urlscan.io logo urlscan.io
SecurityTrails logo

fescoebill.pk Open in urlscan Pro
2606:4700:3037::ac43:a38c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fescoebill.pk/0.22138318892950082
Effective URL: https://fescoebill.pk/0.22138318892950082
Submission: On August 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 8 countries across 34 domains to perform 129 HTTP transactions. The main IP is 2606:4700:3037::ac43:a38c, located in United States and belongs to CLOUDFLARENET, US. The main domain is fescoebill.pk.
TLS certificate: Issued by WE1 on July 27th 2024. Valid for: 3 months.
This is the only time fescoebill.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 51.89.9.252 16276 (OVH)
1 23.35.236.201 16625 (AKAMAI-AS)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 34.36.214.49 396982 (GOOGLE-CL...)
2 46.4.139.58 24940 (HETZNER-AS)
2 2602:803:c003... 26667 (RUBICONPR...)
4 77.245.57.72 36057 (WEBAIR-IN...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 8.2.110.137 46636 (NATCOWEB)
2 51.38.120.206 16276 (OVH)
1 167.235.37.234 24940 (HETZNER-AS)
2 8.2.109.63 46636 (NATCOWEB)
2 18.202.4.157 16509 (AMAZON-02)
2 157.245.23.44 14061 (DIGITALOC...)
8 2607:4f00:932::2 55081 (24SHELLS)
4 23.88.66.19 24940 (HETZNER-AS)
7 2a01:4f8:2b01... 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2602:803:c002... 26667 (RUBICONPR...)
1 69.173.144.139 26667 (RUBICONPR...)
17 2a00:1450:400... 15169 (GOOGLE)
2 95.101.149.233 16625 (AKAMAI-AS)
1 4 142.250.185.70 15169 (GOOGLE)
1 37.157.5.84 198622 (ADFORM)
1 37.157.4.21 198622 (ADFORM)
1 212.36.83.246 15699 (AS_ADAM A...)
1 2a02:6ea0:c70... 60068 (CDN77 _)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 8.2.110.134 46636 (NATCOWEB)
1 18.245.31.106 16509 (AMAZON-02)
1 1 8.2.110.161 46636 (NATCOWEB)
4 23.227.146.18 55081 (24SHELLS)
1 1 147.75.84.127 54825 (PACKET)
1 1 51.83.220.94 16276 (OVH)
2 2 37.252.171.149 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... ()
1 2a00:1450:400... ()
1 2600:9000:223... ()
129 45
17    2606:4700:3037::ac43:a38c (United States)

ASN13335 (CLOUDFLARENET, US)
fescoebill.pk
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700:3032::6815:1c10 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.profitsence.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700:4400::6812:2ae3 (United States)

ASN13335 (CLOUDFLARENET, US)
profitsence.ams3.cdn.digitaloceanspaces.com
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
topics.authorizedvault.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
2    46.4.139.58 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.58.139.4.46.clients.your-server.de
shb.richaudience.com
2    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.fmlabsonline.com
3    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
2    8.2.110.137 (United States)

ASN46636 (NATCOWEB, US)
ads4.krushmedia.com
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    167.235.37.234 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.234.37.235.167.clients.your-server.de
ghb.adtelligent.com
2    8.2.109.63 (United States)

ASN46636 (NATCOWEB, US)
fmlabs-prebid.smart-hub.io
2    18.202.4.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-4-157.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    157.245.23.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
pb.adsinteractive.com
8    2607:4f00:932::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb1.adtelligent.com
ads19.adtelligent.com
4    23.88.66.19 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.66.88.23.clients.your-server.de
hbe.profitsence.com
7    2a01:4f8:2b01:c26::2 (Germany)

ASN24940 (HETZNER-AS, DE)
ads102.adtelligent.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2602:803:c002:300::36 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad3.rubiconproject.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
17    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    37.157.4.21 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    212.36.83.246 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es
a.vidoomy.com
1    2a02:6ea0:c700::107 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
vpaid.vidoomy.com
4    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
ep2.adtrafficquality.google
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    18.245.31.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-106.fra56.r.cloudfront.net
public.servenobid.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
4    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    147.75.84.127 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: omni-am6-h7mmsm
prebid.a-mo.net
1    51.83.220.94 (Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.radius.technology
a4p.adpartner.pro
2    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:812::2002 (None, )

ASN- ()
ep1.adtrafficquality.google
1    2a00:1450:4001:813::2001 (None, )

ASN- ()
6abffdedb87343d1f0b4c8a8c7c11763.safeframe.googlesyndication.com
1    2600:9000:223f:6600:8:2f57:a180:93a1 (None, )

ASN- ()
static.gamezop.com
Apex Domain
Subdomains		 Transfer
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
6abffdedb87343d1f0b4c8a8c7c11763.safeframe.googlesyndication.com
230 KB
20 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 9029
ghb1.adtelligent.com — Cisco Umbrella Rank: 12563
ads19.adtelligent.com — Cisco Umbrella Rank: 70001
ads102.adtelligent.com
sync.adtelligent.com — Cisco Umbrella Rank: 7131
37 KB
17 fescoebill.pk
fescoebill.pk
214 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
ad.doubleclick.net — Cisco Umbrella Rank: 210
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
224 KB
8 profitsence.com
tags.profitsence.com — Cisco Umbrella Rank: 159597
hbe.profitsence.com
23 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 780
beacon-iad3.rubiconproject.com — Cisco Umbrella Rank: 4913
token.rubiconproject.com — Cisco Umbrella Rank: 694
eus.rubiconproject.com — Cisco Umbrella Rank: 948
2 KB
4 fmlabsonline.com
cpm.fmlabsonline.com — Cisco Umbrella Rank: 502088
936 B
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1081
819 B
3 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 4278
public.servenobid.com — Cisco Umbrella Rank: 9571
1 KB
3 krushmedia.com
ads4.krushmedia.com — Cisco Umbrella Rank: 273682
cs.krushmedia.com — Cisco Umbrella Rank: 4620
600 B
3 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 22538
sync.quantumdex.io — Cisco Umbrella Rank: 9703
508 B
3 gstatic.com
fonts.gstatic.com
45 KB
2 adtrafficquality.google
ep1.adtrafficquality.google
ep2.adtrafficquality.google
19 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
2 KB
2 vidoomy.com
a.vidoomy.com — Cisco Umbrella Rank: 4471
vpaid.vidoomy.com — Cisco Umbrella Rank: 4951
1 KB
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 5039
s1.adform.net — Cisco Umbrella Rank: 13985
26 KB
2 adsinteractive.com
pb.adsinteractive.com — Cisco Umbrella Rank: 311105
667 B
2 smart-hub.io
fmlabs-prebid.smart-hub.io — Cisco Umbrella Rank: 743609
480 B
2 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4920
sync.richaudience.com Failed
487 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
3 KB
2 digitaloceanspaces.com
profitsence.ams3.cdn.digitaloceanspaces.com
272 KB
1 gamezop.com
static.gamezop.com
52 KB
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10851
767 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1162
282 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6850
729 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 449
105 KB
1 openx.net
pa.openx.net — Cisco Umbrella Rank: 5140
1 authorizedvault.com
topics.authorizedvault.com — Cisco Umbrella Rank: 8057
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 855
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
89 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
0 google.com Failed
fundingchoicesmessages.google.com Failed
0 1rx.io Failed
sync.1rx.io — Cisco Umbrella Rank: 741 Failed
129 34
Domain Requested by
17 pagead2.googlesyndication.com ads102.adtelligent.com
ads19.adtelligent.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
fescoebill.pk
17 fescoebill.pk fescoebill.pk
7 ads102.adtelligent.com fescoebill.pk
ads102.adtelligent.com
7 ads19.adtelligent.com fescoebill.pk
ads19.adtelligent.com
4 sync.adtelligent.com
4 ad.doubleclick.net 1 redirects fescoebill.pk
googleads.g.doubleclick.net
4 googleads.g.doubleclick.net fescoebill.pk
ads102.adtelligent.com
ads19.adtelligent.com
pagead2.googlesyndication.com
4 hbe.profitsence.com profitsence.ams3.cdn.digitaloceanspaces.com
4 cpm.fmlabsonline.com profitsence.ams3.cdn.digitaloceanspaces.com
4 onetag-sys.com profitsence.ams3.cdn.digitaloceanspaces.com
4 tags.profitsence.com fescoebill.pk
tags.profitsence.com
3 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
ep2.adtrafficquality.google
3 fonts.gstatic.com fonts.googleapis.com
2 securepubads.g.doubleclick.net tags.profitsence.com
securepubads.g.doubleclick.net
2 ib.adnxs.com 2 redirects
2 eus.rubiconproject.com fescoebill.pk
profitsence.ams3.cdn.digitaloceanspaces.com
2 pb.adsinteractive.com profitsence.ams3.cdn.digitaloceanspaces.com
2 ads.servenobid.com profitsence.ams3.cdn.digitaloceanspaces.com
2 fmlabs-prebid.smart-hub.io profitsence.ams3.cdn.digitaloceanspaces.com
2 ads4.krushmedia.com profitsence.ams3.cdn.digitaloceanspaces.com
2 useast.quantumdex.io profitsence.ams3.cdn.digitaloceanspaces.com
2 fastlane.rubiconproject.com profitsence.ams3.cdn.digitaloceanspaces.com
2 shb.richaudience.com profitsence.ams3.cdn.digitaloceanspaces.com
2 cdn.jsdelivr.net profitsence.ams3.cdn.digitaloceanspaces.com
2 profitsence.ams3.cdn.digitaloceanspaces.com tags.profitsence.com
profitsence.ams3.cdn.digitaloceanspaces.com
1 ep2.adtrafficquality.google securepubads.g.doubleclick.net
1 static.gamezop.com securepubads.g.doubleclick.net
1 6abffdedb87343d1f0b4c8a8c7c11763.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 a4p.adpartner.pro 1 redirects
1 prebid.a-mo.net 1 redirects
1 cm-x.mgid.com 1 redirects
1 public.servenobid.com profitsence.ams3.cdn.digitaloceanspaces.com
1 sync.quantumdex.io profitsence.ams3.cdn.digitaloceanspaces.com
1 cs.krushmedia.com profitsence.ams3.cdn.digitaloceanspaces.com
1 s0.2mdn.net fescoebill.pk
1 vpaid.vidoomy.com ads19.adtelligent.com
1 a.vidoomy.com ads19.adtelligent.com
1 s1.adform.net ads19.adtelligent.com
1 adx.adform.net ads19.adtelligent.com
1 token.rubiconproject.com ads102.adtelligent.com
1 beacon-iad3.rubiconproject.com ads102.adtelligent.com
1 ghb1.adtelligent.com profitsence.ams3.cdn.digitaloceanspaces.com
1 ghb.adtelligent.com profitsence.ams3.cdn.digitaloceanspaces.com
1 pa.openx.net profitsence.ams3.cdn.digitaloceanspaces.com
1 topics.authorizedvault.com profitsence.ams3.cdn.digitaloceanspaces.com
1 ads.pubmatic.com profitsence.ams3.cdn.digitaloceanspaces.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com fescoebill.pk
1 fonts.googleapis.com fescoebill.pk
0 fundingchoicesmessages.google.com Failed securepubads.g.doubleclick.net
0 sync.1rx.io Failed
0 sync.richaudience.com Failed profitsence.ams3.cdn.digitaloceanspaces.com
129 53

This site contains links to these domains. Also see Links.

Domain
www.profitsence.com
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
fescoebill.pk
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
profitsence.com
Cloudflare Inc ECC CA-3		 2024-02-16 -
2024-12-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.ams3.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-19 -
2025-05-07		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
1657490710.rsc.cdn77.org
E5		 2024-08-20 -
2024-11-18		 3 months crt.sh
pa.openx.net
WR3		 2024-07-22 -
2024-10-20		 3 months crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1		 2024-02-14 -
2025-02-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.fmlabsonline.com
AlphaSSL CA - SHA256 - G4		 2024-01-04 -
2025-02-04		 a year crt.sh
quantumdex.io
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
*.krushmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-10-20 -
2024-11-20		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.smart-hub.io
Go Daddy Secure Certificate Authority - G2		 2023-08-06 -
2024-09-06		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2024-03-29 -
2025-04-27		 a year crt.sh
pb.adsinteractive.com
R11		 2024-07-04 -
2024-10-02		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-07-28 -
2024-10-26		 3 months crt.sh
hbe.profitsence.com
E5		 2024-08-11 -
2024-11-09		 3 months crt.sh
ads19.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-07-28 -
2024-10-26		 3 months crt.sh
ads102.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-08-05 -
2024-11-03		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-12-08 -
2025-01-05		 a year crt.sh
adtrafficquality.google
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gamezop.com
Amazon RSA 2048 M03		 2023-12-31 -
2025-01-28		 a year crt.sh

This page contains 24 frames:

Primary Page: https://fescoebill.pk/0.22138318892950082
Frame ID: F67406102AB7627B6ECB3E1975E39705
Requests: 69 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: C5A136802A3AB8BA9BFDF19A2C577654
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: AAFBD0B3437666F55BEA5816351EA1E9
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: 552DA60C2233B319FE7DDFC509A290D6
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 3369F52E7DB4D08809952A68F553390D
Requests: 1 HTTP requests in this frame

Frame: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Frame ID: 1390FDA20D85445A36B33713EFF7F35E
Requests: 5 HTTP requests in this frame

Frame: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Frame ID: 6102A7A355486C39E7F44134351B8C9A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=4167411571&adsafe=medium&client=ca-pub-6579838053286784&format=728x90_as&ip=84.19.175.184&odt=2&output=html&psd=W10=&unviewed_position_start=1&url=https://fescoebill.pk/&sub_client=bidder-xapi:475620:Lr1GBBKtIWnE&hl=de&aceid=MKwdtADtHbQAl-TTAEZbNAGRcDQB0pA0AYWiNAErozQBlaM0AROlNAFfpTQBgaU0AY2lNAG2pTQB1qU0AQemNAEXpjQBGqY0AR-mNAEhpjQBIqY0ASemNAEzpjQBPaY0AU2mNAFYpjQBWaY0AVqmNAFbpjQBXaY0AV-mNAFnpjQBaaY0AXOmNAF0pjQBd6Y0AXumNAF_pjQBh6Y0AUtzQQFTc0EBZjzaAXlX2gHW9ogCCgCJAr4AiQIHAYkCFgGJAigBiQIuAYkCJ0KqAihCqgIrQqoClGqqAoCbqgKBm6oCgpuqAqKoqgL8vKoCv-CqAmT4qgIm-6oCQfuqAlcgqwKEJ6sCVCirAvsrqwLUNqsCJTqrAik6qwItOqsCBEWrAmxKqwLGSqsC13GrAnSBqwLkkasC2J-rAnqlqwL5qasC26urAkKuqwI7r6sCYrKrAha0qwIatKsCJbSrAim0qwLQuqsCjO0FA751JAQFX_cElF_3BNGE9wTWhPcE43quBRx9rgVDfa4FxoiuBeWJrgXviq4FaY2uBQyRrgWwla4FWZeuBS6YrgU1mK4FPZiuBVSYrgWanK4FBZ2uBeydrgVVnq4Fnp6uBdiergVEoa4FuaOuBdenrgVlqK4FxqmuBeCrrgWerK4FrqyuBVGtrgXTra4Feq-uBQKyrgXmsq4FhbOuBcezrgW5t64FhbiuBdW4rgXxuK4FV7muBRG7rgXGu64F7buuBWW8rgVnvK4FT72uBf69rgUIvq4FQr-uBWO_rgUXwK4FM8CuBTbBrgV_wa4FosKuBTjDrgVgw64FcsSuBRjFrgWWxa4FpcWuBa_FrgVOxq4Fa8auBZHGrgXPxq4FnceuBe7HrgUWyK4Fu8iuBf3IrgVFya4FaMmuBYTJrgWyya4FscquBQTLrgUgy64FTcyuBc-0xQXp934SP7H7ElLK-xJZyvsS_QD8Ev8l_BIBJvwSySf8EuIp_BLcKvwSnCv8Ev0r_BIaLPwSqSz8Ei0t_BKZvP8jWwCSKQ&awbid_c=AKAmf-ByfzATK0Fzw5vGc9xmCzGtgDMRX4NOYz-kzNjWyExy90zr1wxrrjuP0Bv6oJtXVAo5nHT52ftTq8ET1fOOkkCFd3XyegTXvQv0bx4B0J_KVqhHb9TEODgDNQVGg0mHObKdsJLBK1qIgPNEHkT2a1RTqeLizs5Z8yvpY_3zFuDJqylfY9uw9ZiftMxTeW50VDBKzAfypNkn5TkE8sQZUUBqnUn2dYPNdJ1Hus0fhjs1JIjm646u3uiSSIhwld4slLEPLAN8QarOUM-wS1CEwYtSvG_x5AuzOOpomxxlKSjbDqrsHnO3GuyYK5-mubXCtn1ItE_aUhJP1ZLa4vDqey6p1TrjQ4XQGim_0yLfI_qJodBeOwqaqQsgXTXIOrIbRZBM-E52uofpXvAMs12n4tmGnOgPh7soc0xCAahEakTr-jfdvv85cnjf0ldQsK22MUrrqg479sbK3IEsCsB0G8cVF9lNYAS5pcGIRz5V___vIuf5p1Db8blHCGro_x4Hc5Si4ad6obhy_iOpd27EU-LE7FBVaaImgkad4IisKfkJBBLMDeUykfN-Pl8939FF4eKrjHZtoSf0gssViuR_AfLN8Zu7_ogSsnuvJu-KiZg732nUkxgxRDW4qQmUxQQquR-52eAsgRLcWoB5hZ3FXaqfsqzqOliynNeTY_ZaXZcsboQWOYCydKsAdpOLdY_LYN9kIUsYFe0SqZYkUE8K0N0ZaAf5YQ&awbid_d=AKAmf-BiJ80jwuj-JQrIyuPP53l8-1IWkF78mHjOGMTHPHsmZpY-EyKP6JxQ9J3G-ecyMZ9Gqv7vZQTD0QmhQ8uOaMkh8PE7VF1UhEojU68Y7TLrKcfQc9TlyCZLH6fuTK8FnnvVUPXjXZ4He0LU2TkBTkIWsct8qOD3_h3QCGWg2V4qjABwB3Bfd2WT2tVfxAjYtQ3KldGNKDsZrGtoNBIb5XJBAOkeP8vKMLusvryEHuZJaG4najZTnFitDrB0wdUn1U7M8XJwEFfUbEvn1uZM6leUWSQSCL6ppjuuW34eJbo826_3S47U_QUW-yzNPiUGBTI0Ci2QAvuO3-NzK_bsI5yB5Sb_L6PGogg2mOqi3Tx7T97OBYP7pTqzZjLZHVR1933vvpNLC_x9Lx4vMil4wPUnoQpsRydWMdMmmqLIYQxYowt3Qg35Fh9abC-3oXspA4rzTJKJwhbu4KvRwl-zbg_puABnCIE9KYYZJz4agJoC7okyq6QxrQbplWT3dNYyQ4dyG8xdnviYkMGNvW5YkNh2P_x_0wmmLzW7MXPcevkmJiINi1xQzoaqL_JfaP9oAKpk4gCM7zDh_J6GV6N5iMJm14qLIfLLeh4eZCjldK0A9FWjMeCLgnCcol0b9M6n2EALXR2idCAqSai66s29bQ38_3_bozMHgC-MUypscFQbdvSJHhBc5rLtaANOW2PA05U7dKjd7RlYiGXpj4NTzI_TS109wjqZSgfSZU3UPDPtmUCNbbxI7xF0ZmEWazYwdL3wmS8sIsT1fJVMpU8A_nKwlMaf6UphJljrwg5UYglHoWKEY3t1SscJvehlE9kxzgfarVJUJsDAO_5eFovvGcnNrEIfYJMdq0QhKHNXccCi2kzduB0vzWIfm-WZ8DXb2RXAz4Z5EWT-Lb-mdg_NivjGdX2nZqFJNF9uE3gDpIRsDeBbxq-VKdo45tIfhiQ1jytwhLYfFWCx_HqQJgynBOgzRHH2cPL1MSuHR5_P2sO48_MeeMQLmGOQQbm8vaBEtnAek38DgpLeLAMvZNoBsIG6uailYnwV1ezwUPl2XfrQYlPim4jQ24genyltW20fcx4hXoc6q4eVFxyhA9g3_0knb3Ou7Xdc9zq8HJtZKwZbno8B623dQUbUry2Ug6bDmhAjkxGoPbak-2RkVRJ2StiPGseIczWQSBwYDEPMwkFMPBfXOu-Uo53fmZJZYUIwEejJJkJ4T3CSbpaLQWvQ4PbhStpmCmEXdqy1AlZSzhcEx13LAT-tWoRdLtP5ykTKqeWean5Q3jgRx7CDlArP-iwLnvZvz6GmrdWl-DUUEE33v4oUsWzmifo8S_zGShtE8R7oh6gCRLOhkADntUAJqK7qisqvc-5ldJySSmxdS_Jen-piTLM&cid=CAQSGwDpaXnfsby3KzHayT_xGKEIB_Jp-lW5um-aOBgB&exk=1602189349&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&a_pr=8:530B42AB63E64A75
Frame ID: 9C83B112D25B4916B7655AFFADD04359
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 8A32F9409DD62DEDDECB608E12AFA470
Requests: 5 HTTP requests in this frame

Frame: https://ads102.adtelligent.com/sync/?aid=859075&gdpr_source=none&refer=https://fescoebill.pk/0.22138318892950082
Frame ID: FF108E0C7996069217CCD0F6561E86FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: 48CD7846197D0DDA9CF5A3E4D78E551E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8OCrmgIwAQ&v=APEucNX38UiVWNCtNlzjQZX4a5-NRiNoAIrfaZEjMk3vfk3f8dYqMoaDJO1eoudwASh9Lyfvwl8NKArH1MmopqejjT1BgROeWfhvcpGFAQV2BJs5u1kUg5o
Frame ID: EB11C57FFF1108667C22AFEE130BE311
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A5EC686ED2A049E89F13078901BD2AC6
Requests: 20 HTTP requests in this frame

Frame: https://ads19.adtelligent.com/sync/?aid=859075&gdpr_source=none&refer=https://fescoebill.pk/0.22138318892950082
Frame ID: C6C33DDDB0A689DF8CFC1E671830166F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ED1E947FA5914064DA8B9A8C23D541D0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1724969299687
Frame ID: 25867774052674EFE9D464266766CF96
Requests: 1 HTTP requests in this frame

Frame: https://cs.krushmedia.com/html?src=pbjs
Frame ID: ACBA132CFD9DAED7A269D44DE4830C64
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 46CD047F64DF8F80682226A8198D1A85
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 9DA72EE0459FBBE474E747C96867F0F4
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5EF0D6568E127DC49190B5537E962727
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4114020762
Frame ID: 07D9EDB87056FAF1445EF1E7E11269CF
Requests: 1 HTTP requests in this frame

Frame: https://6abffdedb87343d1f0b4c8a8c7c11763.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8605C1011E8EF2B3D82B015D21DFEEFF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv23vR6phT1v_uJ9EiDAGbrA2M8H0X3doEN_w40DG8BrRhsUdKd4zsIoQIZXpRWFAQ22kTPTfHQiquerkgBA3O1zJeqgKxwdQY9jfEay4wgsz1MTvmQ_L3VLbRB60Lal51uW4jomZ5vjIQxmAJt5mdR-HQNmi7h-s51J45gDET5OK7Tt8_NVR3L8SMffdLJtZiK5YrNH2mBopIg0jBI_1hON70scpIKwTANhzB_3_28XctFv3EafQg80Fz5lgQb6j7DKJb7jtO3j2rLnE7sLhYLDV6_bu2eJtFv2UN8DW66tYh5Ki0gymsObLmGSkETApBn-Vd2mAybu8Kt8MN_mPfcEdGJUQqVpcPETq8Nq-syfz8OEhNOVRNMmg&sig=Cg0ArKJSzNI7Xz5Kr3pCEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 71EF0AB1F9C1E7DDFF2D6E7C1507634D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 14B8A46C96F221FF99360986CBBED54F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page Not Found - FESCO Bill Online

Page URL History Show full URLs

  1. http://fescoebill.pk/0.22138318892950082 HTTP 307
    https://fescoebill.pk/0.22138318892950082 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

129
Requests

93 %
HTTPS

48 %
IPv6

34
Domains

53
Subdomains

45
IPs

8
Countries

1350 kB
Transfer

3506 kB
Size

54
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fescoebill.pk/0.22138318892950082 HTTP 307
    https://fescoebill.pk/0.22138318892950082 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://ad.doubleclick.net/ddm/trackimp/N1185725.4785604BRSEEDTAG/B32405744.401881248;dc_trk_aid=593533636;dc_trk_cid=220539467;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1185725.4785604BRSEEDTAG/B32405744.401881248;dc_pre=CM2LtrObm4gDFQkmVQgdwZkxJQ;dc_trk_aid=593533636;dc_trk_cid=220539467;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 107
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1724969303461
Request Chain 108
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D358%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26sp%3D859075%26pb%3D754575%26c%3D746141%26a%3D753378%26domain%3Dhttps%3A%2F%2Ffescoebill.pk%2F0.22138318892950082%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%5BUID%5D HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=358&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=746141&a=753378&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=596d37ae-cb3e-4668-a461-778fd159d8d2
Request Chain 109
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D737%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26sp%3D859075%26pb%3D754575%26c%3D747403%26a%3D310531%26domain%3Dhttps%3A%2F%2Ffescoebill.pk%2F0.22138318892950082%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=737&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=747403&a=310531&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=
Request Chain 110
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26sp%3D859075%26pb%3D754575%26c%3D603469%26a%3D307558%26domain%3Dhttps%3A%2F%2Ffescoebill.pk%2F0.22138318892950082%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=603469&a=307558&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=59e491b1-7b71-4134-82b8-b5b2487bf966
Request Chain 111
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26sp%3D859075%26pb%3D754575%26c%3D538100%26a%3D297253%26domain%3Dhttps%3A%2F%2Ffescoebill.pk%2F0.22138318892950082%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Dg%2526ep%253D32%2526traffic_source%253Dsnippet%2526session%253D13EDB51C7DC703F8%2526sp%253D859075%2526pb%253D754575%2526c%253D538100%2526a%253D297253%2526domain%253Dhttps%253A%252F%252Ffescoebill.pk%252F0.22138318892950082%2526gdpr%253D0%2526gdpr_source%253D%2526gdpr_consent%253D%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=32&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=538100&a=297253&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=4817350465720699182

129 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.22138318892950082
fescoebill.pk/
Redirect Chain
  • http://fescoebill.pk/0.22138318892950082
  • https://fescoebill.pk/0.22138318892950082
164 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1cd9e3b29f7ffb01e84725884553256da9b4c5d6b1ebb091dafabd1247e248a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8bafdbd0cb5e9bc8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 22:08:16 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://fescoebill.pk/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQ%2BTBGrVHqtIvZnWrbpZCfUDfTRMGtoPP0xY1xJi3omVx4gcPpCxfrFPVwy2HgBOhpfH4EoKeCR5YRgX04e4JSxFpWvcx6XqAThoccG%2BwKYzV%2B10obMiQT3S1L3Scz8jzfJELK5B1%2FIAokHc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-mh-tag
108139is
x-server-powered-by
Middlehost Optimized Litespeed Server
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://fescoebill.pk/0.22138318892950082
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
fescoebill.pk/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:16 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 23 Jul 2024 18:36:39 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zMF%2BjomsVdS%2F667IIuncwwAPvel%2Fut9QKQFUD6zJMsjSdrRDpC%2FrxoGA1Tblmb8gPJy5EHXUJ9lkfUHJf%2FtxWHYjZzRnc5ITUAoePrB9H1gn7XXPgK0aU152UIVTe7Pk%2F9dCwLiui4dRmsG8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a4c9bc8-FRA
x-mh-tag
108139is
expires
Fri, 29 Aug 2025 22:06:43 GMT
fescobill-public.css
fescoebill.pk/wp-content/plugins/fescobill-Faisal-Malik_1677002796/public/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/plugins/fescobill-Faisal-Malik_1677002796/public/css/fescobill-public.css?ver=1.0.0
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwoaSHQ8A%2FZVQyHz%2BAuBlZAJeQeeEZtyNKap3WA%2FxRBlxmJAGb39eMzcki0yhhTJxaxhr1e2w0oEMiDTSLCvLCXFkpYc9uDHhLI8wLFntzPovVf%2Bh2y04bkQsVrfdWYgwWUSkx%2B%2BNDOe%2B%2BJj"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a4d9bc8-FRA
link
<https://fescoebill.pk/wp-json/>; rel="https://api.w.org/"
x-mh-tag
108139is
expires
Wed, 11 Jan 1984 05:00:00 GMT
global.min.css
fescoebill.pk/wp-content/themes/kadence/assets/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/themes/kadence/assets/css/global.min.css?ver=1.2.7
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52477a8b539ec56f02c48de794616784bf3155d75f2cc0a65a0fc1fe249b515b

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:16 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374703
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Aug 2024 18:48:57 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXt9hQv0T3bLzxRyH88PYvoDWIvvwTaIaCXXAqoWD7ZUT%2BqHtus5HmUYYr9ZaKDY%2BuwXObJtPjgF%2B3%2BD5J5uXsJ6tQVWnTdRQqDO4jDF9%2FfN%2Bq0MKDaXG2eNcpWXAt7Gw%2FgcNpqumigB17OA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a4e9bc8-FRA
x-mh-tag
108139is
expires
Mon, 25 Aug 2025 14:03:13 GMT
header.min.css
fescoebill.pk/wp-content/themes/kadence/assets/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/themes/kadence/assets/css/header.min.css?ver=1.2.7
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:16 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Aug 2024 18:48:57 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Pf2p7ydzlwmWnNrv5HiFN1rdC1CCg5r4Lh1sZFP5mkuZhdF%2BEQLvd88ZBgiDkE5soz9hC12IXNDTnccmbkxm0XkgvUUq609Q8atmhpUFeeqTZmndn%2BEcEhDx4b9fSficnQIaGXGw5MPG6vU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a509bc8-FRA
x-mh-tag
108139is
expires
Fri, 29 Aug 2025 22:06:43 GMT
content.min.css
fescoebill.pk/wp-content/themes/kadence/assets/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/themes/kadence/assets/css/content.min.css?ver=1.2.7
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1238f3c6be9ef32aba35dbc212d0719036f360b827648853c75450897de25ae

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:16 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374703
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Aug 2024 18:48:57 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUpqGrg4G64MS9M5NS0mPa9Ni7p9PBjWLP6k0QBFUeZHgWkXZa8eb6uRoSKXZxpyGGsg%2BQROaIU5ESMsVBkrB62YYqObKy5dTAObd%2BJ0NQYtRVfoahGUh2CrOxEpUFaEQQ6ZJdYLwGw%2BPNLH"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a519bc8-FRA
x-mh-tag
108139is
expires
Mon, 25 Aug 2025 14:03:13 GMT
footer.min.css
fescoebill.pk/wp-content/themes/kadence/assets/css/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.2.7
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:17 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374703
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Aug 2024 18:48:57 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2f7MH%2Bb2rfXLjTr7LhzWbOSpt%2BBHynGk7kbY%2BWV3SEkzO3iLf8m04qaVnPjM0tX7AKwyoGAXwnAJ3o62R91xoLXpCi61F%2BrqOXw7cx85kWLGmAMzWSwiPZ9Ydnkx7Ylr8MSSlFTF4CCHxvLV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a529bc8-FRA
x-mh-tag
108139is
expires
Mon, 25 Aug 2025 14:03:13 GMT
menu-addon.css
fescoebill.pk/wp-content/plugins/kadence-pro/dist/mega-menu/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/plugins/kadence-pro/dist/mega-menu/menu-addon.css?ver=1.0.20
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c591bda21ae07b01f37e9225fadddbb49c83f546605fdb616a4f82137d3193

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:16 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145051
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Feb 2024 17:06:35 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWzLiofIBwNRR4P6WjNv76PCPfehVpQAxdTkpjhCUfGKpoV8GvLCvRJ2Ez5%2FgpR5Yk8ma%2BrGlsD3QyT7Zy96Thuw5rssAJPcamOX3FK2fzZf9wzBZWpKWyPMDr%2FNWAkqOlU3z1cgM33avWZs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a559bc8-FRA
x-mh-tag
108139is
expires
Thu, 28 Aug 2025 05:50:45 GMT
rankmath.min.css
fescoebill.pk/wp-content/themes/kadence/assets/css/ 		76 B
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/themes/kadence/assets/css/rankmath.min.css?ver=1.2.7
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e7fe46985f21532acbf211e6786e09f4c417ca9d0d8d6fc3fb10738c366826

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:16 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Aug 2024 18:48:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTSQd7Z03BwE5gErN1LRzlDJKFGSd2g7rPw8lgaRHkTjmbXDbeEARiM3kjQedzegvZ%2BfTITjZrGJGRQiaaYgtJ9SLqH4VyAdBJUlQfBaJ2gifQE0yrXEYRvBBvDnOVoUNEXHTzS0mtPuGbiR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a569bc8-FRA
x-mh-tag
108139is
expires
Fri, 29 Aug 2025 22:06:43 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular,700%7CPoppins:regular&display=swap
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
094f8b2c2414dcaf6667c1b3a493e80971daaab90c882764e1a267b08c285a77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Aug 2024 22:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:08:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Aug 2024 22:08:17 GMT
FESCO-logo.webp
fescoebill.pk/wp-content/uploads/2023/05/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fescoebill.pk/wp-content/uploads/2023/05/FESCO-logo.webp
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f5fee3825212c7e5f9fb358f431398248fc6feab6f929ff7de27c1823754f0

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:16 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
752257
alt-svc
h3=":443"; ma=86400
content-length
81508
last-modified
Mon, 15 May 2023 16:08:53 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gP3xsg1HQO9gPy%2Fw30%2BCVr99NWH7wje3fuHbUbWRf8%2Fb%2BDkeTKg0ipZjdJ%2B2afbqMytDVTRqndtC5%2Fw%2BanlKCBTZI0lyfb970aPM%2BTdhBi%2BpGUFMbu6GPiZZTdilRg5qhnJxS%2F%2BT%2B8LDiARw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8bafdbda1a579bc8-FRA
x-mh-tag
108139is
expires
Thu, 19 Dec 2024 05:10:39 GMT
style-blocks-iconlist.css
fescoebill.pk/wp-content/plugins/kadence-blocks/dist/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/plugins/kadence-blocks/dist/style-blocks-iconlist.css?ver=3.2.52
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0b3d609fcbaa06df8231cc283e61f3414ca729e3da991cb9780c2f7b0cd8f8

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:17 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 27 Aug 2024 20:37:52 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlPmjuBKo20Im7ooLdzFsGevHLNNe3KSAvOSWabJEAf%2FoFfVv9Nq8jYduJCSqhH0Xb07W7WkhVMU758UpJ4dPH9LzVZ5gZlbXG7oA6GeszMNZscFbQ%2FyESboYZr5Kat8DtsxgYHSkV18TKW%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbda1a599bc8-FRA
x-mh-tag
108139is
expires
Fri, 29 Aug 2025 22:06:43 GMT
rocket-loader.min.js
fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Aug 2024 16:45:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c8bc8d-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtlYD%2Bj2d3BeDbADy%2B%2FS7Vr1fikc9H4UQbdRaoSBHTfLpo%2BCW8z0eyQVLGeLznUADaxM0fahdORylVjTCrzWwWutuW9O05Fe3uedFECAXXtD5rk%2FJFr%2FjcbtOVLo4b%2FQc0mrtgtxEH8WyIiT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8bafdbdcdc049bc8-FRA
expires
Sat, 31 Aug 2024 22:08:17 GMT
lazyload.min.js
fescoebill.pk/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2312842
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 09 Apr 2023 15:45:15 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b92WjHoji%2Btqh92O5d6n7G7LMceQcEuiaCGd9xaoR3RX%2FTZELgRe4G7lif3IKkjrIN%2BkJ2hOOkj5nCVP66gSR1wfs0uiG4ILSLYAqHbkEL51baURqaJyu5e9oaIh0BXqutWb6mEA6PtIfyZk"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbe258049bc8-FRA
x-mh-tag
108139is
expires
Mon, 02 Sep 2024 03:40:56 GMT
navigation.min.js
fescoebill.pk/wp-content/themes/kadence/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.2.7
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a58db20431c5440161f6e8b7e530af816f3d91945912a6cb262ff64942090f

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1737278
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Aug 2024 18:48:57 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M040Gkph8nohQ4h%2BYVFwMbv%2Fh8VDZRvYiRD29Y65C3gX1ll6pOZN2A04HSpZLodPhhNwMQBk03YlPDXIx6yaxeolVY0EnGAxRi95OszV5T5HSvyYZXvdaFpndrwEX4UsCbXfWKHlq6G0laxW"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbe258059bc8-FRA
x-mh-tag
108139is
expires
Sun, 08 Sep 2024 19:33:40 GMT
profitSenceAdRotationV1.js
tags.profitsence.com/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1c10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8cb49f3e2f94dc2521361a4d7b5d6156ed611ba25da3e67921ee5f907b1ef8

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59215
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 31 Mar 2024 07:14:20 GMT
server
cloudflare
etag
W/"e69-66090d4c-cfafb;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qulIjmPcw59oRYNgaM5j2DF8aHFzB5m41zeW9rkefm48MheMEhzafX20woMRaYT0YUwozLc6FHpioMYu7JuPTZ2wPfEkUg8U%2BwnpzpFnEwBBISjO3MZsrqsypaUS6v0cthyanrmgw6RsMY02oq5AApJT6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
8bafdbe2bd201c26-FRA
expires
Thu, 16 May 2024 05:39:18 GMT
js
www.googletagmanager.com/gtag/ 		251 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WV3GS7F
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e14cc6171cb2393ace6710b9fb4359d782d2219e814134c12c8c624c47bdd306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90734
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Aug 2024 22:08:18 GMT
fescobill-public.js
fescoebill.pk/wp-content/plugins/fescobill-Faisal-Malik_1677002796/public/js/ 		838 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-content/plugins/fescobill-Faisal-Malik_1677002796/public/js/fescobill-public.js?ver=1.0.0
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532204
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 21 Feb 2023 18:12:39 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpNauNIu1ucCI%2Fv04eycIq5LI06GvxU0VlXyPSQdGMiM5TY1OYwStiuITBBllK5y3dRUFGcICZH2K3FHoZZe9QdKkcfogUHdS6pgNHkc9OdLHsi3jXahfaQbDNhYeElndHlW4hPZF1XxAyao"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbe258069bc8-FRA
x-mh-tag
108139is
expires
Sun, 22 Sep 2024 18:18:14 GMT
jquery-migrate.min.js
fescoebill.pk/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2310370
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Jun 2023 08:19:24 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOTjSAuXEvnCu4v4Q0Lj04gdu%2BU%2BfaOdECNDJXc2H7vEaQmRtvZPpOj70ambwp224S17Tl0SDC2rIoMA%2FMrXX0%2FTzpYx1kmDxlGVRPb2qli%2FrSlk%2FmTRJNJqvXOl9aGC5tH0XOHjG8MfYEGS"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbe258079bc8-FRA
x-mh-tag
108139is
expires
Mon, 02 Sep 2024 04:22:08 GMT
jquery.min.js
fescoebill.pk/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fescoebill.pk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a38c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://fescoebill.pk/0.22138318892950082
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:18 GMT
x-server-powered-by
Middlehost Optimized Litespeed Server
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2312842
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 28 Aug 2023 19:44:24 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oz5LsD%2B2t4bwU%2FhPw2NIffMWLY3igs5USru9E8Ds5cF3tU6ELFYe9P%2BIbQqLRmQ6cjr5TiMGK%2FGDXz2MkD2aCJvImDoC4sVdxfTZNI57CCMa%2BjI%2BQBUvOWomTYZRlFH%2BEUavsoqKttRknKWU"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8bafdbe258089bc8-FRA
x-mh-tag
108139is
expires
Mon, 02 Sep 2024 03:40:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700%7CPoppins:regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fescoebill.pk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 11:56:25 GMT
x-content-type-options
nosniff
age
36713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 11:56:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700%7CPoppins:regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fescoebill.pk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:21:37 GMT
x-content-type-options
nosniff
age
13601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:21:37 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700%7CPoppins:regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fescoebill.pk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:41:58 GMT
x-content-type-options
nosniff
age
12380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:41:58 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S90S04X0PK&gtm=45Pe48r0v9137351559za200&_p=1724969298503&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZTNiMT&cid=665939844.1724969299&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724969298&sct=1&seg=0&dl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&dt=Page%20Not%20Found%20-%20FESCO%20Bill%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3119
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WV3GS7F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fescoebill.pk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getTags
tags.profitsence.com/API/account/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.profitsence.com:2053/API/account/getTags?adId=ps_ad_rotation_id_7334&adCount=1&countryCode=
Requested by
Host: tags.profitsence.com
URL: https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1c10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
626fd47ae232a10afebd212a10dc7a8602b23d07d9e65c2c0b37448efccf1c87

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"a60-SpWn7OORK/2HHM4T2E5542Z7wss"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9XM7WtoAwLMzBIneZqg7q62qnWANcVT7mm2u88nfKdGoxovnvLsSIebYm3hTJTwXG9Emz4KGhRHgx2Fu3phoy0z1Ryltcve7OlsG6ijqMNeoZFq%2FkJgxgV0oV9%2BUKaZwkIIUWG2wjBy0b7qEwIOkRDjNX3XLHJxD"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8bafdbe46e8218eb-FRA
alt-svc
h3=":2053"; ma=86400
getTags
tags.profitsence.com/API/account/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.profitsence.com:2053/API/account/getTags?adId=ps_ad_rotation_id_7374&adCount=1&countryCode=
Requested by
Host: tags.profitsence.com
URL: https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1c10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c1c1c4d2af15d87ad61015552a2acc8ea7fcfc589b9ea28fc61dedde04cefd0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"ac7-OoAYYWrvumd11YAph1FkE+IU7RA"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EuMhfhODXOnvbnw3RUJ9mK8JF2HkttesNgOcoY0xIyfwyxLmgswlNt7plXu6Kly08kuifgKxpsBe2S3sE63qBWlnQ3ph0sQhHUKvYg3rwJlhKzDBNHIqlm6S70kZnNCRzZ5lgCD5uEY41OEZeKOTKr4ihxb7wo40"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8bafdbe46e8418eb-FRA
alt-svc
h3=":2053"; ma=86400
1_50.js
profitsence.ams3.cdn.digitaloceanspaces.com/user_js/ 		62 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profitsence.ams3.cdn.digitaloceanspaces.com/user_js/1_50.js
Requested by
Host: tags.profitsence.com
URL: https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada24268d02d54ce4026fe898af2b96f3114f271f158aa96b5f90493922454df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx00000e55d96fb3153d2f5-0066cdffc2-6a2ecfbe-ams3c
age
2876
x-envoy-upstream-healthchecked-cluster
last-modified
Tue, 27 Aug 2024 15:48:49 GMT
server
cloudflare
etag
W/"2659b5eea5efddd2edd5aaa6b571253f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
66d39f91-a14d-4512-b716-9cb06a8acc40
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
8bafdbe77d1fd2a0-FRA
Favicon.png
tags.profitsence.com/assets/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.profitsence.com/assets/images/Favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1c10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa95a62ad656303cd06f0c147e32015b8dcc9988efb6a6d97bedf96df0bf1d6d

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58480
alt-svc
h3=":443"; ma=86400
content-length
15327
last-modified
Tue, 19 Mar 2024 08:46:49 GMT
server
cloudflare
etag
"3bdf-65f950f9-cfb0f;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozd1gtLBwx9rEybgQ%2BTfgEZcvB9Ez%2FLCNM%2BksbPVGYLzyY4OassvQZsW%2F7JP5wGOAvzPXrf86c53c0d6Aln0NJxzRN15WbrawcWy5RxPRdncK5de0Us1EkhOgbVTPfvctF6XahWt2vhcnkaFnR%2FsPwaqkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bafdbe718c41c26-FRA
expires
Thu, 16 May 2024 05:39:33 GMT
prebid_1.js
profitsence.ams3.cdn.digitaloceanspaces.com/ 		806 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/user_js/1_50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e8b3076f87d8094e1e1f0453947b36cc0389786e537e151d031d1c1142cbea5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000003957c94fff64df3d-0066cdf9d5-6a2f6bee-ams3c
age
480
x-envoy-upstream-healthchecked-cluster
content-length
269902
last-modified
Tue, 27 Aug 2024 15:47:58 GMT
server
cloudflare
etag
"1b204c9119994b463ef9edc1f60fffd3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
66d39f91-a14d-4512-b716-9cb06a8acc40
x-rgw-object-type
Normal
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8bafdbe7ddfed2a0-FRA
freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 		14 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34792
x-jsd-version
1.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1087
x-served-by
cache-fra-eddf8230153-FRA, cache-lga21959-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIwmYXQQtZ%2FiwwDI8Vwck8snYnIW40ff0GqFmmMykT4I1v4%2BICRYIpSueuxGFVyYcr09Oo3PLMiK6FeI4ZUtaiMvAUD6P8sf82r%2FLf2b73DFUKYBcDkC7Et7S5wUkWAoA1RMmYb7yV0SJKx0xIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bafdbe9c8099267-FRA
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240830
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685330a10cecd87d7ce2f665a647f534fa8a1cdf83b6aa07152c32cc4de3f233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22049
x-jsd-version
1.0.2163
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
686
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21936-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-nnEfXgE7t8Qpnyc5H01b/1sV+rw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuUWS2bdxXqQwH75jLx0U7CnvP1akC3qqPQS3EU%2BqdL6o%2FTuziprquW9PS6cakyBDvs%2F4soCOO2bDz7BPNGlzny%2FU%2F%2BwnxBboiamTeLlvmF%2F66fzLis%2BuVKrzuIQz8fq5BoLIyiHzY7kPMJnNKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bafdbe9c8079267-FRA
topicsapi.html
onetag-sys.com/static/ Frame C5A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
public, max-age=2628000, immutable
content-encoding
gzip
content-length
566
content-type
text/html
expires
Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security
max-age=15552000
vary
accept-encoding
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame AAFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=172720
content-encoding
gzip
content-length
859
content-type
text/html
date
Thu, 29 Aug 2024 22:08:19 GMT
expires
Sat, 31 Aug 2024 22:06:59 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topicsapi.html
topics.authorizedvault.com/ Frame 552D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-type
text/html
date
Thu, 29 Aug 2024 22:08:19 GMT
etag
W/"b1da2234a554ee8bc6519a75d88402d9"
expires
Sun, 07 Jan 2024 22:30:26 GMT
last-modified
Mon, 26 Jun 2023 15:39:25 GMT
server
CDN77-Turbo
vary
Accept-Encoding
via
1.1 google
x-77-age
347840
x-77-cache
HIT
x-77-nzt
EgwBqZb/swH3wE4FAAwB1GY4EQH3SasAAA
x-77-nzt-ray
f88df72e441248a953f1d0669179d222
x-77-pop
frankfurtDE
x-accel-date
1724621459
x-accel-date-max
1722246104
x-accel-expires
@1725226259
x-age
347840
x-cache
HIT
x-goog-generation
1687793965818864
x-goog-hash
crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1404
x-guploader-uploadid
ABPtcPoZDS7_aCon-JVvX7xEB5qiduXohRxhaUJEcurJnHQA4lh4mfE-NaoMpM1Avb2HKdtYrSbrQ63T
topics_frame.html
pa.openx.net/ Frame 3369 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1635
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Thu, 29 Aug 2024 21:41:04 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AHxI1nMwprfmrzJOpL33xdx2kqNM5b1ZchisPymbNNlr24aj3kef8uWL3igjW8Cy7bfPOiAyfxY
/
shb.richaudience.com/hb/ 		0
244 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.4.139.58 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.58.139.4.46.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://fescoebill.pk
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
708 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=544352&zone_id=3382860&size_id=2&alt_size_ids=1%2C43%2C44&rp_schain=1.0,1!headbidder.net,50,1,,,!profitsence.com,24049,1,,,&rf=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&tg_i.domain=fescoebill.pk&tg_i.page=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&tg_i.pbadslot=container_193&tk_flint=pbjs_lite_v8.37.0&x_source.tid=01653c38-8186-42c3-8110-fc0653bad234&l_pb_bid_id=4c4941f74a35eb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4eb56e0b-48ef-4857-ad37-59a224f3a6f1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.24722461939172558
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3bb8de05ba4d1c59af1131502e7849cbf498b51e37d1156fa8152fdacea9d3c2

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
cpm.fmlabsonline.com/ 		0
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.fmlabsonline.com/hb?zone=220420&v=1.6
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://fescoebill.pk
Date
Thu, 29 Aug 2024 22:08:19 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
pbjs
useast.quantumdex.io/auction/ 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
access-control-allow-credentials
true
cf-ray
8bafdbea787c18ff-FRA
alt-svc
h3=":443"; ma=86400
/
ads4.krushmedia.com/ 		2 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads4.krushmedia.com/?c=rtb&m=hb
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.110.137 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
22
prebid-request
onetag-sys.com/ 		15 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
ghb.adtelligent.com/v2/auction/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Adtelligent /
Resource Hash
871abe96cba6258aaaeed180be2dacff82f80926e871689d59568a5b9e8a8c5a

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1526
pbjs
fmlabs-prebid.smart-hub.io/ 		2 B
240 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fmlabs-prebid.smart-hub.io/pbjs
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.109.63 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://fescoebill.pk
Date
Thu, 29 Aug 2024 22:08:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
hb
cpm.fmlabsonline.com/ 		0
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.fmlabsonline.com/hb?zone=216038&v=1.6
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://fescoebill.pk
Date
Thu, 29 Aug 2024 22:08:19 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
adreq
ads.servenobid.com/ 		393 B
584 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2822
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.4.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-4-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d09beb912fd7a0e9445b3daec101694d3bc19cfce5319149bf8fac1859e4638c

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
pb.adsinteractive.com/ 		31 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb.adsinteractive.com/prebid
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.23.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8b97290ad5d74ba3e8bfa06289b687419c5c300996aeb8a72153a143490f3b11
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://fescoebill.pk
date
Thu, 29 Aug 2024 22:08:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
31
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
pbjs
fmlabs-prebid.smart-hub.io/ 		2 B
240 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fmlabs-prebid.smart-hub.io/pbjs
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.109.63 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://fescoebill.pk
Date
Thu, 29 Aug 2024 22:08:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
/
ghb1.adtelligent.com/v2/auction/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9b9184e44352a435fb800eea477d867071a5a2c227e883e56d664cb35dae7530

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1518
hb
cpm.fmlabsonline.com/ 		0
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.fmlabsonline.com/hb?zone=220420&v=1.6
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://fescoebill.pk
Date
Thu, 29 Aug 2024 22:08:19 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		369 B
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=544352&zone_id=3382860&size_id=19&alt_size_ids=43%2C44&rp_schain=1.0,1!headbidder.net,50,1,,,!profitsence.com,24049,1,,,&rf=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&tg_i.domain=fescoebill.pk&tg_i.page=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&tg_i.pbadslot=container_196&tk_flint=pbjs_lite_v8.37.0&x_source.tid=b59650c2-a39b-46be-8f02-d18174fa7242&l_pb_bid_id=325013edd14ff13&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ae57b462-aa6d-45fa-966d-c29f89f92dc4&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.7833327664783314
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3334e8742abf81987478eeaba81a9ae71aaf6e9197255f8e8ac54b6c49474c8

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
369
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
shb.richaudience.com/hb/ 		0
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.4.139.58 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.58.139.4.46.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://fescoebill.pk
access-control-allow-credentials
true
adreq
ads.servenobid.com/ 		393 B
583 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1301
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.4.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-4-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5346dbddf633cd4b51f84a6fe01e91911bd96b2a1daddee95485206dcee5c701

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
pb.adsinteractive.com/ 		31 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb.adsinteractive.com/prebid
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.23.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8b97290ad5d74ba3e8bfa06289b687419c5c300996aeb8a72153a143490f3b11
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://fescoebill.pk
date
Thu, 29 Aug 2024 22:08:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
31
content-type
application/json
pbjs
useast.quantumdex.io/auction/ 		0
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 29 Aug 2024 22:08:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://fescoebill.pk
access-control-allow-credentials
true
cf-ray
8bafdbea787f18ff-FRA
alt-svc
h3=":443"; ma=86400
/
ads4.krushmedia.com/ 		2 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads4.krushmedia.com/?c=rtb&m=hb
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.110.137 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
22
hb
cpm.fmlabsonline.com/ 		0
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.fmlabsonline.com/hb?zone=216038&v=1.6
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://fescoebill.pk
Date
Thu, 29 Aug 2024 22:08:19 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
statistics
hbe.profitsence.com/ 		0
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe.profitsence.com/statistics
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/user_js/1_50.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.88.66.19 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.66.88.23.clients.your-server.de
Software
nginx/1.25.5 / PHP/8.3.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
nginx/1.25.5
X-Powered-By
PHP/8.3.7
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads19.adtelligent.com/display/ Frame 1390 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
78b01b30cc7bdfab7c20fd00abc22e4f1a43474be31f75af65f87f7d9040108d

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
13617
statistics
hbe.profitsence.com/ 		0
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe.profitsence.com/statistics
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/user_js/1_50.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.88.66.19 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.66.88.23.clients.your-server.de
Software
nginx/1.25.5 / PHP/8.3.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
nginx/1.25.5
X-Powered-By
PHP/8.3.7
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
statistics
hbe.profitsence.com/ 		0
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe.profitsence.com/statistics
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/user_js/1_50.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.88.66.19 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.66.88.23.clients.your-server.de
Software
nginx/1.25.5 / PHP/8.3.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
nginx/1.25.5
X-Powered-By
PHP/8.3.7
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads102.adtelligent.com/display/ Frame 6102 		26 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:2b01:c26::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
3fe124e19159b1cf9a9326df2e07b7e9426438efb7b7f0142464220ad0d0c5a8

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
12320
statistics
hbe.profitsence.com/ 		0
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe.profitsence.com/statistics
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/user_js/1_50.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.88.66.19 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.66.88.23.clients.your-server.de
Software
nginx/1.25.5 / PHP/8.3.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
nginx/1.25.5
X-Powered-By
PHP/8.3.7
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sync.js
ads102.adtelligent.com/ Frame 6102 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads102.adtelligent.com/sync.js?aid=859075
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:2b01:c26::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
0532c19d9bf8e8441612eda0f55a8acbe5196f9a2000b49c6033322b54c4f3d9

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
897
campaign
ads102.adtelligent.com/tracking/ Frame 6102 		43 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads102.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=42EDBE63B9B855AE&cmpId=709115&aid=859075&i_top_domain=https%3A%2F%2Ffescoebill.pk&event=1
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:2b01:c26::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads102.adtelligent.com/tracking/ Frame 6102 		43 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads102.adtelligent.com/tracking/campaign?code=0&adid=42EDBE63B9B855AE&cmpId=709115&aid=859075&i_top_domain=https%3A%2F%2Ffescoebill.pk&event=1
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:2b01:c26::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
adfetch
googleads.g.doubleclick.net/pagead/ Frame 9C83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=4167411571&adsafe=medium&client=ca-pub-6579838053286784&format=728x90_as&ip=84.19.175.184&odt=2&output=html&psd=W10=&unviewed_position_start=1&url=https://fescoebill.pk/&sub_client=bidder-xapi:475620:Lr1GBBKtIWnE&hl=de&aceid=MKwdtADtHbQAl-TTAEZbNAGRcDQB0pA0AYWiNAErozQBlaM0AROlNAFfpTQBgaU0AY2lNAG2pTQB1qU0AQemNAEXpjQBGqY0AR-mNAEhpjQBIqY0ASemNAEzpjQBPaY0AU2mNAFYpjQBWaY0AVqmNAFbpjQBXaY0AV-mNAFnpjQBaaY0AXOmNAF0pjQBd6Y0AXumNAF_pjQBh6Y0AUtzQQFTc0EBZjzaAXlX2gHW9ogCCgCJAr4AiQIHAYkCFgGJAigBiQIuAYkCJ0KqAihCqgIrQqoClGqqAoCbqgKBm6oCgpuqAqKoqgL8vKoCv-CqAmT4qgIm-6oCQfuqAlcgqwKEJ6sCVCirAvsrqwLUNqsCJTqrAik6qwItOqsCBEWrAmxKqwLGSqsC13GrAnSBqwLkkasC2J-rAnqlqwL5qasC26urAkKuqwI7r6sCYrKrAha0qwIatKsCJbSrAim0qwLQuqsCjO0FA751JAQFX_cElF_3BNGE9wTWhPcE43quBRx9rgVDfa4FxoiuBeWJrgXviq4FaY2uBQyRrgWwla4FWZeuBS6YrgU1mK4FPZiuBVSYrgWanK4FBZ2uBeydrgVVnq4Fnp6uBdiergVEoa4FuaOuBdenrgVlqK4FxqmuBeCrrgWerK4FrqyuBVGtrgXTra4Feq-uBQKyrgXmsq4FhbOuBcezrgW5t64FhbiuBdW4rgXxuK4FV7muBRG7rgXGu64F7buuBWW8rgVnvK4FT72uBf69rgUIvq4FQr-uBWO_rgUXwK4FM8CuBTbBrgV_wa4FosKuBTjDrgVgw64FcsSuBRjFrgWWxa4FpcWuBa_FrgVOxq4Fa8auBZHGrgXPxq4FnceuBe7HrgUWyK4Fu8iuBf3IrgVFya4FaMmuBYTJrgWyya4FscquBQTLrgUgy64FTcyuBc-0xQXp934SP7H7ElLK-xJZyvsS_QD8Ev8l_BIBJvwSySf8EuIp_BLcKvwSnCv8Ev0r_BIaLPwSqSz8Ei0t_BKZvP8jWwCSKQ&awbid_c=AKAmf-ByfzATK0Fzw5vGc9xmCzGtgDMRX4NOYz-kzNjWyExy90zr1wxrrjuP0Bv6oJtXVAo5nHT52ftTq8ET1fOOkkCFd3XyegTXvQv0bx4B0J_KVqhHb9TEODgDNQVGg0mHObKdsJLBK1qIgPNEHkT2a1RTqeLizs5Z8yvpY_3zFuDJqylfY9uw9ZiftMxTeW50VDBKzAfypNkn5TkE8sQZUUBqnUn2dYPNdJ1Hus0fhjs1JIjm646u3uiSSIhwld4slLEPLAN8QarOUM-wS1CEwYtSvG_x5AuzOOpomxxlKSjbDqrsHnO3GuyYK5-mubXCtn1ItE_aUhJP1ZLa4vDqey6p1TrjQ4XQGim_0yLfI_qJodBeOwqaqQsgXTXIOrIbRZBM-E52uofpXvAMs12n4tmGnOgPh7soc0xCAahEakTr-jfdvv85cnjf0ldQsK22MUrrqg479sbK3IEsCsB0G8cVF9lNYAS5pcGIRz5V___vIuf5p1Db8blHCGro_x4Hc5Si4ad6obhy_iOpd27EU-LE7FBVaaImgkad4IisKfkJBBLMDeUykfN-Pl8939FF4eKrjHZtoSf0gssViuR_AfLN8Zu7_ogSsnuvJu-KiZg732nUkxgxRDW4qQmUxQQquR-52eAsgRLcWoB5hZ3FXaqfsqzqOliynNeTY_ZaXZcsboQWOYCydKsAdpOLdY_LYN9kIUsYFe0SqZYkUE8K0N0ZaAf5YQ&awbid_d=AKAmf-BiJ80jwuj-JQrIyuPP53l8-1IWkF78mHjOGMTHPHsmZpY-EyKP6JxQ9J3G-ecyMZ9Gqv7vZQTD0QmhQ8uOaMkh8PE7VF1UhEojU68Y7TLrKcfQc9TlyCZLH6fuTK8FnnvVUPXjXZ4He0LU2TkBTkIWsct8qOD3_h3QCGWg2V4qjABwB3Bfd2WT2tVfxAjYtQ3KldGNKDsZrGtoNBIb5XJBAOkeP8vKMLusvryEHuZJaG4najZTnFitDrB0wdUn1U7M8XJwEFfUbEvn1uZM6leUWSQSCL6ppjuuW34eJbo826_3S47U_QUW-yzNPiUGBTI0Ci2QAvuO3-NzK_bsI5yB5Sb_L6PGogg2mOqi3Tx7T97OBYP7pTqzZjLZHVR1933vvpNLC_x9Lx4vMil4wPUnoQpsRydWMdMmmqLIYQxYowt3Qg35Fh9abC-3oXspA4rzTJKJwhbu4KvRwl-zbg_puABnCIE9KYYZJz4agJoC7okyq6QxrQbplWT3dNYyQ4dyG8xdnviYkMGNvW5YkNh2P_x_0wmmLzW7MXPcevkmJiINi1xQzoaqL_JfaP9oAKpk4gCM7zDh_J6GV6N5iMJm14qLIfLLeh4eZCjldK0A9FWjMeCLgnCcol0b9M6n2EALXR2idCAqSai66s29bQ38_3_bozMHgC-MUypscFQbdvSJHhBc5rLtaANOW2PA05U7dKjd7RlYiGXpj4NTzI_TS109wjqZSgfSZU3UPDPtmUCNbbxI7xF0ZmEWazYwdL3wmS8sIsT1fJVMpU8A_nKwlMaf6UphJljrwg5UYglHoWKEY3t1SscJvehlE9kxzgfarVJUJsDAO_5eFovvGcnNrEIfYJMdq0QhKHNXccCi2kzduB0vzWIfm-WZ8DXb2RXAz4Z5EWT-Lb-mdg_NivjGdX2nZqFJNF9uE3gDpIRsDeBbxq-VKdo45tIfhiQ1jytwhLYfFWCx_HqQJgynBOgzRHH2cPL1MSuHR5_P2sO48_MeeMQLmGOQQbm8vaBEtnAek38DgpLeLAMvZNoBsIG6uailYnwV1ezwUPl2XfrQYlPim4jQ24genyltW20fcx4hXoc6q4eVFxyhA9g3_0knb3Ou7Xdc9zq8HJtZKwZbno8B623dQUbUry2Ug6bDmhAjkxGoPbak-2RkVRJ2StiPGseIczWQSBwYDEPMwkFMPBfXOu-Uo53fmZJZYUIwEejJJkJ4T3CSbpaLQWvQ4PbhStpmCmEXdqy1AlZSzhcEx13LAT-tWoRdLtP5ykTKqeWean5Q3jgRx7CDlArP-iwLnvZvz6GmrdWl-DUUEE33v4oUsWzmifo8S_zGShtE8R7oh6gCRLOhkADntUAJqK7qisqvc-5ldJySSmxdS_Jen-piTLM&cid=CAQSGwDpaXnfsby3KzHayT_xGKEIB_Jp-lW5um-aOBgB&exk=1602189349&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&a_pr=8:530B42AB63E64A75
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
42636
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 22:08:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 8A32 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
191d322070fee3066ad485aa9d0dc57f13ed4ebab4bd6e26d01999a14a5a5c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 21:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
1708
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3329
x-xss-protection
0
server
cafe
etag
4989876559509746863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 22:39:52 GMT
301c8720-f306-41ab-ab0f-49b4c548fdb4
beacon-iad3.rubiconproject.com/beacon/d/ Frame 8A32 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad3.rubiconproject.com/beacon/d/301c8720-f306-41ab-ab0f-49b4c548fdb4?oo=0&accountId=20086&siteId=475620&zoneId=2822914&sizeId=2&e=6A1E40E384DA563BF90C46731CDCDF5C99E33EA16FCFB915DA458926A7F2F66AE4A003249E5C11522A5830B621AA9C94E71445C2D11CB4085360959110A68628E6920CFB4F5750965E483244A68E6DC0E0DC6BBDD9D42D5D028ABD6A872214678590FF1E56EE85ECB90865B4E94A5A4EBE503A4219C1C7A608ACC56447456923FCE561E25D52BF61FC3BE8685EBA97EBDC850839459EEB16725FB110929BDA74E8A77AC899907C49B4093BDD77438B8518E2DFC4F99A51C4A90E819CBE0D2CA0
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::36 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 8A32 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=M0FU6M9L-1U-DEK5
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
campaign
ads102.adtelligent.com/tracking/ Frame 8A32 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads102.adtelligent.com/tracking/campaign?event=2011adid=42EDBE63B9B855AE
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:2b01:c26::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A32 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-BJgp_nWKYQ4XNUin3gl2Rn9wP2dx1my_Yq-tl68teofNtcJAQCR9Nn66yNvYHv5GPMZX7CPmMC45G4ykKxhw1tPC7CF_ilowsIicgIq6vjS8n-UWw&pr=8:530B42AB63E64A75
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression
ads102.adtelligent.com/tracking/ Frame 6102 		43 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads102.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=709115&nestedLevel=0&tti=undefined&ttiFromStart=165&isHeadless=false&adid=42EDBE63B9B855AE&aid=859075&i_top_domain=https%3A%2F%2Ffescoebill.pk
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/display/?adid=42EDBE63B9B855AE&aid=859075&cb=1724969300337
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:2b01:c26::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:19 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
ads102.adtelligent.com/sync/ Frame FF10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads102.adtelligent.com/sync/?aid=859075&gdpr_source=none&refer=https://fescoebill.pk/0.22138318892950082
Requested by
Host: ads102.adtelligent.com
URL: https://ads102.adtelligent.com/sync.js?aid=859075
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:2b01:c26::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://fescoebill.pk
Connection
Keep-Alive
Content-Length
0
Date
Thu, 29 Aug 2024 22:08:19 GMT
Permissions-Policy
browsing-topics=()
Server
Adtelligent
X-Robots-Tag
noindex
usync.html
eus.rubiconproject.com/ Frame 48CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 22:08:20 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync.js
ads19.adtelligent.com/ Frame 1390 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads19.adtelligent.com/sync.js?aid=859075
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
47bfd42bf474e3918ff8a6cce4a7767b5cd54aec4687c5d387929379ba24220a

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
896
campaign
ads19.adtelligent.com/tracking/ Frame 1390 		43 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads19.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=13EDB51C7DC6E7B8&cmpId=632122&aid=859075&i_top_domain=https%3A%2F%2Ffescoebill.pk&event=1
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads19.adtelligent.com/tracking/ Frame 1390 		43 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads19.adtelligent.com/tracking/campaign?code=0&adid=13EDB51C7DC6E7B8&cmpId=632122&aid=859075&i_top_domain=https%3A%2F%2Ffescoebill.pk&event=1
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame EB11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8OCrmgIwAQ&v=APEucNX38UiVWNCtNlzjQZX4a5-NRiNoAIrfaZEjMk3vfk3f8dYqMoaDJO1eoudwASh9Lyfvwl8NKArH1MmopqejjT1BgROeWfhvcpGFAQV2BJs5u1kUg5o
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 22:08:20 GMT
expires
Thu, 29 Aug 2024 22:08:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A5EC 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40b3b4542e4d05f6bbd68e7eba6d424abffd64fb9cc3ba8c8c9c932f088c787a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39061
x-xss-protection
0
server
cafe
etag
7604220631266208939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 22:08:20 GMT
B32405744.401881248;dc_pre=CM2LtrObm4gDFQkmVQgdwZkxJQ;dc_trk_aid=593533636;dc_trk_cid=220539467;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc...
ad.doubleclick.net/ddm/trackimp/N1185725.4785604BRSEEDTAG/ Frame A5EC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1185725.4785604BRSEEDTAG/B32405744.401881248;dc_trk_aid=593533636;dc_trk_cid=220539467;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1185725.4785604BRSEEDTAG/B32405744.401881248;dc_pre=CM2LtrObm4gDFQkmVQgdwZkxJQ;dc_trk_aid=593533636;dc_trk_cid=220539467;ord=[timestamp];dc_lat=;dc_rdid=;ta...
42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1185725.4785604BRSEEDTAG/B32405744.401881248;dc_pre=CM2LtrObm4gDFQkmVQgdwZkxJQ;dc_trk_aid=593533636;dc_trk_cid=220539467;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"628892272":"0x2458d26d059cca5a0000000000000000","628892273":"0xfd2408cceffb82ad0000000000000000","628892274":"0xb56950451672fad10000000000000000","628892275":"0x26a95b7961fc0dee0000000000000000"},"debug_key":"7825447814421675447","debug_reporting":true,"destination":["https://iberdrola.es","https://curenergia.es","https://debugconversiondomain1.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"1296000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["10100536"]},"max_event_level_reports":2,"priority":"0","source_event_id":"14598887837214027713"}
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1185725.4785604BRSEEDTAG/B32405744.401881248;dc_pre=CM2LtrObm4gDFQkmVQgdwZkxJQ;dc_trk_aid=593533636;dc_trk_cid=220539467;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx.adform.net/adx/ssp/imp/ Frame A5EC 		35 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.adform.net/adx/ssp/imp/?data=AnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&ord=253646
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame A5EC 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.4.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:20 GMT
content-encoding
gzip
last-modified
Wed, 21 Feb 2024 07:50:31 GMT
server
nginx
x-amz-request-id
tx000002b7390ad327108df-0066b49e89-3299fc16-default
etag
W/"c76783d3ccb9fea77db45d3144fba1cc"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
imp
a.vidoomy.com/api/rtbserver/ Frame A5EC 		9 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/imp?q=YWRfdHlwZT1EaXNwbGF5JmFkb21haW49c2VlZHRhZy5jb20mYmlkZmxvb3I9MC4wMzk2ODI1Mzk2ODI1Mzk2OSZjPURFJmNvbm49b3J0YiZjcmlkPTU5MjExMzc3NiZkX2dyb3NzPTAuMDg2MTQzMzk5NTczMjc0MjcmZGVhbD0mZG9tYWluPWZlc2NvZWJpbGwucGsmZHQ9MiZlbmRwb2ludD1BZEZvcm0mZW52PVdlYiZnZHByPTAmZ2RwcmNzPTAmaWZhPTAmb2IxPVFXUkdiM0p0Jm9iMj1WbWxrYjI5dGVTQk5ZWEpyWlhRZ1VHeGhZMlUlM0Qmb2IzPU1DNHdOakF6TURBek56azNNREV5T1RFNU9EUSUzRCZvYjQ9TUM0eE1qTXdOakU1T1Rrek9UQXpPVEU0TWclM0QlM0Qmb3M9TGludXgmcD1hZHRlbGxpZ2VudCZwX2lkPTIyNTIzNjkmcHViU3luYz0wJnJzaXplPTMwMCUyQTI1MCZzPTE3Mjc5JnNlYXQ9YWRmJnNpemU9MzAwJTJBNTAmc3NwX2dyb3NzPTAuMDg2MTQzMzk5NTczMjc0Mjcmc3NwaWQ9NjIxODMmc3luYz0wJnppZD0xNzI3OQ==&j=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbXBfdHRsIjoxNzI0OTcyOTAwMDM2fQ.dmltsRFdgYQcXtslE197ey1Y_vsdGpzPrPazWPQWDw8&source=barcelona
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:21 GMT
Server
nginx
Connection
keep-alive
Content-Length
9
Content-Type
application/json
mesure.js
vpaid.vidoomy.com/jsads/ Frame A5EC 		870 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/jsads/mesure.js
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::107 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
aa93a4b21551c063d1f367d6a165f48dd3c64176902fb94b3fb5123145ba5bff

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 29 Aug 2024 22:08:20 GMT
content-encoding
gzip
x-amz-request-id
tx000009f48b874c16b9fbf-0065f9f2e2-2730a77-prg
x-accel-date-max
1722335592
x-77-cache
HIT
x-cache
HIT
x-amz-storage-class
STANDARD
x-age
611400
x-accel-date
1724357900
x-77-nzt
A8/T0xk3Nzf/SFQJACUTwi43Nzf/esgAAG09Wg3EqOQA
x-accel-expires
@1725394672
x-77-age
611400
last-modified
Tue, 26 Dec 2023 20:43:39 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1703618758/ctime:1703618759/gid:1000/gname:federicoi/md5:fae919767dd7e6c6278536fc4d0c9125/mode:33204/mtime:1703618759/uid:1000/uname:federicoi
etag
W/"fae919767dd7e6c6278536fc4d0c9125"
x-77-nzt-ray
43862e2456bfe8fa54f1d0664f89cd36
vary
Accept-Encoding
content-type
text/plain
x-rgw-object-type
Normal
access-control-allow-credentials
true
campaign
ads19.adtelligent.com/tracking/ Frame A5EC 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads19.adtelligent.com/tracking/campaign?event=2011adid=13EDB51C7DC6E7B8
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame A5EC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DH974ZMznW0pCWXnoZoDmMXNUZ9AomS0nxVK27XXRU9ovAWWbMaTgvHaEv_9b6so2hqS9019SEglLmCpMyLJowrvOSs4kaG3Oevcjs4s3yN99d4uI
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression
ads19.adtelligent.com/tracking/ Frame 1390 		43 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads19.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=632122&nestedLevel=0&tti=undefined&ttiFromStart=479&isHeadless=false&adid=13EDB51C7DC6E7B8&aid=859075&i_top_domain=https%3A%2F%2Ffescoebill.pk
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/display/?adid=13EDB51C7DC6E7B8&aid=859075&cb=1724969300291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:20 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://fescoebill.pk
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame A5EC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9052457556623&version=m202408260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A5EC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9052457556623&version=m202408260101&ct=2&x=63&cor=2505791405880454700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A5EC 		85 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5dHcoqTgm7yaAMuZdgBesA4n4rCgH0_11foN3F6j3CQQSKNj17h7TALfwgm1p6K2vAZVzbKa8yN2ri-UuxDbO6TzuAsdsjGDZim5s1QK2VKsHjKiDgQEnviR52Aai6-nbVDBu3P5xoJCVb-L_Gmd78l62M9Rfn-U7PXuUb0RvS8WExZ5b87pZnBKbZX-v--xVtD0aZAuJQ5AzIHUzbCJjqxoisl-aIE7tqLPAWtfu_8NQA8I&cry=1&dbm_d=AKAmf-C-cV5RtnZvDPHowJCouJJtsU4zJZ44Y6a2HS6LnHLdu3hHSDV4RRPxn_lZ6nvdJabWO44v_kesjgG0XF9cgKHsIxzkpx4JC4HQGG9bHmeoUELPQMLoVNeWgEsvhH1yeTVX7sfxFVMNXhNkNscKql3zc8FiGaBc-m5ewlfacjqGowWwcV1yrPdMLj784PzGalx6ecy0BFCsC0S-GVuQiOKry-C8LnpmxJaJ5eSEGgJLdOOp6AsJ8u3ObscfEDn01Ov8oetRlgxwavBv0eCX7l38XHyr1nmSc4r-m5_bqGI-LcXn9o5-VE-rULj4BMAlw0xV88WRhRfs4S56A6NbjmBxlCN5RS5cbfCG3omsSa7JwB7GQuGXsEwTVjnb3Xzxj834hZdhy89dd-i09YsNlK7MzKxdIEelFxzHm8Br9npLnF5zuoZLQrWHz0w54bZITD1Hx-Qdf8C0xqD_8GqmCuAZfk-eCu2m081G_NwyKpFN_j6M0cWyPre3357ECJ6M-Zj7Qg37srF5WrvvMH7OrTbKsxgjkEiG7U_vEyrd4N5dG_PJK2tjIa7mD5sdKRRPjGIEYV-5ZVdpJZ4JNYIenXsHX3pxB8Wz_7bd-6KpRFBto80esv6IsUAw-m9DLSBKao1h5JvWhpQbTodCgjkmU_FM9XPFSDdKAyLKGt6sdLr65KoLNNIkwsYuF4LfrcVwjzcosXit3o8NXgwJdxS1nMzEfiILkJ0WxCN0A_CKB3t-wOPVF1h7ai_vAXZGAv9C3aJdMZGmVdzDMCpbz_fJBUjGHoXb0DfYljLf9S8M6nreohvQrGIgdxNWxkt6wEyDZ7kE3xQwN3t0tdIiwxxKkMcLYsdOuSs2PIrurF6YFKSu0PUmGz-AgY-P19_t7qKbvBXahj1Jlbta6yh6lygBJhqOzyBqQ392LjazIqw_3PYUm_6pI9ws6vezrM6Kzs_rwB1QBowBpo4l9CtSzPclU1LN0d_QCBZN9xJPRDdpqo4JaY3UhXzKKMiM-deLnfjTi57BpRgrGx-Hr-swBP6KoJuDUNrHApM6TVXRhK7wXUn7FDbXx6lfwCXdcpkYMb5tBFX_QSctcPA0qr2NP9ktCsVAU7c0v57_S4xO04ZjkllKkm8o9-kPW1m-o_zVH80hFBJR3mw11MvUwmZ8wuLhoh_szludtRh7KbzOMkbiOSBesGnuNLfuxIFyuaZYrxFW7EKlAmNtlmTypMm7OvmYLjDgBuo966s4RJBw-mqUfYa9wotlm_4G4lMzjFQdr-eewM-8ffhWISVBTvHGZDSC3rMV2G21ELuIxpz6EhFTWexZ5UQ58OFOnc96920J3XxjkFsDsAKIu6JqCvoNKbL8ZwCfmgaF4MWUc33EIqdEEt3YgwY-AR00fFl4lXoIXf1wtpNXBaopckTLQ4VMSNwk1hpw3ZyViyZ3Ew5hHoyIkoiS6VuFuKcZMwVQ3ODLGbEf5RPJsNfZJmQWpqOVYMDugfcHW7IFncBOa4n0WEK7BbdWXnqeLzfPq51U1qjE2s59ztyrdn6BPYIshIqg7pBgqc7k5FRKk23iYklgMD2DXVss3VXFgopEkakptsq_Wd0Y4VZozdwuYXMZZdobgagngkOc0xV-5HkMYMm1uLr70IifP9FJs6grBhm9xaP9gTBQmmc1TCMZhMyEYvpGNJt6N8l7SqWdfEzcoLNRszrXKNsg-9-bjkB10yaKLM36BSe2ZB5TM7YAtp8co8b1itJ1_WDW-lej8GgdJfIsPJ6vut-XDCpFnCHCdiMdjQgvNtWyNvNCctZtfhEDi5_I5J73ss-NRB31_Qfg1AWGL6btImbva7_7Jv2WRQTaUnrm772-SUpGsvKHsUL6lVH2x25oH8mAUMM5MXf_lSQUe7W4V4Do69mw6fO2ROwiOAXi5gdTk5wHZk80ygIFOEgoCb_KEdpY-elcpG-yiEWOpGucBBclNigC31NOWaUNE3zop4RgtwaGjgTWuKv97ma9LVfj-JVG4n1QW0fYWgnpeESxmOzvd0mOyAYly2j1t87yum_T-0JpRSo5FHmmi8dHI_3o9lPxcyd8aCVW-j1ixVJ-oGEcqyS9fq3X6PcdclRG8z_pvVBdqQb0lgryu8S2SL_Q2D9XdpfuwWa-DEOqS7UwllkPze1FB7HnbRHPfLFS2xvzzkOMhmZmNy2_DyXV6elzVVdeiosr2vJH98JoIXCnZE4PIQr9FkQjL3tcXBtUgGOuNeRCB3FMwTcu9cGvgr-TaHASnwEP7ySWocZ5-4VuKNlo4wn-UzMPtm_t31c-0c_FF4Bk65sxHkC0XvCsSPsbiQ9t7eTBuwqZ4u_VLeQ0UkziZOkTmzZGgBErkbXzacYYMdPW3kwVQx9O6ziRPY7SBz_TXs-H7q9NBXQvOnPjyJM65APFQ4tvhXfwjEhoid02i3NYOg2tJ-mVbN8iE_naHVxuELNbx4Xu9c4iVEWAAcOmsXQgzo_qv6sfea6vhvNRLxCjp4OAmUjJAmfHWH4OQakn3LcSuKuBsSEeCEBRGsEGMOZVIZs7wBnanVtBlSB8VK7Hif0BC2nZULlYkotjLPdIgoxTz5eo6898H2kPbA_t5pQRaxmiQW7oQ_7vcdbApN-Mx0ylGOjnd0uGacQszTZHtHFAUy-xIY7MhJSYrK6NZXUS7okQ5vMKd3aSMQhuQI2l2QBrwodL7ZtTLlfNmzrX5TtRFw8NJEydPU26hAIZrZUocjgCcF77IhCEgwS2747b6WXzreqJfMH6sEozogyHPDw-G_jg_GkwmzzDQQDsX5t0gAGRR_fmDrwPG61MvvrkQL8oZgic15SKJS3g0kV7ro4SsxINv29CglmbTmCqU8x0NL2EkrQ6JD5ic3f4RR0673U9XneHOcXRE1M38VcmRMUHctqlh1C0Zp8kX-r1M_Ld5TXh-nr-x3kHLsLRf_vdEbGZsFzQ2Gwi3W6Z48ZcDApu02baOLsSPcCwyVfjza7M5-g08qSqzd9wcy7mOVRcKUJvYtLXQ-Qgq3UKQNXThS-D-d3-xmT2ldevwx00N37NOJxujbL3eFnyJumKCfepMI5HsRpZ88fu4_khRU1N5POehXRQarwjjWEge0i44zXKCx8zf1AY8tRwVP9mKUGgQwq7W2fX5vUkijNVuFSlY-f030QXzRSXbJD-zy2_A9xyMq8uBN2o0urpgK-dzkJ4w5SXrrFc1bCOIpFH67_woh7W2DETy1_MwRLE4lpNiRtg8ARfBEtZEe7MNnmB0sQMeX8UVkNMkpL8zcgQ3JPxdbVxGBsox4ig7UPH5x7QOmGd9bYbCpAuIAfoiK0m5wshD06NYzo1Qxjiuf4pne-ECuisjaFGYAUz1jyLUtx_4TGO6KPr9N0W-J2ZhMM8X6e8OULHDKYnxpPhcsab0SPYh_XGzAeNn4C1eqfOGZtY-H94k9gUtbWJS6eImqK6FLDXPwwnJp9FX6VVSXh0RAt4fFAJyV93okBVxDPNR46XNWKwVUI5WJaeYqGWLlM-_iG4ajKyl-jseIx4XqnXqEWEObcMUmpcEAQ411_tsOeIVR8fHMTdNftylMk16IVSPeZuW1pu6-rwjdGkiU-jNtVRFdFwq6x2j0ScWKErlBjqCvfDLbQmimdbda4QGBXbzBVra_crX_F5OXX2opLqhOftzHujdlw2MkWyAfzS2yr9XlSk1B7lqO8krnnGMMFBoR9Bz5wXixWVwh_l6uAIKMAIJ1hb1pxs-INUWo0byB7Sm0d49vFyi0Zu9O47jnutrLqTUstLnjSpYwq-tNbnp5W8JBdgtg&pr=63%3A0.1447655337752099&cid=CAQSGwDpaXnf4hFUJrMr49qKV7d2etAUk-AmzVEFtBgB&xfc=https%3A%2F%2Fadx.adform.net%2Fadx%2Fssp%2Fclk%2F%3Fdata%3DAnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&r=&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&ds=l&xdt=0&iif=1&cor=2505791405880454700&adk=1761367584&idt=57&cac=0&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f25ece69647beb7f62efa1dee6056260f6a46c79dc1a8c2f2e1e454cc93ca50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads19.adtelligent.com/sync/ Frame C6C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads19.adtelligent.com/sync/?aid=859075&gdpr_source=none&refer=https://fescoebill.pk/0.22138318892950082
Requested by
Host: ads19.adtelligent.com
URL: https://ads19.adtelligent.com/sync.js?aid=859075
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://fescoebill.pk
Connection
Keep-Alive
Content-Length
0
Date
Thu, 29 Aug 2024 22:08:20 GMT
Permissions-Policy
browsing-topics=()
Server
Adtelligent
X-Robots-Tag
noindex
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/ Frame A5EC 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5dHcoqTgm7yaAMuZdgBesA4n4rCgH0_11foN3F6j3CQQSKNj17h7TALfwgm1p6K2vAZVzbKa8yN2ri-UuxDbO6TzuAsdsjGDZim5s1QK2VKsHjKiDgQEnviR52Aai6-nbVDBu3P5xoJCVb-L_Gmd78l62M9Rfn-U7PXuUb0RvS8WExZ5b87pZnBKbZX-v--xVtD0aZAuJQ5AzIHUzbCJjqxoisl-aIE7tqLPAWtfu_8NQA8I&cry=1&dbm_d=AKAmf-C-cV5RtnZvDPHowJCouJJtsU4zJZ44Y6a2HS6LnHLdu3hHSDV4RRPxn_lZ6nvdJabWO44v_kesjgG0XF9cgKHsIxzkpx4JC4HQGG9bHmeoUELPQMLoVNeWgEsvhH1yeTVX7sfxFVMNXhNkNscKql3zc8FiGaBc-m5ewlfacjqGowWwcV1yrPdMLj784PzGalx6ecy0BFCsC0S-GVuQiOKry-C8LnpmxJaJ5eSEGgJLdOOp6AsJ8u3ObscfEDn01Ov8oetRlgxwavBv0eCX7l38XHyr1nmSc4r-m5_bqGI-LcXn9o5-VE-rULj4BMAlw0xV88WRhRfs4S56A6NbjmBxlCN5RS5cbfCG3omsSa7JwB7GQuGXsEwTVjnb3Xzxj834hZdhy89dd-i09YsNlK7MzKxdIEelFxzHm8Br9npLnF5zuoZLQrWHz0w54bZITD1Hx-Qdf8C0xqD_8GqmCuAZfk-eCu2m081G_NwyKpFN_j6M0cWyPre3357ECJ6M-Zj7Qg37srF5WrvvMH7OrTbKsxgjkEiG7U_vEyrd4N5dG_PJK2tjIa7mD5sdKRRPjGIEYV-5ZVdpJZ4JNYIenXsHX3pxB8Wz_7bd-6KpRFBto80esv6IsUAw-m9DLSBKao1h5JvWhpQbTodCgjkmU_FM9XPFSDdKAyLKGt6sdLr65KoLNNIkwsYuF4LfrcVwjzcosXit3o8NXgwJdxS1nMzEfiILkJ0WxCN0A_CKB3t-wOPVF1h7ai_vAXZGAv9C3aJdMZGmVdzDMCpbz_fJBUjGHoXb0DfYljLf9S8M6nreohvQrGIgdxNWxkt6wEyDZ7kE3xQwN3t0tdIiwxxKkMcLYsdOuSs2PIrurF6YFKSu0PUmGz-AgY-P19_t7qKbvBXahj1Jlbta6yh6lygBJhqOzyBqQ392LjazIqw_3PYUm_6pI9ws6vezrM6Kzs_rwB1QBowBpo4l9CtSzPclU1LN0d_QCBZN9xJPRDdpqo4JaY3UhXzKKMiM-deLnfjTi57BpRgrGx-Hr-swBP6KoJuDUNrHApM6TVXRhK7wXUn7FDbXx6lfwCXdcpkYMb5tBFX_QSctcPA0qr2NP9ktCsVAU7c0v57_S4xO04ZjkllKkm8o9-kPW1m-o_zVH80hFBJR3mw11MvUwmZ8wuLhoh_szludtRh7KbzOMkbiOSBesGnuNLfuxIFyuaZYrxFW7EKlAmNtlmTypMm7OvmYLjDgBuo966s4RJBw-mqUfYa9wotlm_4G4lMzjFQdr-eewM-8ffhWISVBTvHGZDSC3rMV2G21ELuIxpz6EhFTWexZ5UQ58OFOnc96920J3XxjkFsDsAKIu6JqCvoNKbL8ZwCfmgaF4MWUc33EIqdEEt3YgwY-AR00fFl4lXoIXf1wtpNXBaopckTLQ4VMSNwk1hpw3ZyViyZ3Ew5hHoyIkoiS6VuFuKcZMwVQ3ODLGbEf5RPJsNfZJmQWpqOVYMDugfcHW7IFncBOa4n0WEK7BbdWXnqeLzfPq51U1qjE2s59ztyrdn6BPYIshIqg7pBgqc7k5FRKk23iYklgMD2DXVss3VXFgopEkakptsq_Wd0Y4VZozdwuYXMZZdobgagngkOc0xV-5HkMYMm1uLr70IifP9FJs6grBhm9xaP9gTBQmmc1TCMZhMyEYvpGNJt6N8l7SqWdfEzcoLNRszrXKNsg-9-bjkB10yaKLM36BSe2ZB5TM7YAtp8co8b1itJ1_WDW-lej8GgdJfIsPJ6vut-XDCpFnCHCdiMdjQgvNtWyNvNCctZtfhEDi5_I5J73ss-NRB31_Qfg1AWGL6btImbva7_7Jv2WRQTaUnrm772-SUpGsvKHsUL6lVH2x25oH8mAUMM5MXf_lSQUe7W4V4Do69mw6fO2ROwiOAXi5gdTk5wHZk80ygIFOEgoCb_KEdpY-elcpG-yiEWOpGucBBclNigC31NOWaUNE3zop4RgtwaGjgTWuKv97ma9LVfj-JVG4n1QW0fYWgnpeESxmOzvd0mOyAYly2j1t87yum_T-0JpRSo5FHmmi8dHI_3o9lPxcyd8aCVW-j1ixVJ-oGEcqyS9fq3X6PcdclRG8z_pvVBdqQb0lgryu8S2SL_Q2D9XdpfuwWa-DEOqS7UwllkPze1FB7HnbRHPfLFS2xvzzkOMhmZmNy2_DyXV6elzVVdeiosr2vJH98JoIXCnZE4PIQr9FkQjL3tcXBtUgGOuNeRCB3FMwTcu9cGvgr-TaHASnwEP7ySWocZ5-4VuKNlo4wn-UzMPtm_t31c-0c_FF4Bk65sxHkC0XvCsSPsbiQ9t7eTBuwqZ4u_VLeQ0UkziZOkTmzZGgBErkbXzacYYMdPW3kwVQx9O6ziRPY7SBz_TXs-H7q9NBXQvOnPjyJM65APFQ4tvhXfwjEhoid02i3NYOg2tJ-mVbN8iE_naHVxuELNbx4Xu9c4iVEWAAcOmsXQgzo_qv6sfea6vhvNRLxCjp4OAmUjJAmfHWH4OQakn3LcSuKuBsSEeCEBRGsEGMOZVIZs7wBnanVtBlSB8VK7Hif0BC2nZULlYkotjLPdIgoxTz5eo6898H2kPbA_t5pQRaxmiQW7oQ_7vcdbApN-Mx0ylGOjnd0uGacQszTZHtHFAUy-xIY7MhJSYrK6NZXUS7okQ5vMKd3aSMQhuQI2l2QBrwodL7ZtTLlfNmzrX5TtRFw8NJEydPU26hAIZrZUocjgCcF77IhCEgwS2747b6WXzreqJfMH6sEozogyHPDw-G_jg_GkwmzzDQQDsX5t0gAGRR_fmDrwPG61MvvrkQL8oZgic15SKJS3g0kV7ro4SsxINv29CglmbTmCqU8x0NL2EkrQ6JD5ic3f4RR0673U9XneHOcXRE1M38VcmRMUHctqlh1C0Zp8kX-r1M_Ld5TXh-nr-x3kHLsLRf_vdEbGZsFzQ2Gwi3W6Z48ZcDApu02baOLsSPcCwyVfjza7M5-g08qSqzd9wcy7mOVRcKUJvYtLXQ-Qgq3UKQNXThS-D-d3-xmT2ldevwx00N37NOJxujbL3eFnyJumKCfepMI5HsRpZ88fu4_khRU1N5POehXRQarwjjWEge0i44zXKCx8zf1AY8tRwVP9mKUGgQwq7W2fX5vUkijNVuFSlY-f030QXzRSXbJD-zy2_A9xyMq8uBN2o0urpgK-dzkJ4w5SXrrFc1bCOIpFH67_woh7W2DETy1_MwRLE4lpNiRtg8ARfBEtZEe7MNnmB0sQMeX8UVkNMkpL8zcgQ3JPxdbVxGBsox4ig7UPH5x7QOmGd9bYbCpAuIAfoiK0m5wshD06NYzo1Qxjiuf4pne-ECuisjaFGYAUz1jyLUtx_4TGO6KPr9N0W-J2ZhMM8X6e8OULHDKYnxpPhcsab0SPYh_XGzAeNn4C1eqfOGZtY-H94k9gUtbWJS6eImqK6FLDXPwwnJp9FX6VVSXh0RAt4fFAJyV93okBVxDPNR46XNWKwVUI5WJaeYqGWLlM-_iG4ajKyl-jseIx4XqnXqEWEObcMUmpcEAQ411_tsOeIVR8fHMTdNftylMk16IVSPeZuW1pu6-rwjdGkiU-jNtVRFdFwq6x2j0ScWKErlBjqCvfDLbQmimdbda4QGBXbzBVra_crX_F5OXX2opLqhOftzHujdlw2MkWyAfzS2yr9XlSk1B7lqO8krnnGMMFBoR9Bz5wXixWVwh_l6uAIKMAIJ1hb1pxs-INUWo0byB7Sm0d49vFyi0Zu9O47jnutrLqTUstLnjSpYwq-tNbnp5W8JBdgtg&pr=63%3A0.1447655337752099&cid=CAQSGwDpaXnf4hFUJrMr49qKV7d2etAUk-AmzVEFtBgB&xfc=https%3A%2F%2Fadx.adform.net%2Fadx%2Fssp%2Fclk%2F%3Fdata%3DAnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&r=&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&ds=l&xdt=0&iif=1&cor=2505791405880454700&adk=1761367584&idt=57&cac=0&dtd=104
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a954ad51dd3f6c512d0e8939e4f71924230878dd7084691cb7a6a6e4bd906f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 16:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11658
x-xss-protection
0
server
cafe
etag
5267523334890669770
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Sep 2024 16:43:24 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A5EC 		204 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5dHcoqTgm7yaAMuZdgBesA4n4rCgH0_11foN3F6j3CQQSKNj17h7TALfwgm1p6K2vAZVzbKa8yN2ri-UuxDbO6TzuAsdsjGDZim5s1QK2VKsHjKiDgQEnviR52Aai6-nbVDBu3P5xoJCVb-L_Gmd78l62M9Rfn-U7PXuUb0RvS8WExZ5b87pZnBKbZX-v--xVtD0aZAuJQ5AzIHUzbCJjqxoisl-aIE7tqLPAWtfu_8NQA8I&cry=1&dbm_d=AKAmf-C-cV5RtnZvDPHowJCouJJtsU4zJZ44Y6a2HS6LnHLdu3hHSDV4RRPxn_lZ6nvdJabWO44v_kesjgG0XF9cgKHsIxzkpx4JC4HQGG9bHmeoUELPQMLoVNeWgEsvhH1yeTVX7sfxFVMNXhNkNscKql3zc8FiGaBc-m5ewlfacjqGowWwcV1yrPdMLj784PzGalx6ecy0BFCsC0S-GVuQiOKry-C8LnpmxJaJ5eSEGgJLdOOp6AsJ8u3ObscfEDn01Ov8oetRlgxwavBv0eCX7l38XHyr1nmSc4r-m5_bqGI-LcXn9o5-VE-rULj4BMAlw0xV88WRhRfs4S56A6NbjmBxlCN5RS5cbfCG3omsSa7JwB7GQuGXsEwTVjnb3Xzxj834hZdhy89dd-i09YsNlK7MzKxdIEelFxzHm8Br9npLnF5zuoZLQrWHz0w54bZITD1Hx-Qdf8C0xqD_8GqmCuAZfk-eCu2m081G_NwyKpFN_j6M0cWyPre3357ECJ6M-Zj7Qg37srF5WrvvMH7OrTbKsxgjkEiG7U_vEyrd4N5dG_PJK2tjIa7mD5sdKRRPjGIEYV-5ZVdpJZ4JNYIenXsHX3pxB8Wz_7bd-6KpRFBto80esv6IsUAw-m9DLSBKao1h5JvWhpQbTodCgjkmU_FM9XPFSDdKAyLKGt6sdLr65KoLNNIkwsYuF4LfrcVwjzcosXit3o8NXgwJdxS1nMzEfiILkJ0WxCN0A_CKB3t-wOPVF1h7ai_vAXZGAv9C3aJdMZGmVdzDMCpbz_fJBUjGHoXb0DfYljLf9S8M6nreohvQrGIgdxNWxkt6wEyDZ7kE3xQwN3t0tdIiwxxKkMcLYsdOuSs2PIrurF6YFKSu0PUmGz-AgY-P19_t7qKbvBXahj1Jlbta6yh6lygBJhqOzyBqQ392LjazIqw_3PYUm_6pI9ws6vezrM6Kzs_rwB1QBowBpo4l9CtSzPclU1LN0d_QCBZN9xJPRDdpqo4JaY3UhXzKKMiM-deLnfjTi57BpRgrGx-Hr-swBP6KoJuDUNrHApM6TVXRhK7wXUn7FDbXx6lfwCXdcpkYMb5tBFX_QSctcPA0qr2NP9ktCsVAU7c0v57_S4xO04ZjkllKkm8o9-kPW1m-o_zVH80hFBJR3mw11MvUwmZ8wuLhoh_szludtRh7KbzOMkbiOSBesGnuNLfuxIFyuaZYrxFW7EKlAmNtlmTypMm7OvmYLjDgBuo966s4RJBw-mqUfYa9wotlm_4G4lMzjFQdr-eewM-8ffhWISVBTvHGZDSC3rMV2G21ELuIxpz6EhFTWexZ5UQ58OFOnc96920J3XxjkFsDsAKIu6JqCvoNKbL8ZwCfmgaF4MWUc33EIqdEEt3YgwY-AR00fFl4lXoIXf1wtpNXBaopckTLQ4VMSNwk1hpw3ZyViyZ3Ew5hHoyIkoiS6VuFuKcZMwVQ3ODLGbEf5RPJsNfZJmQWpqOVYMDugfcHW7IFncBOa4n0WEK7BbdWXnqeLzfPq51U1qjE2s59ztyrdn6BPYIshIqg7pBgqc7k5FRKk23iYklgMD2DXVss3VXFgopEkakptsq_Wd0Y4VZozdwuYXMZZdobgagngkOc0xV-5HkMYMm1uLr70IifP9FJs6grBhm9xaP9gTBQmmc1TCMZhMyEYvpGNJt6N8l7SqWdfEzcoLNRszrXKNsg-9-bjkB10yaKLM36BSe2ZB5TM7YAtp8co8b1itJ1_WDW-lej8GgdJfIsPJ6vut-XDCpFnCHCdiMdjQgvNtWyNvNCctZtfhEDi5_I5J73ss-NRB31_Qfg1AWGL6btImbva7_7Jv2WRQTaUnrm772-SUpGsvKHsUL6lVH2x25oH8mAUMM5MXf_lSQUe7W4V4Do69mw6fO2ROwiOAXi5gdTk5wHZk80ygIFOEgoCb_KEdpY-elcpG-yiEWOpGucBBclNigC31NOWaUNE3zop4RgtwaGjgTWuKv97ma9LVfj-JVG4n1QW0fYWgnpeESxmOzvd0mOyAYly2j1t87yum_T-0JpRSo5FHmmi8dHI_3o9lPxcyd8aCVW-j1ixVJ-oGEcqyS9fq3X6PcdclRG8z_pvVBdqQb0lgryu8S2SL_Q2D9XdpfuwWa-DEOqS7UwllkPze1FB7HnbRHPfLFS2xvzzkOMhmZmNy2_DyXV6elzVVdeiosr2vJH98JoIXCnZE4PIQr9FkQjL3tcXBtUgGOuNeRCB3FMwTcu9cGvgr-TaHASnwEP7ySWocZ5-4VuKNlo4wn-UzMPtm_t31c-0c_FF4Bk65sxHkC0XvCsSPsbiQ9t7eTBuwqZ4u_VLeQ0UkziZOkTmzZGgBErkbXzacYYMdPW3kwVQx9O6ziRPY7SBz_TXs-H7q9NBXQvOnPjyJM65APFQ4tvhXfwjEhoid02i3NYOg2tJ-mVbN8iE_naHVxuELNbx4Xu9c4iVEWAAcOmsXQgzo_qv6sfea6vhvNRLxCjp4OAmUjJAmfHWH4OQakn3LcSuKuBsSEeCEBRGsEGMOZVIZs7wBnanVtBlSB8VK7Hif0BC2nZULlYkotjLPdIgoxTz5eo6898H2kPbA_t5pQRaxmiQW7oQ_7vcdbApN-Mx0ylGOjnd0uGacQszTZHtHFAUy-xIY7MhJSYrK6NZXUS7okQ5vMKd3aSMQhuQI2l2QBrwodL7ZtTLlfNmzrX5TtRFw8NJEydPU26hAIZrZUocjgCcF77IhCEgwS2747b6WXzreqJfMH6sEozogyHPDw-G_jg_GkwmzzDQQDsX5t0gAGRR_fmDrwPG61MvvrkQL8oZgic15SKJS3g0kV7ro4SsxINv29CglmbTmCqU8x0NL2EkrQ6JD5ic3f4RR0673U9XneHOcXRE1M38VcmRMUHctqlh1C0Zp8kX-r1M_Ld5TXh-nr-x3kHLsLRf_vdEbGZsFzQ2Gwi3W6Z48ZcDApu02baOLsSPcCwyVfjza7M5-g08qSqzd9wcy7mOVRcKUJvYtLXQ-Qgq3UKQNXThS-D-d3-xmT2ldevwx00N37NOJxujbL3eFnyJumKCfepMI5HsRpZ88fu4_khRU1N5POehXRQarwjjWEge0i44zXKCx8zf1AY8tRwVP9mKUGgQwq7W2fX5vUkijNVuFSlY-f030QXzRSXbJD-zy2_A9xyMq8uBN2o0urpgK-dzkJ4w5SXrrFc1bCOIpFH67_woh7W2DETy1_MwRLE4lpNiRtg8ARfBEtZEe7MNnmB0sQMeX8UVkNMkpL8zcgQ3JPxdbVxGBsox4ig7UPH5x7QOmGd9bYbCpAuIAfoiK0m5wshD06NYzo1Qxjiuf4pne-ECuisjaFGYAUz1jyLUtx_4TGO6KPr9N0W-J2ZhMM8X6e8OULHDKYnxpPhcsab0SPYh_XGzAeNn4C1eqfOGZtY-H94k9gUtbWJS6eImqK6FLDXPwwnJp9FX6VVSXh0RAt4fFAJyV93okBVxDPNR46XNWKwVUI5WJaeYqGWLlM-_iG4ajKyl-jseIx4XqnXqEWEObcMUmpcEAQ411_tsOeIVR8fHMTdNftylMk16IVSPeZuW1pu6-rwjdGkiU-jNtVRFdFwq6x2j0ScWKErlBjqCvfDLbQmimdbda4QGBXbzBVra_crX_F5OXX2opLqhOftzHujdlw2MkWyAfzS2yr9XlSk1B7lqO8krnnGMMFBoR9Bz5wXixWVwh_l6uAIKMAIJ1hb1pxs-INUWo0byB7Sm0d49vFyi0Zu9O47jnutrLqTUstLnjSpYwq-tNbnp5W8JBdgtg&pr=63%3A0.1447655337752099&cid=CAQSGwDpaXnf4hFUJrMr49qKV7d2etAUk-AmzVEFtBgB&xfc=https%3A%2F%2Fadx.adform.net%2Fadx%2Fssp%2Fclk%2F%3Fdata%3DAnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&r=&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&ds=l&xdt=0&iif=1&cor=2505791405880454700&adk=1761367584&idt=57&cac=0&dtd=104
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
258daef9a182640e92d363f90b54305e7a38a99655b8117d7bd7658a7fffbfff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 21:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64913
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 22:48:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/elements/html/ Frame A5EC 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5dHcoqTgm7yaAMuZdgBesA4n4rCgH0_11foN3F6j3CQQSKNj17h7TALfwgm1p6K2vAZVzbKa8yN2ri-UuxDbO6TzuAsdsjGDZim5s1QK2VKsHjKiDgQEnviR52Aai6-nbVDBu3P5xoJCVb-L_Gmd78l62M9Rfn-U7PXuUb0RvS8WExZ5b87pZnBKbZX-v--xVtD0aZAuJQ5AzIHUzbCJjqxoisl-aIE7tqLPAWtfu_8NQA8I&cry=1&dbm_d=AKAmf-C-cV5RtnZvDPHowJCouJJtsU4zJZ44Y6a2HS6LnHLdu3hHSDV4RRPxn_lZ6nvdJabWO44v_kesjgG0XF9cgKHsIxzkpx4JC4HQGG9bHmeoUELPQMLoVNeWgEsvhH1yeTVX7sfxFVMNXhNkNscKql3zc8FiGaBc-m5ewlfacjqGowWwcV1yrPdMLj784PzGalx6ecy0BFCsC0S-GVuQiOKry-C8LnpmxJaJ5eSEGgJLdOOp6AsJ8u3ObscfEDn01Ov8oetRlgxwavBv0eCX7l38XHyr1nmSc4r-m5_bqGI-LcXn9o5-VE-rULj4BMAlw0xV88WRhRfs4S56A6NbjmBxlCN5RS5cbfCG3omsSa7JwB7GQuGXsEwTVjnb3Xzxj834hZdhy89dd-i09YsNlK7MzKxdIEelFxzHm8Br9npLnF5zuoZLQrWHz0w54bZITD1Hx-Qdf8C0xqD_8GqmCuAZfk-eCu2m081G_NwyKpFN_j6M0cWyPre3357ECJ6M-Zj7Qg37srF5WrvvMH7OrTbKsxgjkEiG7U_vEyrd4N5dG_PJK2tjIa7mD5sdKRRPjGIEYV-5ZVdpJZ4JNYIenXsHX3pxB8Wz_7bd-6KpRFBto80esv6IsUAw-m9DLSBKao1h5JvWhpQbTodCgjkmU_FM9XPFSDdKAyLKGt6sdLr65KoLNNIkwsYuF4LfrcVwjzcosXit3o8NXgwJdxS1nMzEfiILkJ0WxCN0A_CKB3t-wOPVF1h7ai_vAXZGAv9C3aJdMZGmVdzDMCpbz_fJBUjGHoXb0DfYljLf9S8M6nreohvQrGIgdxNWxkt6wEyDZ7kE3xQwN3t0tdIiwxxKkMcLYsdOuSs2PIrurF6YFKSu0PUmGz-AgY-P19_t7qKbvBXahj1Jlbta6yh6lygBJhqOzyBqQ392LjazIqw_3PYUm_6pI9ws6vezrM6Kzs_rwB1QBowBpo4l9CtSzPclU1LN0d_QCBZN9xJPRDdpqo4JaY3UhXzKKMiM-deLnfjTi57BpRgrGx-Hr-swBP6KoJuDUNrHApM6TVXRhK7wXUn7FDbXx6lfwCXdcpkYMb5tBFX_QSctcPA0qr2NP9ktCsVAU7c0v57_S4xO04ZjkllKkm8o9-kPW1m-o_zVH80hFBJR3mw11MvUwmZ8wuLhoh_szludtRh7KbzOMkbiOSBesGnuNLfuxIFyuaZYrxFW7EKlAmNtlmTypMm7OvmYLjDgBuo966s4RJBw-mqUfYa9wotlm_4G4lMzjFQdr-eewM-8ffhWISVBTvHGZDSC3rMV2G21ELuIxpz6EhFTWexZ5UQ58OFOnc96920J3XxjkFsDsAKIu6JqCvoNKbL8ZwCfmgaF4MWUc33EIqdEEt3YgwY-AR00fFl4lXoIXf1wtpNXBaopckTLQ4VMSNwk1hpw3ZyViyZ3Ew5hHoyIkoiS6VuFuKcZMwVQ3ODLGbEf5RPJsNfZJmQWpqOVYMDugfcHW7IFncBOa4n0WEK7BbdWXnqeLzfPq51U1qjE2s59ztyrdn6BPYIshIqg7pBgqc7k5FRKk23iYklgMD2DXVss3VXFgopEkakptsq_Wd0Y4VZozdwuYXMZZdobgagngkOc0xV-5HkMYMm1uLr70IifP9FJs6grBhm9xaP9gTBQmmc1TCMZhMyEYvpGNJt6N8l7SqWdfEzcoLNRszrXKNsg-9-bjkB10yaKLM36BSe2ZB5TM7YAtp8co8b1itJ1_WDW-lej8GgdJfIsPJ6vut-XDCpFnCHCdiMdjQgvNtWyNvNCctZtfhEDi5_I5J73ss-NRB31_Qfg1AWGL6btImbva7_7Jv2WRQTaUnrm772-SUpGsvKHsUL6lVH2x25oH8mAUMM5MXf_lSQUe7W4V4Do69mw6fO2ROwiOAXi5gdTk5wHZk80ygIFOEgoCb_KEdpY-elcpG-yiEWOpGucBBclNigC31NOWaUNE3zop4RgtwaGjgTWuKv97ma9LVfj-JVG4n1QW0fYWgnpeESxmOzvd0mOyAYly2j1t87yum_T-0JpRSo5FHmmi8dHI_3o9lPxcyd8aCVW-j1ixVJ-oGEcqyS9fq3X6PcdclRG8z_pvVBdqQb0lgryu8S2SL_Q2D9XdpfuwWa-DEOqS7UwllkPze1FB7HnbRHPfLFS2xvzzkOMhmZmNy2_DyXV6elzVVdeiosr2vJH98JoIXCnZE4PIQr9FkQjL3tcXBtUgGOuNeRCB3FMwTcu9cGvgr-TaHASnwEP7ySWocZ5-4VuKNlo4wn-UzMPtm_t31c-0c_FF4Bk65sxHkC0XvCsSPsbiQ9t7eTBuwqZ4u_VLeQ0UkziZOkTmzZGgBErkbXzacYYMdPW3kwVQx9O6ziRPY7SBz_TXs-H7q9NBXQvOnPjyJM65APFQ4tvhXfwjEhoid02i3NYOg2tJ-mVbN8iE_naHVxuELNbx4Xu9c4iVEWAAcOmsXQgzo_qv6sfea6vhvNRLxCjp4OAmUjJAmfHWH4OQakn3LcSuKuBsSEeCEBRGsEGMOZVIZs7wBnanVtBlSB8VK7Hif0BC2nZULlYkotjLPdIgoxTz5eo6898H2kPbA_t5pQRaxmiQW7oQ_7vcdbApN-Mx0ylGOjnd0uGacQszTZHtHFAUy-xIY7MhJSYrK6NZXUS7okQ5vMKd3aSMQhuQI2l2QBrwodL7ZtTLlfNmzrX5TtRFw8NJEydPU26hAIZrZUocjgCcF77IhCEgwS2747b6WXzreqJfMH6sEozogyHPDw-G_jg_GkwmzzDQQDsX5t0gAGRR_fmDrwPG61MvvrkQL8oZgic15SKJS3g0kV7ro4SsxINv29CglmbTmCqU8x0NL2EkrQ6JD5ic3f4RR0673U9XneHOcXRE1M38VcmRMUHctqlh1C0Zp8kX-r1M_Ld5TXh-nr-x3kHLsLRf_vdEbGZsFzQ2Gwi3W6Z48ZcDApu02baOLsSPcCwyVfjza7M5-g08qSqzd9wcy7mOVRcKUJvYtLXQ-Qgq3UKQNXThS-D-d3-xmT2ldevwx00N37NOJxujbL3eFnyJumKCfepMI5HsRpZ88fu4_khRU1N5POehXRQarwjjWEge0i44zXKCx8zf1AY8tRwVP9mKUGgQwq7W2fX5vUkijNVuFSlY-f030QXzRSXbJD-zy2_A9xyMq8uBN2o0urpgK-dzkJ4w5SXrrFc1bCOIpFH67_woh7W2DETy1_MwRLE4lpNiRtg8ARfBEtZEe7MNnmB0sQMeX8UVkNMkpL8zcgQ3JPxdbVxGBsox4ig7UPH5x7QOmGd9bYbCpAuIAfoiK0m5wshD06NYzo1Qxjiuf4pne-ECuisjaFGYAUz1jyLUtx_4TGO6KPr9N0W-J2ZhMM8X6e8OULHDKYnxpPhcsab0SPYh_XGzAeNn4C1eqfOGZtY-H94k9gUtbWJS6eImqK6FLDXPwwnJp9FX6VVSXh0RAt4fFAJyV93okBVxDPNR46XNWKwVUI5WJaeYqGWLlM-_iG4ajKyl-jseIx4XqnXqEWEObcMUmpcEAQ411_tsOeIVR8fHMTdNftylMk16IVSPeZuW1pu6-rwjdGkiU-jNtVRFdFwq6x2j0ScWKErlBjqCvfDLbQmimdbda4QGBXbzBVra_crX_F5OXX2opLqhOftzHujdlw2MkWyAfzS2yr9XlSk1B7lqO8krnnGMMFBoR9Bz5wXixWVwh_l6uAIKMAIJ1hb1pxs-INUWo0byB7Sm0d49vFyi0Zu9O47jnutrLqTUstLnjSpYwq-tNbnp5W8JBdgtg&pr=63%3A0.1447655337752099&cid=CAQSGwDpaXnf4hFUJrMr49qKV7d2etAUk-AmzVEFtBgB&xfc=https%3A%2F%2Fadx.adform.net%2Fadx%2Fssp%2Fclk%2F%3Fdata%3DAnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&r=&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&ds=l&xdt=0&iif=1&cor=2505791405880454700&adk=1761367584&idt=57&cac=0&dtd=104
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 16:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Sep 2024 16:43:24 GMT
view
ad.doubleclick.net/pcs/ Frame A5EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst5xbQI-B2QmFv73PDSuAml8vU-Hx4zAAn1SoXnKoqfIG8GIWN21T-T4p3sy7tHPDf6F60kHXI4dPp218DZNwdkIcw4JOF0O8jDZSwCOg0E4cczTVYI1MWS5sal5gaIAoXvA9PphUBrIxdR2sGRvQojfKoeTsb-j9qHsRMYBb5knezebgM57yByu0KlyjsAymZLMwGu3g7gYM1VXM_LAxgdImO5DMTHqL2pKFhvNpuMmzRxtWyDmQFKvQhfOj2afoYPJg-swRks30r3O7epnUAabLy0m06r2wZKnPPqBFP4QKTUBQjxtqOsDzF04ZRn9Rwip1iI9qNFPzSWzOQZ_yV_jKHetSqbiKdqrDv9hNn34OckwHCaGRmiZEZibt9IYcEtPb1ecZFwXktYZ0apVbpVyZizyWHUEgqSceqXIGUS7RDlJpqopwZxtqwN6Z3e0rIzRZu2T9EjzfBqvXhYDSIFQOtO_qZa8tButT7x-ewKlmEyfO4u7yl3nlKuLvm4TUz5c14baDjZuyYWFx7ICZ4Aii8fQjDHi2zgjD1LIffOYxGdiP0LqranMA_kGwieQkHRWd2OYqDhneCjVFSlOCu2_5PfZO6fbcYbIG65Nei1UPva493UZjsLVZBH2WjovsSs_QbD54sXveFkwCw9cUMZnOKFs3zQ5ADSGUpMgRJ5duBUZz_nHFWnZJHDTShY0ceDLrvsE616KPMGCbTe9pYA2AkGnNLE_dlmQ53BO9QGj_lZUd_iw2y9Fi6TNVrjqx6b_-8H6EhXFnvkMT-v9-3VcP64qj-hoWcHihLAsSjtx2aHbkmQOvPY7fseMRPDrEaZxcPCoXo-S48PZDORirz5IPtbW6LYDazP2wgXV-AtLSxY2lIpN8sNeekZpGkHTReyaCqzboMEyfKwK_Ya49Mulh_YgGeEllP-ryKrTRwpsomPb20Fh5DXBZuYRV1Oil9WZc0QjwN2BPwiVt-a6UIblcoO59ryGcvdBHA-djPE-uak43PjntkQVHFpC_RAdsG3X_tNJKaN2K9RlMgIC84iJqxg56N6gPQLrDnBILfXjpCjKpD_9sWVzurmtcws1YONkh2QQCikYg1gOhmshcG0q_-cbNSt50DbqOde6qMK467yx6gMCyEHLA5M2Hk-mJKxIH6wD1GRSgG2kjZcke7cs4z39NsHDCBnSqbX9btJDMkGVdafFCS6DvtIithhdfq4zueYSegBxTaE73HEAf4barBmtnaAIhM4oiTL1q8UYvkocqOcN3XnOGaycI9oXLiKQE_sU3uVyuiBiWBNHAO-Fa8irFNWn8qBnCuEu9VBEk6gdeVeNJWJFHXcXhYj2hnrpyknlA&sai=AMfl-YTG3Zym2-ablsasNeC6ZZxDDGkSOYH9ed1rk_hZjX1_en7epGSNqxEmJBUBbXRQo_M9-Uhjgxj7oz_IzbYTJEHUqfvMZ0xJu1cISIWuh6dehiSChsa41au4o1cozqt6FEQSZ-jThPWmLrhrwQrPgO6Cn7S6eIj9dusf1nx9qdBch9-XzlTrkAgMwp1F1z57tyJzKeCkjw8&sig=Cg0ArKJSzAH6VsheN7fpEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9kb3VibGVjbGljay5uZXQ&pr=63:0.1447655337752099&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240828.97298&arae=1&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5dHcoqTgm7yaAMuZdgBesA4n4rCgH0_11foN3F6j3CQQSKNj17h7TALfwgm1p6K2vAZVzbKa8yN2ri-UuxDbO6TzuAsdsjGDZim5s1QK2VKsHjKiDgQEnviR52Aai6-nbVDBu3P5xoJCVb-L_Gmd78l62M9Rfn-U7PXuUb0RvS8WExZ5b87pZnBKbZX-v--xVtD0aZAuJQ5AzIHUzbCJjqxoisl-aIE7tqLPAWtfu_8NQA8I&cry=1&dbm_d=AKAmf-C-cV5RtnZvDPHowJCouJJtsU4zJZ44Y6a2HS6LnHLdu3hHSDV4RRPxn_lZ6nvdJabWO44v_kesjgG0XF9cgKHsIxzkpx4JC4HQGG9bHmeoUELPQMLoVNeWgEsvhH1yeTVX7sfxFVMNXhNkNscKql3zc8FiGaBc-m5ewlfacjqGowWwcV1yrPdMLj784PzGalx6ecy0BFCsC0S-GVuQiOKry-C8LnpmxJaJ5eSEGgJLdOOp6AsJ8u3ObscfEDn01Ov8oetRlgxwavBv0eCX7l38XHyr1nmSc4r-m5_bqGI-LcXn9o5-VE-rULj4BMAlw0xV88WRhRfs4S56A6NbjmBxlCN5RS5cbfCG3omsSa7JwB7GQuGXsEwTVjnb3Xzxj834hZdhy89dd-i09YsNlK7MzKxdIEelFxzHm8Br9npLnF5zuoZLQrWHz0w54bZITD1Hx-Qdf8C0xqD_8GqmCuAZfk-eCu2m081G_NwyKpFN_j6M0cWyPre3357ECJ6M-Zj7Qg37srF5WrvvMH7OrTbKsxgjkEiG7U_vEyrd4N5dG_PJK2tjIa7mD5sdKRRPjGIEYV-5ZVdpJZ4JNYIenXsHX3pxB8Wz_7bd-6KpRFBto80esv6IsUAw-m9DLSBKao1h5JvWhpQbTodCgjkmU_FM9XPFSDdKAyLKGt6sdLr65KoLNNIkwsYuF4LfrcVwjzcosXit3o8NXgwJdxS1nMzEfiILkJ0WxCN0A_CKB3t-wOPVF1h7ai_vAXZGAv9C3aJdMZGmVdzDMCpbz_fJBUjGHoXb0DfYljLf9S8M6nreohvQrGIgdxNWxkt6wEyDZ7kE3xQwN3t0tdIiwxxKkMcLYsdOuSs2PIrurF6YFKSu0PUmGz-AgY-P19_t7qKbvBXahj1Jlbta6yh6lygBJhqOzyBqQ392LjazIqw_3PYUm_6pI9ws6vezrM6Kzs_rwB1QBowBpo4l9CtSzPclU1LN0d_QCBZN9xJPRDdpqo4JaY3UhXzKKMiM-deLnfjTi57BpRgrGx-Hr-swBP6KoJuDUNrHApM6TVXRhK7wXUn7FDbXx6lfwCXdcpkYMb5tBFX_QSctcPA0qr2NP9ktCsVAU7c0v57_S4xO04ZjkllKkm8o9-kPW1m-o_zVH80hFBJR3mw11MvUwmZ8wuLhoh_szludtRh7KbzOMkbiOSBesGnuNLfuxIFyuaZYrxFW7EKlAmNtlmTypMm7OvmYLjDgBuo966s4RJBw-mqUfYa9wotlm_4G4lMzjFQdr-eewM-8ffhWISVBTvHGZDSC3rMV2G21ELuIxpz6EhFTWexZ5UQ58OFOnc96920J3XxjkFsDsAKIu6JqCvoNKbL8ZwCfmgaF4MWUc33EIqdEEt3YgwY-AR00fFl4lXoIXf1wtpNXBaopckTLQ4VMSNwk1hpw3ZyViyZ3Ew5hHoyIkoiS6VuFuKcZMwVQ3ODLGbEf5RPJsNfZJmQWpqOVYMDugfcHW7IFncBOa4n0WEK7BbdWXnqeLzfPq51U1qjE2s59ztyrdn6BPYIshIqg7pBgqc7k5FRKk23iYklgMD2DXVss3VXFgopEkakptsq_Wd0Y4VZozdwuYXMZZdobgagngkOc0xV-5HkMYMm1uLr70IifP9FJs6grBhm9xaP9gTBQmmc1TCMZhMyEYvpGNJt6N8l7SqWdfEzcoLNRszrXKNsg-9-bjkB10yaKLM36BSe2ZB5TM7YAtp8co8b1itJ1_WDW-lej8GgdJfIsPJ6vut-XDCpFnCHCdiMdjQgvNtWyNvNCctZtfhEDi5_I5J73ss-NRB31_Qfg1AWGL6btImbva7_7Jv2WRQTaUnrm772-SUpGsvKHsUL6lVH2x25oH8mAUMM5MXf_lSQUe7W4V4Do69mw6fO2ROwiOAXi5gdTk5wHZk80ygIFOEgoCb_KEdpY-elcpG-yiEWOpGucBBclNigC31NOWaUNE3zop4RgtwaGjgTWuKv97ma9LVfj-JVG4n1QW0fYWgnpeESxmOzvd0mOyAYly2j1t87yum_T-0JpRSo5FHmmi8dHI_3o9lPxcyd8aCVW-j1ixVJ-oGEcqyS9fq3X6PcdclRG8z_pvVBdqQb0lgryu8S2SL_Q2D9XdpfuwWa-DEOqS7UwllkPze1FB7HnbRHPfLFS2xvzzkOMhmZmNy2_DyXV6elzVVdeiosr2vJH98JoIXCnZE4PIQr9FkQjL3tcXBtUgGOuNeRCB3FMwTcu9cGvgr-TaHASnwEP7ySWocZ5-4VuKNlo4wn-UzMPtm_t31c-0c_FF4Bk65sxHkC0XvCsSPsbiQ9t7eTBuwqZ4u_VLeQ0UkziZOkTmzZGgBErkbXzacYYMdPW3kwVQx9O6ziRPY7SBz_TXs-H7q9NBXQvOnPjyJM65APFQ4tvhXfwjEhoid02i3NYOg2tJ-mVbN8iE_naHVxuELNbx4Xu9c4iVEWAAcOmsXQgzo_qv6sfea6vhvNRLxCjp4OAmUjJAmfHWH4OQakn3LcSuKuBsSEeCEBRGsEGMOZVIZs7wBnanVtBlSB8VK7Hif0BC2nZULlYkotjLPdIgoxTz5eo6898H2kPbA_t5pQRaxmiQW7oQ_7vcdbApN-Mx0ylGOjnd0uGacQszTZHtHFAUy-xIY7MhJSYrK6NZXUS7okQ5vMKd3aSMQhuQI2l2QBrwodL7ZtTLlfNmzrX5TtRFw8NJEydPU26hAIZrZUocjgCcF77IhCEgwS2747b6WXzreqJfMH6sEozogyHPDw-G_jg_GkwmzzDQQDsX5t0gAGRR_fmDrwPG61MvvrkQL8oZgic15SKJS3g0kV7ro4SsxINv29CglmbTmCqU8x0NL2EkrQ6JD5ic3f4RR0673U9XneHOcXRE1M38VcmRMUHctqlh1C0Zp8kX-r1M_Ld5TXh-nr-x3kHLsLRf_vdEbGZsFzQ2Gwi3W6Z48ZcDApu02baOLsSPcCwyVfjza7M5-g08qSqzd9wcy7mOVRcKUJvYtLXQ-Qgq3UKQNXThS-D-d3-xmT2ldevwx00N37NOJxujbL3eFnyJumKCfepMI5HsRpZ88fu4_khRU1N5POehXRQarwjjWEge0i44zXKCx8zf1AY8tRwVP9mKUGgQwq7W2fX5vUkijNVuFSlY-f030QXzRSXbJD-zy2_A9xyMq8uBN2o0urpgK-dzkJ4w5SXrrFc1bCOIpFH67_woh7W2DETy1_MwRLE4lpNiRtg8ARfBEtZEe7MNnmB0sQMeX8UVkNMkpL8zcgQ3JPxdbVxGBsox4ig7UPH5x7QOmGd9bYbCpAuIAfoiK0m5wshD06NYzo1Qxjiuf4pne-ECuisjaFGYAUz1jyLUtx_4TGO6KPr9N0W-J2ZhMM8X6e8OULHDKYnxpPhcsab0SPYh_XGzAeNn4C1eqfOGZtY-H94k9gUtbWJS6eImqK6FLDXPwwnJp9FX6VVSXh0RAt4fFAJyV93okBVxDPNR46XNWKwVUI5WJaeYqGWLlM-_iG4ajKyl-jseIx4XqnXqEWEObcMUmpcEAQ411_tsOeIVR8fHMTdNftylMk16IVSPeZuW1pu6-rwjdGkiU-jNtVRFdFwq6x2j0ScWKErlBjqCvfDLbQmimdbda4QGBXbzBVra_crX_F5OXX2opLqhOftzHujdlw2MkWyAfzS2yr9XlSk1B7lqO8krnnGMMFBoR9Bz5wXixWVwh_l6uAIKMAIJ1hb1pxs-INUWo0byB7Sm0d49vFyi0Zu9O47jnutrLqTUstLnjSpYwq-tNbnp5W8JBdgtg&pr=63%3A0.1447655337752099&cid=CAQSGwDpaXnf4hFUJrMr49qKV7d2etAUk-AmzVEFtBgB&xfc=https%3A%2F%2Fadx.adform.net%2Fadx%2Fssp%2Fclk%2F%3Fdata%3DAnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&r=&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&ds=l&xdt=0&iif=1&cor=2505791405880454700&adk=1761367584&idt=57&cac=0&dtd=104
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 29 Aug 2024 22:08:21 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"638497828":"0x8af6f6000ef4091e0000000000000000","638497829":"0x68ccdc0e747e0b450000000000000000","638497830":"0xd228433313d414fe0000000000000000","638497831":"0x895df080f1beac210000000000000000"},"debug_key":"13783013820112275759","debug_reporting":true,"destination":["https://decathlon.es","https://livelo.com.br","https://leroymerlin.es"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["73749964","73749967","73774533","89103172","89103175"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["10089018"]},"max_event_level_reports":2,"priority":"0","source_event_id":"8869803997808332782"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 29 Aug 2024 22:08:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A5EC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5dHcoqTgm7yaAMuZdgBesA4n4rCgH0_11foN3F6j3CQQSKNj17h7TALfwgm1p6K2vAZVzbKa8yN2ri-UuxDbO6TzuAsdsjGDZim5s1QK2VKsHjKiDgQEnviR52Aai6-nbVDBu3P5xoJCVb-L_Gmd78l62M9Rfn-U7PXuUb0RvS8WExZ5b87pZnBKbZX-v--xVtD0aZAuJQ5AzIHUzbCJjqxoisl-aIE7tqLPAWtfu_8NQA8I&cry=1&dbm_d=AKAmf-C-cV5RtnZvDPHowJCouJJtsU4zJZ44Y6a2HS6LnHLdu3hHSDV4RRPxn_lZ6nvdJabWO44v_kesjgG0XF9cgKHsIxzkpx4JC4HQGG9bHmeoUELPQMLoVNeWgEsvhH1yeTVX7sfxFVMNXhNkNscKql3zc8FiGaBc-m5ewlfacjqGowWwcV1yrPdMLj784PzGalx6ecy0BFCsC0S-GVuQiOKry-C8LnpmxJaJ5eSEGgJLdOOp6AsJ8u3ObscfEDn01Ov8oetRlgxwavBv0eCX7l38XHyr1nmSc4r-m5_bqGI-LcXn9o5-VE-rULj4BMAlw0xV88WRhRfs4S56A6NbjmBxlCN5RS5cbfCG3omsSa7JwB7GQuGXsEwTVjnb3Xzxj834hZdhy89dd-i09YsNlK7MzKxdIEelFxzHm8Br9npLnF5zuoZLQrWHz0w54bZITD1Hx-Qdf8C0xqD_8GqmCuAZfk-eCu2m081G_NwyKpFN_j6M0cWyPre3357ECJ6M-Zj7Qg37srF5WrvvMH7OrTbKsxgjkEiG7U_vEyrd4N5dG_PJK2tjIa7mD5sdKRRPjGIEYV-5ZVdpJZ4JNYIenXsHX3pxB8Wz_7bd-6KpRFBto80esv6IsUAw-m9DLSBKao1h5JvWhpQbTodCgjkmU_FM9XPFSDdKAyLKGt6sdLr65KoLNNIkwsYuF4LfrcVwjzcosXit3o8NXgwJdxS1nMzEfiILkJ0WxCN0A_CKB3t-wOPVF1h7ai_vAXZGAv9C3aJdMZGmVdzDMCpbz_fJBUjGHoXb0DfYljLf9S8M6nreohvQrGIgdxNWxkt6wEyDZ7kE3xQwN3t0tdIiwxxKkMcLYsdOuSs2PIrurF6YFKSu0PUmGz-AgY-P19_t7qKbvBXahj1Jlbta6yh6lygBJhqOzyBqQ392LjazIqw_3PYUm_6pI9ws6vezrM6Kzs_rwB1QBowBpo4l9CtSzPclU1LN0d_QCBZN9xJPRDdpqo4JaY3UhXzKKMiM-deLnfjTi57BpRgrGx-Hr-swBP6KoJuDUNrHApM6TVXRhK7wXUn7FDbXx6lfwCXdcpkYMb5tBFX_QSctcPA0qr2NP9ktCsVAU7c0v57_S4xO04ZjkllKkm8o9-kPW1m-o_zVH80hFBJR3mw11MvUwmZ8wuLhoh_szludtRh7KbzOMkbiOSBesGnuNLfuxIFyuaZYrxFW7EKlAmNtlmTypMm7OvmYLjDgBuo966s4RJBw-mqUfYa9wotlm_4G4lMzjFQdr-eewM-8ffhWISVBTvHGZDSC3rMV2G21ELuIxpz6EhFTWexZ5UQ58OFOnc96920J3XxjkFsDsAKIu6JqCvoNKbL8ZwCfmgaF4MWUc33EIqdEEt3YgwY-AR00fFl4lXoIXf1wtpNXBaopckTLQ4VMSNwk1hpw3ZyViyZ3Ew5hHoyIkoiS6VuFuKcZMwVQ3ODLGbEf5RPJsNfZJmQWpqOVYMDugfcHW7IFncBOa4n0WEK7BbdWXnqeLzfPq51U1qjE2s59ztyrdn6BPYIshIqg7pBgqc7k5FRKk23iYklgMD2DXVss3VXFgopEkakptsq_Wd0Y4VZozdwuYXMZZdobgagngkOc0xV-5HkMYMm1uLr70IifP9FJs6grBhm9xaP9gTBQmmc1TCMZhMyEYvpGNJt6N8l7SqWdfEzcoLNRszrXKNsg-9-bjkB10yaKLM36BSe2ZB5TM7YAtp8co8b1itJ1_WDW-lej8GgdJfIsPJ6vut-XDCpFnCHCdiMdjQgvNtWyNvNCctZtfhEDi5_I5J73ss-NRB31_Qfg1AWGL6btImbva7_7Jv2WRQTaUnrm772-SUpGsvKHsUL6lVH2x25oH8mAUMM5MXf_lSQUe7W4V4Do69mw6fO2ROwiOAXi5gdTk5wHZk80ygIFOEgoCb_KEdpY-elcpG-yiEWOpGucBBclNigC31NOWaUNE3zop4RgtwaGjgTWuKv97ma9LVfj-JVG4n1QW0fYWgnpeESxmOzvd0mOyAYly2j1t87yum_T-0JpRSo5FHmmi8dHI_3o9lPxcyd8aCVW-j1ixVJ-oGEcqyS9fq3X6PcdclRG8z_pvVBdqQb0lgryu8S2SL_Q2D9XdpfuwWa-DEOqS7UwllkPze1FB7HnbRHPfLFS2xvzzkOMhmZmNy2_DyXV6elzVVdeiosr2vJH98JoIXCnZE4PIQr9FkQjL3tcXBtUgGOuNeRCB3FMwTcu9cGvgr-TaHASnwEP7ySWocZ5-4VuKNlo4wn-UzMPtm_t31c-0c_FF4Bk65sxHkC0XvCsSPsbiQ9t7eTBuwqZ4u_VLeQ0UkziZOkTmzZGgBErkbXzacYYMdPW3kwVQx9O6ziRPY7SBz_TXs-H7q9NBXQvOnPjyJM65APFQ4tvhXfwjEhoid02i3NYOg2tJ-mVbN8iE_naHVxuELNbx4Xu9c4iVEWAAcOmsXQgzo_qv6sfea6vhvNRLxCjp4OAmUjJAmfHWH4OQakn3LcSuKuBsSEeCEBRGsEGMOZVIZs7wBnanVtBlSB8VK7Hif0BC2nZULlYkotjLPdIgoxTz5eo6898H2kPbA_t5pQRaxmiQW7oQ_7vcdbApN-Mx0ylGOjnd0uGacQszTZHtHFAUy-xIY7MhJSYrK6NZXUS7okQ5vMKd3aSMQhuQI2l2QBrwodL7ZtTLlfNmzrX5TtRFw8NJEydPU26hAIZrZUocjgCcF77IhCEgwS2747b6WXzreqJfMH6sEozogyHPDw-G_jg_GkwmzzDQQDsX5t0gAGRR_fmDrwPG61MvvrkQL8oZgic15SKJS3g0kV7ro4SsxINv29CglmbTmCqU8x0NL2EkrQ6JD5ic3f4RR0673U9XneHOcXRE1M38VcmRMUHctqlh1C0Zp8kX-r1M_Ld5TXh-nr-x3kHLsLRf_vdEbGZsFzQ2Gwi3W6Z48ZcDApu02baOLsSPcCwyVfjza7M5-g08qSqzd9wcy7mOVRcKUJvYtLXQ-Qgq3UKQNXThS-D-d3-xmT2ldevwx00N37NOJxujbL3eFnyJumKCfepMI5HsRpZ88fu4_khRU1N5POehXRQarwjjWEge0i44zXKCx8zf1AY8tRwVP9mKUGgQwq7W2fX5vUkijNVuFSlY-f030QXzRSXbJD-zy2_A9xyMq8uBN2o0urpgK-dzkJ4w5SXrrFc1bCOIpFH67_woh7W2DETy1_MwRLE4lpNiRtg8ARfBEtZEe7MNnmB0sQMeX8UVkNMkpL8zcgQ3JPxdbVxGBsox4ig7UPH5x7QOmGd9bYbCpAuIAfoiK0m5wshD06NYzo1Qxjiuf4pne-ECuisjaFGYAUz1jyLUtx_4TGO6KPr9N0W-J2ZhMM8X6e8OULHDKYnxpPhcsab0SPYh_XGzAeNn4C1eqfOGZtY-H94k9gUtbWJS6eImqK6FLDXPwwnJp9FX6VVSXh0RAt4fFAJyV93okBVxDPNR46XNWKwVUI5WJaeYqGWLlM-_iG4ajKyl-jseIx4XqnXqEWEObcMUmpcEAQ411_tsOeIVR8fHMTdNftylMk16IVSPeZuW1pu6-rwjdGkiU-jNtVRFdFwq6x2j0ScWKErlBjqCvfDLbQmimdbda4QGBXbzBVra_crX_F5OXX2opLqhOftzHujdlw2MkWyAfzS2yr9XlSk1B7lqO8krnnGMMFBoR9Bz5wXixWVwh_l6uAIKMAIJ1hb1pxs-INUWo0byB7Sm0d49vFyi0Zu9O47jnutrLqTUstLnjSpYwq-tNbnp5W8JBdgtg&pr=63%3A0.1447655337752099&cid=CAQSGwDpaXnf4hFUJrMr49qKV7d2etAUk-AmzVEFtBgB&xfc=https%3A%2F%2Fadx.adform.net%2Fadx%2Fssp%2Fclk%2F%3Fdata%3DAnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&r=&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&ds=l&xdt=0&iif=1&cor=2505791405880454700&adk=1761367584&idt=57&cac=0&dtd=104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:38:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
12598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:38:23 GMT
2804914117153425810
s0.2mdn.net/simgad/ Frame A5EC 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2804914117153425810
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2e8bcbd89182766042ea40a65a9237f48b2dd0d2e60303a522ed88359cf2a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 29 Aug 2024 18:19:46 GMT
x-content-type-options
nosniff
age
13715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107312
x-xss-protection
0
last-modified
Tue, 20 Aug 2024 12:09:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Aug 2025 18:19:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A5EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame ED1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
57834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 06:04:27 GMT
expires
Fri, 29 Aug 2025 06:04:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame A5EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst5xbQI-B2QmFv73PDSuAml8vU-Hx4zAAn1SoXnKoqfIG8GIWN21T-T4p3sy7tHPDf6F60kHXI4dPp218DZNwdkIcw4JOF0O8jDZSwCOg0E4cczTVYI1MWS5sal5gaIAoXvA9PphUBrIxdR2sGRvQojfKoeTsb-j9qHsRMYBb5knezebgM57yByu0KlyjsAymZLMwGu3g7gYM1VXM_LAxgdImO5DMTHqL2pKFhvNpuMmzRxtWyDmQFKvQhfOj2afoYPJg-swRks30r3O7epnUAabLy0m06r2wZKnPPqBFP4QKTUBQjxtqOsDzF04ZRn9Rwip1iI9qNFPzSWzOQZ_yV_jKHetSqbiKdqrDv9hNn34OckwHCaGRmiZEZibt9IYcEtPb1ecZFwXktYZ0apVbpVyZizyWHUEgqSceqXIGUS7RDlJpqopwZxtqwN6Z3e0rIzRZu2T9EjzfBqvXhYDSIFQOtO_qZa8tButT7x-ewKlmEyfO4u7yl3nlKuLvm4TUz5c14baDjZuyYWFx7ICZ4Aii8fQjDHi2zgjD1LIffOYxGdiP0LqranMA_kGwieQkHRWd2OYqDhneCjVFSlOCu2_5PfZO6fbcYbIG65Nei1UPva493UZjsLVZBH2WjovsSs_QbD54sXveFkwCw9cUMZnOKFs3zQ5ADSGUpMgRJ5duBUZz_nHFWnZJHDTShY0ceDLrvsE616KPMGCbTe9pYA2AkGnNLE_dlmQ53BO9QGj_lZUd_iw2y9Fi6TNVrjqx6b_-8H6EhXFnvkMT-v9-3VcP64qj-hoWcHihLAsSjtx2aHbkmQOvPY7fseMRPDrEaZxcPCoXo-S48PZDORirz5IPtbW6LYDazP2wgXV-AtLSxY2lIpN8sNeekZpGkHTReyaCqzboMEyfKwK_Ya49Mulh_YgGeEllP-ryKrTRwpsomPb20Fh5DXBZuYRV1Oil9WZc0QjwN2BPwiVt-a6UIblcoO59ryGcvdBHA-djPE-uak43PjntkQVHFpC_RAdsG3X_tNJKaN2K9RlMgIC84iJqxg56N6gPQLrDnBILfXjpCjKpD_9sWVzurmtcws1YONkh2QQCikYg1gOhmshcG0q_-cbNSt50DbqOde6qMK467yx6gMCyEHLA5M2Hk-mJKxIH6wD1GRSgG2kjZcke7cs4z39NsHDCBnSqbX9btJDMkGVdafFCS6DvtIithhdfq4zueYSegBxTaE73HEAf4barBmtnaAIhM4oiTL1q8UYvkocqOcN3XnOGaycI9oXLiKQE_sU3uVyuiBiWBNHAO-Fa8irFNWn8qBnCuEu9VBEk6gdeVeNJWJFHXcXhYj2hnrpyknlA&sai=AMfl-YTG3Zym2-ablsasNeC6ZZxDDGkSOYH9ed1rk_hZjX1_en7epGSNqxEmJBUBbXRQo_M9-Uhjgxj7oz_IzbYTJEHUqfvMZ0xJu1cISIWuh6dehiSChsa41au4o1cozqt6FEQSZ-jThPWmLrhrwQrPgO6Cn7S6eIj9dusf1nx9qdBch9-XzlTrkAgMwp1F1z57tyJzKeCkjw8&sig=Cg0ArKJSzAH6VsheN7fpEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9kb3VibGVjbGljay5uZXQ&pr=63:0.1447655337752099&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=258&vt=11&dtpt=256&dett=2&cstd=0&cisv=r20240828.97298&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5dHcoqTgm7yaAMuZdgBesA4n4rCgH0_11foN3F6j3CQQSKNj17h7TALfwgm1p6K2vAZVzbKa8yN2ri-UuxDbO6TzuAsdsjGDZim5s1QK2VKsHjKiDgQEnviR52Aai6-nbVDBu3P5xoJCVb-L_Gmd78l62M9Rfn-U7PXuUb0RvS8WExZ5b87pZnBKbZX-v--xVtD0aZAuJQ5AzIHUzbCJjqxoisl-aIE7tqLPAWtfu_8NQA8I&cry=1&dbm_d=AKAmf-C-cV5RtnZvDPHowJCouJJtsU4zJZ44Y6a2HS6LnHLdu3hHSDV4RRPxn_lZ6nvdJabWO44v_kesjgG0XF9cgKHsIxzkpx4JC4HQGG9bHmeoUELPQMLoVNeWgEsvhH1yeTVX7sfxFVMNXhNkNscKql3zc8FiGaBc-m5ewlfacjqGowWwcV1yrPdMLj784PzGalx6ecy0BFCsC0S-GVuQiOKry-C8LnpmxJaJ5eSEGgJLdOOp6AsJ8u3ObscfEDn01Ov8oetRlgxwavBv0eCX7l38XHyr1nmSc4r-m5_bqGI-LcXn9o5-VE-rULj4BMAlw0xV88WRhRfs4S56A6NbjmBxlCN5RS5cbfCG3omsSa7JwB7GQuGXsEwTVjnb3Xzxj834hZdhy89dd-i09YsNlK7MzKxdIEelFxzHm8Br9npLnF5zuoZLQrWHz0w54bZITD1Hx-Qdf8C0xqD_8GqmCuAZfk-eCu2m081G_NwyKpFN_j6M0cWyPre3357ECJ6M-Zj7Qg37srF5WrvvMH7OrTbKsxgjkEiG7U_vEyrd4N5dG_PJK2tjIa7mD5sdKRRPjGIEYV-5ZVdpJZ4JNYIenXsHX3pxB8Wz_7bd-6KpRFBto80esv6IsUAw-m9DLSBKao1h5JvWhpQbTodCgjkmU_FM9XPFSDdKAyLKGt6sdLr65KoLNNIkwsYuF4LfrcVwjzcosXit3o8NXgwJdxS1nMzEfiILkJ0WxCN0A_CKB3t-wOPVF1h7ai_vAXZGAv9C3aJdMZGmVdzDMCpbz_fJBUjGHoXb0DfYljLf9S8M6nreohvQrGIgdxNWxkt6wEyDZ7kE3xQwN3t0tdIiwxxKkMcLYsdOuSs2PIrurF6YFKSu0PUmGz-AgY-P19_t7qKbvBXahj1Jlbta6yh6lygBJhqOzyBqQ392LjazIqw_3PYUm_6pI9ws6vezrM6Kzs_rwB1QBowBpo4l9CtSzPclU1LN0d_QCBZN9xJPRDdpqo4JaY3UhXzKKMiM-deLnfjTi57BpRgrGx-Hr-swBP6KoJuDUNrHApM6TVXRhK7wXUn7FDbXx6lfwCXdcpkYMb5tBFX_QSctcPA0qr2NP9ktCsVAU7c0v57_S4xO04ZjkllKkm8o9-kPW1m-o_zVH80hFBJR3mw11MvUwmZ8wuLhoh_szludtRh7KbzOMkbiOSBesGnuNLfuxIFyuaZYrxFW7EKlAmNtlmTypMm7OvmYLjDgBuo966s4RJBw-mqUfYa9wotlm_4G4lMzjFQdr-eewM-8ffhWISVBTvHGZDSC3rMV2G21ELuIxpz6EhFTWexZ5UQ58OFOnc96920J3XxjkFsDsAKIu6JqCvoNKbL8ZwCfmgaF4MWUc33EIqdEEt3YgwY-AR00fFl4lXoIXf1wtpNXBaopckTLQ4VMSNwk1hpw3ZyViyZ3Ew5hHoyIkoiS6VuFuKcZMwVQ3ODLGbEf5RPJsNfZJmQWpqOVYMDugfcHW7IFncBOa4n0WEK7BbdWXnqeLzfPq51U1qjE2s59ztyrdn6BPYIshIqg7pBgqc7k5FRKk23iYklgMD2DXVss3VXFgopEkakptsq_Wd0Y4VZozdwuYXMZZdobgagngkOc0xV-5HkMYMm1uLr70IifP9FJs6grBhm9xaP9gTBQmmc1TCMZhMyEYvpGNJt6N8l7SqWdfEzcoLNRszrXKNsg-9-bjkB10yaKLM36BSe2ZB5TM7YAtp8co8b1itJ1_WDW-lej8GgdJfIsPJ6vut-XDCpFnCHCdiMdjQgvNtWyNvNCctZtfhEDi5_I5J73ss-NRB31_Qfg1AWGL6btImbva7_7Jv2WRQTaUnrm772-SUpGsvKHsUL6lVH2x25oH8mAUMM5MXf_lSQUe7W4V4Do69mw6fO2ROwiOAXi5gdTk5wHZk80ygIFOEgoCb_KEdpY-elcpG-yiEWOpGucBBclNigC31NOWaUNE3zop4RgtwaGjgTWuKv97ma9LVfj-JVG4n1QW0fYWgnpeESxmOzvd0mOyAYly2j1t87yum_T-0JpRSo5FHmmi8dHI_3o9lPxcyd8aCVW-j1ixVJ-oGEcqyS9fq3X6PcdclRG8z_pvVBdqQb0lgryu8S2SL_Q2D9XdpfuwWa-DEOqS7UwllkPze1FB7HnbRHPfLFS2xvzzkOMhmZmNy2_DyXV6elzVVdeiosr2vJH98JoIXCnZE4PIQr9FkQjL3tcXBtUgGOuNeRCB3FMwTcu9cGvgr-TaHASnwEP7ySWocZ5-4VuKNlo4wn-UzMPtm_t31c-0c_FF4Bk65sxHkC0XvCsSPsbiQ9t7eTBuwqZ4u_VLeQ0UkziZOkTmzZGgBErkbXzacYYMdPW3kwVQx9O6ziRPY7SBz_TXs-H7q9NBXQvOnPjyJM65APFQ4tvhXfwjEhoid02i3NYOg2tJ-mVbN8iE_naHVxuELNbx4Xu9c4iVEWAAcOmsXQgzo_qv6sfea6vhvNRLxCjp4OAmUjJAmfHWH4OQakn3LcSuKuBsSEeCEBRGsEGMOZVIZs7wBnanVtBlSB8VK7Hif0BC2nZULlYkotjLPdIgoxTz5eo6898H2kPbA_t5pQRaxmiQW7oQ_7vcdbApN-Mx0ylGOjnd0uGacQszTZHtHFAUy-xIY7MhJSYrK6NZXUS7okQ5vMKd3aSMQhuQI2l2QBrwodL7ZtTLlfNmzrX5TtRFw8NJEydPU26hAIZrZUocjgCcF77IhCEgwS2747b6WXzreqJfMH6sEozogyHPDw-G_jg_GkwmzzDQQDsX5t0gAGRR_fmDrwPG61MvvrkQL8oZgic15SKJS3g0kV7ro4SsxINv29CglmbTmCqU8x0NL2EkrQ6JD5ic3f4RR0673U9XneHOcXRE1M38VcmRMUHctqlh1C0Zp8kX-r1M_Ld5TXh-nr-x3kHLsLRf_vdEbGZsFzQ2Gwi3W6Z48ZcDApu02baOLsSPcCwyVfjza7M5-g08qSqzd9wcy7mOVRcKUJvYtLXQ-Qgq3UKQNXThS-D-d3-xmT2ldevwx00N37NOJxujbL3eFnyJumKCfepMI5HsRpZ88fu4_khRU1N5POehXRQarwjjWEge0i44zXKCx8zf1AY8tRwVP9mKUGgQwq7W2fX5vUkijNVuFSlY-f030QXzRSXbJD-zy2_A9xyMq8uBN2o0urpgK-dzkJ4w5SXrrFc1bCOIpFH67_woh7W2DETy1_MwRLE4lpNiRtg8ARfBEtZEe7MNnmB0sQMeX8UVkNMkpL8zcgQ3JPxdbVxGBsox4ig7UPH5x7QOmGd9bYbCpAuIAfoiK0m5wshD06NYzo1Qxjiuf4pne-ECuisjaFGYAUz1jyLUtx_4TGO6KPr9N0W-J2ZhMM8X6e8OULHDKYnxpPhcsab0SPYh_XGzAeNn4C1eqfOGZtY-H94k9gUtbWJS6eImqK6FLDXPwwnJp9FX6VVSXh0RAt4fFAJyV93okBVxDPNR46XNWKwVUI5WJaeYqGWLlM-_iG4ajKyl-jseIx4XqnXqEWEObcMUmpcEAQ411_tsOeIVR8fHMTdNftylMk16IVSPeZuW1pu6-rwjdGkiU-jNtVRFdFwq6x2j0ScWKErlBjqCvfDLbQmimdbda4QGBXbzBVra_crX_F5OXX2opLqhOftzHujdlw2MkWyAfzS2yr9XlSk1B7lqO8krnnGMMFBoR9Bz5wXixWVwh_l6uAIKMAIJ1hb1pxs-INUWo0byB7Sm0d49vFyi0Zu9O47jnutrLqTUstLnjSpYwq-tNbnp5W8JBdgtg&pr=63%3A0.1447655337752099&cid=CAQSGwDpaXnf4hFUJrMr49qKV7d2etAUk-AmzVEFtBgB&xfc=https%3A%2F%2Fadx.adform.net%2Fadx%2Fssp%2Fclk%2F%3Fdata%3DAnreJLAGUJxUNdes9VQ5q5f4zXqIoVB0gcdVKHnVaYcb8mYJ3nykryMu65I5AR8v8_0JpWPQeNgijqrEYB8G-7IYfQVTYw0XWuKZ2EbmeKVLkeW9kczCR5P84rbkLAPeDZPrZ6yT4BIJdtw94fqEIcfTTu8hb1lhtfOtSPRKcQRrg_CzxuFDn8N4iOtIBxgX0&adxvars=F2Rp7U7EiikE2Efb994J9IF13jPcn-dhKB_SbSbzx51Wft3OUgzq9NhAyrE9IpK77Ui30yPIvpSo5o2NxdUxB6nbEjygYv4-XGwJ5XfeLCaz5lL_rD4dXft1Xm-bTreBd5QYCHUsP38SdU4-YkaYfsOHKBBOLPiQ86wuSWrjW6HsJKTBgc7pQVTxQHsmkj2iQGt8pJPy06haNzwaglXgYbAcbPoHp0nX0&r=&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&ds=l&xdt=0&iif=1&cor=2505791405880454700&adk=1761367584&idt=57&cac=0&dtd=104
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"638497828":"0x8af6f6000ef4091e0000000000000000","638497829":"0x68ccdc0e747e0b450000000000000000","638497830":"0xd228433313d414fe0000000000000000","638497831":"0x895df080f1beac210000000000000000"},"debug_key":"5449378980296682987","debug_reporting":true,"destination":["https://decathlon.es","https://livelo.com.br","https://leroymerlin.es"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["73749964","73749967","73774533","89103172","89103175"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["10089018"]},"max_event_level_reports":2,"priority":"0","source_event_id":"17348105410834705396"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Aug 2024 22:08:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A5EC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9052457556623&version=m202408260101&ct=2&x=63&cor=2505791405880454700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 2586 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1724969299687
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
html
cs.krushmedia.com/ Frame ACBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.krushmedia.com/html?src=pbjs
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.110.134 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 29 Aug 2024 22:08:23 GMT
Server
nginx
Transfer-Encoding
chunked
usync.html
eus.rubiconproject.com/ Frame 46CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 22:08:23 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 9DA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bafdc026c319735-FRA
content-encoding
br
content-type
text/html
date
Thu, 29 Aug 2024 22:08:23 GMT
server
cloudflare
sync.html
public.servenobid.com/ Frame 5EF0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: profitsence.ams3.cdn.digitaloceanspaces.com
URL: https://profitsence.ams3.cdn.digitaloceanspaces.com/prebid_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
67134
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 29 Aug 2024 03:29:30 GMT
etag
W/"a421cafd19c21284be567b12002cf378"
last-modified
Fri, 09 Aug 2024 18:03:42 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
x-amz-cf-id
OfeH2NdWrrIuGt3adIwFkQiCdRXQlxy2DK-27XnZrC_1eZ6oYm0wKg==
x-amz-cf-pop
FRA56-P8
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:f39297af-ab1b-4fa1-9c17-e707d9442122
x-amz-meta-codebuild-content-md5
c019d5c9f38b298a15d2331367789657
x-amz-meta-codebuild-content-sha256
0c862cfbec86cf35da41ccff65cebb329952af81fbec4518f938686b910c80ab
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 07D9 		0
0
rmpssp
sync.1rx.io/usersync2/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1724969303461
0
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D358%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26s...
  • https://sync.adtelligent.com/csync?t=g&ep=358&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=746141&a=753378&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_sour...
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=g&ep=358&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=746141&a=753378&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=596d37ae-cb3e-4668-a461-778fd159d8d2
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:23 GMT
Server
Adtelligent
Etag
e159320ea714e0c3
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 29 Aug 2024 22:08:23 GMT
Location
https://sync.adtelligent.com/csync?t=g&ep=358&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=746141&a=753378&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=596d37ae-cb3e-4668-a461-778fd159d8d2
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
Expires
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D737%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26sp%3D859075%26pb%3D754575%26c%3D747403%26...
  • https://sync.adtelligent.com/csync?t=g&ep=737&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=747403&a=310531&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_sour...
43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=g&ep=737&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=747403&a=310531&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:23 GMT
Server
Adtelligent
Etag
e159320ea714e0c3
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=g&ep=737&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=747403&a=310531&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=
date
Thu, 29 Aug 2024 22:08:22 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
vary
accept-encoding
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26sp%3D859075%26pb%3D754575%26c...
  • https://sync.adtelligent.com/csync?t=a&ep=307558&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=603469&a=307558&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_s...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=603469&a=307558&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=59e491b1-7b71-4134-82b8-b5b2487bf966
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:23 GMT
Server
Adtelligent
Etag
e159320ea714e0c3
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=603469&a=307558&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=59e491b1-7b71-4134-82b8-b5b2487bf966
date
Thu, 29 Aug 2024 22:08:23 GMT
cache-control
no-store no-transform
server
nginx
content-length
375
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D13EDB51C7DC703F8%26sp%3D859075%26pb%3D754575%26c%3D538100%26a%3D29725...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Dg%2526ep%253D32%2526traffic_source%253Dsnippet%2526session%253D13EDB51C7DC703F8%2526sp%253D85907...
  • https://sync.adtelligent.com/csync?t=g&ep=32&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=538100&a=297253&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_sourc...
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=g&ep=32&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=538100&a=297253&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=4817350465720699182
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 22:08:23 GMT
Server
Adtelligent
Etag
e159320ea714e0c3
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:23 GMT
an-x-request-uuid
231f4dd0-f4ca-4dd8-9a23-1d17b82ae3b9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=g&ep=32&traffic_source=snippet&session=13EDB51C7DC703F8&sp=859075&pb=754575&c=538100&a=297253&domain=https://fescoebill.pk/0.22138318892950082&gdpr=0&gdpr_source=&gdpr_consent=&extuid=4817350465720699182
x-proxy-origin
84.19.175.184; 84.19.175.184; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.profitsence.com
URL: https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
688499432c523ae31997f673234afbdf29b0e45bd10d2e579d2cee2d316e5743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32367
x-xss-protection
0
server
cafe
etag
309 / 19964 / 31086563 / config-hash: 2309242894128708444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 22:08:23 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/ 		479 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
083e2c896a1125c9122ae8e75e0297d77602f86508c18522d001e3448817a748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 15:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
25074
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152842
x-xss-protection
0
server
cafe
etag
9007519824101205236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Aug 2025 15:10:29 GMT
121764058
fundingchoicesmessages.google.com/i/ 		0
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202408260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2bc7143b4e5e9a5f40be325b85f73c25afd0e833477b11a4cd2236438ee68306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13001
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		67 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1918905152318032&correlator=407294450313189&eid=31083339%2C31086563&output=ldjh&gdfp_req=1&vrg=202408260101&ptt=17&impl=fif&iu_parts=22738518951%2Cgamezop-profitsence%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100&ifi=1&didk=1458362654&sfv=1-0-40&sc=1&abxe=1&dt=1724969304474&lmt=1724969304&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffescoebill.pk%2F0.22138318892950082&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&td=1&egid=55269&tan=83bed7cd-9daf-42ba-8942-60ec515dbc12&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724969296958&idt=6783&adks=3875338178&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62b1a2e2d4db36ca2731089b4781a760bd21ab40137b9f7f891ece6c7ed3abea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25313
x-xss-protection
0
google-lineitem-id
6699513054
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138471469642
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fescoebill.pk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6abffdedb87343d1f0b4c8a8c7c11763.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8605 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6abffdedb87343d1f0b4c8a8c7c11763.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 22:08:24 GMT
expires
Thu, 29 Aug 2024 22:08:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
pagead2.googlesyndication.com/pcs/ Frame 71EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv23vR6phT1v_uJ9EiDAGbrA2M8H0X3doEN_w40DG8BrRhsUdKd4zsIoQIZXpRWFAQ22kTPTfHQiquerkgBA3O1zJeqgKxwdQY9jfEay4wgsz1MTvmQ_L3VLbRB60Lal51uW4jomZ5vjIQxmAJt5mdR-HQNmi7h-s51J45gDET5OK7Tt8_NVR3L8SMffdLJtZiK5YrNH2mBopIg0jBI_1hON70scpIKwTANhzB_3_28XctFv3EafQg80Fz5lgQb6j7DKJb7jtO3j2rLnE7sLhYLDV6_bu2eJtFv2UN8DW66tYh5Ki0gymsObLmGSkETApBn-Vd2mAybu8Kt8MN_mPfcEdGJUQqVpcPETq8Nq-syfz8OEhNOVRNMmg&sig=Cg0ArKJSzNI7Xz5Kr3pCEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: fescoebill.pk
URL: https://fescoebill.pk/0.22138318892950082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/ Frame 71EF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2485b4806d4ffe65c25de7c1b0b79eda4a6691c3362072310cb217d14a85ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 13:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
32759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9118
x-xss-protection
0
server
cafe
etag
4408758125313910948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Sep 2024 13:02:25 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/client/ Frame 71EF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240828/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
12884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Sep 2024 18:33:40 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 71EF 		204 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
258daef9a182640e92d363f90b54305e7a38a99655b8117d7bd7658a7fffbfff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 21:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
1582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64913
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 22:42:02 GMT
d9fbf5c7-357d-4619-900a-876ed34d4fa7.gif
static.gamezop.com/creatives/ Frame 71EF 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gamezop.com/creatives/d9fbf5c7-357d-4619-900a-876ed34d4fa7.gif
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6600:8:2f57:a180:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
431497a2297f13b6b12c31803f17f235af3ffc3819f10b0a1581f7e630d6f3c4

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 00:47:02 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Thu, 10 Feb 2022 17:22:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
1027381
etag
"8929ce351c0964d9b7ae9b38f5b80577"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
alt-svc
h3=":443"; ma=86400
content-length
52385
x-amz-cf-id
Qv1bSg5y_6ktvdBGYZ6MA1nflSTsKPKe8s6vYePBsCfM1gPQqZSgKw==
sodar2.js
ep2.adtrafficquality.google/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js?cb=31086563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Aug 2024 22:08:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 71EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 22:08:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
pagead2.googlesyndication.com/pcs/ Frame 71EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssjslsMpbuQZFoI5RypQ6jZOKrb4pcoV9zNeNUUXNAAsF0RInofss3o6LvwY-6FqBKfGGogdz1oJKIXEFbY2qRRKxbp44vVrMhP7-kehiwUdzgAvIRoBVIAK5NkMaUOBcoRFtzsK5CG2Dprom2DGwOzKGH48xpCvjR6HmMq8M0WBQC5se-lh9Pj6bPifHgVscKo0AvAhRt9lEWhe1kzNc5h2H-IFKfEpAoo6nGXxRTSHUy6Ze7l8AhuE5SWOxQnjuqPlJRTNKNeQzrkwFduZ2S7P7eXJ8e_T7EL8qZV3-ZfUkrwXnKYxNenTRCFkKNk9DYdsbxjnDHTU6-SxtCxpVUuBOMLd9511KILb-SH9Foaoq0ribhpO2hzuXGp&sig=Cg0ArKJSzO3yPFoF3_FAEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:08:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 14B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fescoebill.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
15219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 17:54:46 GMT
expires
Fri, 29 Aug 2025 17:54:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.richaudience.com
URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4114020762
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1724969303461
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/i/121764058?ers=3
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408260101&jk=1918905152318032&bg=!CgmlCUbNAAakh3bWhIc7ADQBe5WfOGkPmmSucushLh1iccnMc8l-9L3HzdtNDNAPhASFvWX6EbAtCxf3WfBJt-LmffV3AgAAAJhSAAAAAmgBB34ANn8fzc8F2TBpB8dyNDquop0bGf30UOwH-JeFi9OxRTc_MtNxkG4YOHxjlqci4bJw3P8jIAKs0AoAUgfMFlChSQuAMXvVUF8I0WQYX1mmZ0ociNQ81Qm3dPHDM31JA4pkgaxRXqzkHiMbx89qPsKj5ijkjbn8Pr9MNlR-RfBZkom-CtA-ItZJX-mX0dOZAqzYfMlYe570v1ZKav7uXmOBZrsP_FqLefEN1-frSMIzmJyaNNav6fkuUnulQ9zjfaGTlj5nGzCs7AF4j9jeDxJ4Z4KJqETXszSG6vaG4rVrO4sZNCV4wvE5Mwg6QXpiUCupIM9zbc0oUUVy-Mbyl-ctEFwLuyfVgKhA8_PatiRhN9o5XcVnF5lT8cHOdOkYzRWRTDIePiuyrcTf7dscEyPJcf7b1nq6ZTsYUf75XlPmrZ7D8OZfLjv3L8wsL0bkFOFykrsVkN7BMEheFoxmAR1xK6g_LO1mQQjI0rRJ1aMuKIkzTMyC3en0igbohqqHStjBi-wdAEdi0y6Yd49Asu7__Ye5LFGC6IpQj4fEddmqCjX3SXtr6nwvzZNCWB8IcDtedKcvBqIV5Zn7nOYCsg7trzDxSFXAqIlX9irL-uut23eWpUopcqr2nS4lq3xtwhuDIR-dQFWjExKme1UG0vbZCEB6cGdmN71hJSyuY6a3kRzO-hcRhTpjOGM-PJ5BLkmpRg-MELPzN922NDjW_65oW-gFM5T4RFVQj2MfTczLpz99-HY8cPRheJEa4fUotVywilxnBLhWClnUAEPvLTLInc_tiPN7-qgteq0a8RRomR_1nWNLlTNG-S9LSD5eNaIJHkPkHDGszDtlAMj3JcyNt6ISP7RbacRMMGmwjgw_CG4cfH_OA1siB3r5EKgG1eskwSqvayDMPl4ysGy8ndh7EiX2X2jsrtkCChsjoCKrZU-Zne4h-wpGwpTXAsmuTaPRWdyoDOQy2pugLzT9kpag6zFltFZSyO2KMa6txq0Y6DlBwPF_vmhhDnbB8yvuUipGt80P55iVsjW-8_bwn4PQKXu6RKVf3-X1uRriO-7oJhBWQG5yJe2X0RjZOzewxkGpfT-KkYLqJlGJybE

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| __cfQR function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data boolean| adRotationScriptLoaded object| gaGlobal object| kadenceConfig function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| m function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| da function| ia function| b64e function| b64d object| ai_front object| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| lazyLoadOptions boolean| __cfRLUnblockHandlers object| kadence function| LazyLoad object| images object| iframes boolean| is_iframe object| rocket_lazy object| pbjs object| hbManager object| pbjsChunk object| _pbjsGlobals object| aax object| ADAGIO object| mnjs string| nobidVersion object| nobid object| OneKey object| googDdmPs object| googletag object| ggeac object| google_js_reporting_queue object| google_reactive_ads_global_state number| google_unique_id function| arrive function| unbindArrive function| leave function| unbindLeave

54 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQuoG7gZoyCgoI4gEQuoG7gZoyCgoI5gEQuoG7gZoyCgoIhwIQuoG7gZoyCgkIOhC6gbuBmjIKCQgbELqBu4GaMgoKCIwCELqBu4GaMgoKCKwCELqBu4GaMgoKCK0CELqBu4GaMgoJCF8QuoG7gZoy
.smartadserver.com/api Name: pid
Value: 3939108438447681740
.fescoebill.pk/ Name: _ga_S90S04X0PK
Value: GS1.1.1724969298.1.0.1724969298.0.0.0
.fescoebill.pk/ Name: _ga
Value: GA1.1.665939844.1724969299
.adsinteractive.com/ Name: uids
Value: adsint-Xy5lXzgs1R4r83NwVYEyHS3lJzMGNcd18n1VHyZ7
.quantumdex.io/ Name: uid
Value: 70181744-dfbd-483e-be39-266df22d6bec
.rubiconproject.com/ Name: khaos
Value: M0FU6LZV-1O-4K7R
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qodYRitBtYJoebASkO6QPb7E03ikE5KqM3AlUs1t4kzcwzVl4MJZjBtHTMkktIjuKYwUbzUDUlP1jDHjdzFYTehg/sagZz8P0Uijy0RC4Zd8RuybVyVU0yt
.adtelligent.com/ Name: vmuid
Value: e159320ea714e0c3
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlMU0UQFJ1XpRCHJ-mjXcWC4BRLWmZ5kWcqxMLoNa5w3eGwELE4SG24L8dzdFs
.doubleclick.net/ Name: APC
Value: AfxxVi5nWW6-B0uUYMfdtBfha5gedI7YS5vCQcayvUMUlOYy4S0Nzw
.adnxs.com/ Name: XANDR_PANID
Value: 6AcAZwaSnfW3odqQw67gpziHwrZB_k05t0JoBUc1QktETQEUf1QsDawOUgaOoxyqk6vX_blsbP5DltdEesn_eHvxqZLiURMqeOXifiXpB30.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 4817350465720699182
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-79987f12-2257-4270-8c76-ae00ada56e98-003%22%2C%22zdxidn%22%3A%222069.44%22%7D
a4p.adpartner.pro/ Name: apuid
Value: 59e491b1-7b71-4134-82b8-b5b2487bf966
.mgid.com/ Name: lmg_usr
Value: 596d37ae-cb3e-4668-a461-778fd159d8d2
.mgid.com/ Name: lmg_r
Value: 25
.ads.pubmatic.com/ Name: KCCH
Value: YES
.krushmedia.com/ Name: krm_usr
Value: f8dd6552-5afb-5062-ba9d-4ebf72677db2
.servenobid.com/ Name: pid_321
Value: OPTOUT
.3lift.com/ Name: tluidp
Value: 4215240251764709765297
.3lift.com/ Name: tluid
Value: 4215240251764709765297
.lijit.com/ Name: ljt_reader
Value: JPpwARZHlcyEShRqTTe33k83
.adtelligent.com/ Name: g32
Value: 4817350465720699182
.adtelligent.com/ Name: a307558
Value: 59e491b1-7b71-4134-82b8-b5b2487bf966
.adtelligent.com/ Name: g358
Value: 596d37ae-cb3e-4668-a461-778fd159d8d2
.casalemedia.com/ Name: CMID
Value: ZtDxWLmqPLgAAD0cAAtjSAAA
.casalemedia.com/ Name: CMPS
Value: 2153
.casalemedia.com/ Name: CMPRO
Value: 2153
.cdn.dxkulture.com/ Name: __cf_bm
Value: EWGyGEsvs0rz9cMui4_0XKt4MVqwO0Plp09XHTsHqt4-1724969304-1.0.1.1-SPF2798LubJsOTl3IAoEPAVeOkXddlutAPITMV1OR7XmrUCBss84KvBsqtLjDHHdF.kdFseJo0yAtUFyUYHqOw
.media.net/ Name: visitor-id
Value: 3679709047631293000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.gumgum.com/ Name: vst
Value: e_07f920a0-ca5e-4de8-a585-b8f6bed657e5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjI3MjS2MDSxMBTiM9RNLQ8NK_av8jfNSrUEAFZqyHclAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtobmRiaWZpbGBiYmgOALewnVQQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjI3MjS2MDSxMBTiM9RNLQ8NK_av8jfNSrUEAFZqyHclAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.contextweb.com/ Name: VP
Value: part_6qqBvV8keyUE
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1tch|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c0d0f7c93f140264
.servenobid.com/ Name: pid_309
Value: e_07f920a0-ca5e-4de8-a585-b8f6bed657e5
.servenobid.com/ Name: pid_353
Value: 3679709047631293000V10
.servenobid.com/ Name: pid_324
Value: 5133329532721381481
.servenobid.com/ Name: pid_310
Value: JPpwARZHlcyEShRqTTe33k83
.aniview.com/ Name: 1_C_62
Value: f8dd6552-5afb-5062-ba9d-4ebf72677db2
sync.aniview.com/ Name: 1_C_62
Value: f8dd6552-5afb-5062-ba9d-4ebf72677db2
.go.sonobi.com/ Name: HAPLB8G
Value: s86135|ZtDxW
.lunamedia.live/ Name: xeluid
Value: 612015.02cc173d-6382-4d27-9624-59d1b55cdf4c
.lunamedia.live/ Name: xeluid_206
Value: f8dd6552-5afb-5062-ba9d-4ebf72677db2
.krushmedia.com/ Name: krm_r
Value: undefined|515|120

2 Console Messages

Source Level URL
Text
network error URL: https://fescoebill.pk/0.22138318892950082
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fescoebill.pk/wp-content/plugins/fescobill-Faisal-Malik_1677002796/public/css/fescobill-public.css?ver=1.0.0
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6abffdedb87343d1f0b4c8a8c7c11763.safeframe.googlesyndication.com
a.vidoomy.com
a4p.adpartner.pro
ad.doubleclick.net
ads.pubmatic.com
ads.servenobid.com
ads102.adtelligent.com
ads19.adtelligent.com
ads4.krushmedia.com
adx.adform.net
beacon-iad3.rubiconproject.com
cdn.jsdelivr.net
cm-x.mgid.com
cpm.fmlabsonline.com
cs.krushmedia.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
fastlane.rubiconproject.com
fescoebill.pk
fmlabs-prebid.smart-hub.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
hbe.profitsence.com
ib.adnxs.com
onetag-sys.com
pa.openx.net
pagead2.googlesyndication.com
pb.adsinteractive.com
prebid.a-mo.net
profitsence.ams3.cdn.digitaloceanspaces.com
public.servenobid.com
region1.google-analytics.com
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
shb.richaudience.com
static.gamezop.com
sync.1rx.io
sync.adtelligent.com
sync.quantumdex.io
sync.richaudience.com
tags.profitsence.com
token.rubiconproject.com
topics.authorizedvault.com
tpc.googlesyndication.com
useast.quantumdex.io
vpaid.vidoomy.com
www.googletagmanager.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
sync.1rx.io
sync.richaudience.com
142.250.185.70
147.75.84.127
157.245.23.44
167.235.37.234
18.202.4.157
18.245.31.106
2001:4860:4802:32::36
212.36.83.246
23.227.146.18
23.35.236.201
23.88.66.19
2600:9000:223f:6600:8:2f57:a180:93a1
2602:803:c002:300::36
2602:803:c003:200::21
2606:4700:10::6816:2460
2606:4700:3032::6815:1c10
2606:4700:3037::ac43:a38c
2606:4700:4400::6812:2ae3
2606:4700::6812:bb1f
2607:4f00:932::2
2a00:1450:4001:800::2006
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:82b::2002
2a01:4f8:2b01:c26::2
2a02:6ea0:c700::107
2a02:6ea0:c700::18
34.36.214.49
37.157.4.21
37.157.5.84
37.252.171.149
46.4.139.58
51.38.120.206
51.83.220.94
51.89.9.252
69.173.144.139
77.245.57.72
8.2.109.63
8.2.110.134
8.2.110.137
8.2.110.161
95.101.149.233
0532c19d9bf8e8441612eda0f55a8acbe5196f9a2000b49c6033322b54c4f3d9
083e2c896a1125c9122ae8e75e0297d77602f86508c18522d001e3448817a748
094f8b2c2414dcaf6667c1b3a493e80971daaab90c882764e1a267b08c285a77
09f5fee3825212c7e5f9fb358f431398248fc6feab6f929ff7de27c1823754f0
191d322070fee3066ad485aa9d0dc57f13ed4ebab4bd6e26d01999a14a5a5c44
1f25ece69647beb7f62efa1dee6056260f6a46c79dc1a8c2f2e1e454cc93ca50
258daef9a182640e92d363f90b54305e7a38a99655b8117d7bd7658a7fffbfff
2bc7143b4e5e9a5f40be325b85f73c25afd0e833477b11a4cd2236438ee68306
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8b3076f87d8094e1e1f0453947b36cc0389786e537e151d031d1c1142cbea5
32c591bda21ae07b01f37e9225fadddbb49c83f546605fdb616a4f82137d3193
3bb8de05ba4d1c59af1131502e7849cbf498b51e37d1156fa8152fdacea9d3c2
3c8cb49f3e2f94dc2521361a4d7b5d6156ed611ba25da3e67921ee5f907b1ef8
3fe124e19159b1cf9a9326df2e07b7e9426438efb7b7f0142464220ad0d0c5a8
40b3b4542e4d05f6bbd68e7eba6d424abffd64fb9cc3ba8c8c9c932f088c787a
431497a2297f13b6b12c31803f17f235af3ffc3819f10b0a1581f7e630d6f3c4
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2
47bfd42bf474e3918ff8a6cce4a7767b5cd54aec4687c5d387929379ba24220a
4a954ad51dd3f6c512d0e8939e4f71924230878dd7084691cb7a6a6e4bd906f9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52477a8b539ec56f02c48de794616784bf3155d75f2cc0a65a0fc1fe249b515b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5346dbddf633cd4b51f84a6fe01e91911bd96b2a1daddee95485206dcee5c701
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626fd47ae232a10afebd212a10dc7a8602b23d07d9e65c2c0b37448efccf1c87
62b1a2e2d4db36ca2731089b4781a760bd21ab40137b9f7f891ece6c7ed3abea
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
685330a10cecd87d7ce2f665a647f534fa8a1cdf83b6aa07152c32cc4de3f233
688499432c523ae31997f673234afbdf29b0e45bd10d2e579d2cee2d316e5743
78b01b30cc7bdfab7c20fd00abc22e4f1a43474be31f75af65f87f7d9040108d
7c1c1c4d2af15d87ad61015552a2acc8ea7fcfc589b9ea28fc61dedde04cefd0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a58db20431c5440161f6e8b7e530af816f3d91945912a6cb262ff64942090f
871abe96cba6258aaaeed180be2dacff82f80926e871689d59568a5b9e8a8c5a
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8b97290ad5d74ba3e8bfa06289b687419c5c300996aeb8a72153a143490f3b11
8c2e8bcbd89182766042ea40a65a9237f48b2dd0d2e60303a522ed88359cf2a9
8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2
9b9184e44352a435fb800eea477d867071a5a2c227e883e56d664cb35dae7530
9d0b3d609fcbaa06df8231cc283e61f3414ca729e3da991cb9780c2f7b0cd8f8
aa93a4b21551c063d1f367d6a165f48dd3c64176902fb94b3fb5123145ba5bff
ada24268d02d54ce4026fe898af2b96f3114f271f158aa96b5f90493922454df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cd9e3b29f7ffb01e84725884553256da9b4c5d6b1ebb091dafabd1247e248a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
d09beb912fd7a0e9445b3daec101694d3bc19cfce5319149bf8fac1859e4638c
d1238f3c6be9ef32aba35dbc212d0719036f360b827648853c75450897de25ae
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e14cc6171cb2393ace6710b9fb4359d782d2219e814134c12c8c624c47bdd306
e3334e8742abf81987478eeaba81a9ae71aaf6e9197255f8e8ac54b6c49474c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2485b4806d4ffe65c25de7c1b0b79eda4a6691c3362072310cb217d14a85ad3
f2e7fe46985f21532acbf211e6786e09f4c417ca9d0d8d6fc3fb10738c366826
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
fa95a62ad656303cd06f0c147e32015b8dcc9988efb6a6d97bedf96df0bf1d6d