2838027e48314c524a81d778ee320e9760b84da9d1bc91738024
a0438ac682774c5732e1c8f2f61c5dbdfc7ac811f09a16cba789c9f08c372585
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
baf40fe23b2b76815ed13c3e0b71c73a17f70e1392bcfbb3d0d33b5e46676c22
bb123b67cb68ab16bef8428564ed48d30babb7b18a59b0a134bc936a21a65615
bda3a2418dd4d69352aa7b233667b08ebcc53d87787a258b0ee66c37518a3678
bfce38d0eea0514bd89cb857510c00208fd12cbdbf8fbdd9b3e27f92f433b523
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
c3d6fc4a7ad75340e3673193cd5b6baef8d6ea79f99992ddd859b2d70a9f08f9
c457d8a04a36a7d5f167d819109289595c71e9e7fd207479291478c222f2af0c
c63493d32c96bfbbb61cd04efc7b6215ceafaedf3a9b14f35770efe25eac3a01
ca43cb745b0905a0932d65ae5c41cc96bbdf664a3b450e5304af02a5f88ec4a6
d03d4c13caa890eab9ed6ce25447a0983fd8fd25b624b6ec9dabd29b148ef82b
d0ff238b352576fb395fc34f290f2403979e35fc97fed54eb2f92427c527c317
d8711a762067499c1684cc4c8881dfb1e8fff706fe413b6dccb605bcebda3872
e17e00d3f7355320b6797b5b693091125748094d5e005c0a9325730634594f8c
e381afcde1bfef25dd32b5eee301fa5565d93087b9938427d277384c5aca19aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a19173e444dc0f49ae56520f7bf6ae876e5dc3bb1230022e00dd184697c9d6
e83e9f71801354ac09eaa6997e45949fd1e530fd13e49a4cdb3fb1ca810971ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef54cbf2d9d5e44594b1bc098bbab1062968d8a283bab94afb7ba0bf8127c537
f32325b414fac16d7b02f331d94d282aa099b76a05607557dd5b2fdeba66f5c7
f3597ddd0e1f7410c7185c4261d2bd66606745e49804541c5047841441b60e04
f665f28bc13bde6289a4e0c7d37a94a93bbbb9f28b1cf5b8a19cd9c8c1aa0edf
ff51f78374f38c805de1ee021c99d30d415aa0c2ea143c03893766860b3b7658
fff3478bc10593b761b9a96fc156e5a4713c02b6b79633e6a274b4c33b52a045