urlscan.io logo urlscan.io
SecurityTrails logo

gbpluss.pk Open in urlscan Pro
2606:4700:3035::ac43:9c33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fmwhatsapp.su/
Effective URL: https://gbpluss.pk/
Submission Tags: falconsandbox
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 13 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3035::ac43:9c33, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbpluss.pk.
TLS certificate: Issued by WE1 on August 18th 2024. Valid for: 3 months.
This is the only time gbpluss.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3032::ac43:bd99 (United States)

ASN13335 (CLOUDFLARENET, US)
fmwhatsapp.su
1    2606:4700:3034::6815:3080 (United States)

ASN13335 (CLOUDFLARENET, US)
fmwhatsappapk.org
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
fmwhat.net
fmwhatsup.net
1    2606:4700:3030::ac43:a044 (United States)

ASN13335 (CLOUDFLARENET, US)
gbapppro.net
1    2606:4700:3033::6815:2290 (United States)

ASN13335 (CLOUDFLARENET, US)
gbwapps.com.pk
6    2606:4700:3035::ac43:9c33 (United States)

ASN13335 (CLOUDFLARENET, US)
gbpluss.pk
12    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
268 KB
6 gbpluss.pk
gbpluss.pk
64 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5261
261 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
53 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3310
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
103 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 215
4 KB
1 gbwapps.com.pk
gbwapps.com.pk
529 B
1 gbapppro.net
gbapppro.net
803 B
1 fmwhatsup.net
fmwhatsup.net
521 B
1 fmwhat.net
fmwhat.net
788 B
1 fmwhatsappapk.org
fmwhatsappapk.org
532 B
1 fmwhatsapp.su
fmwhatsapp.su
470 B
26 13
Domain Requested by
12 pagead2.googlesyndication.com gbpluss.pk
pagead2.googlesyndication.com
6 gbpluss.pk gbpluss.pk
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 partner.googleadservices.com www.google.com
1 www.google.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com gbpluss.pk
1 cdnjs.cloudflare.com gbpluss.pk
1 gbwapps.com.pk 1 redirects
1 gbapppro.net 1 redirects
1 fmwhatsup.net 1 redirects
1 fmwhat.net 1 redirects
1 fmwhatsappapk.org 1 redirects
1 fmwhatsapp.su 1 redirects
26 14

This site contains no links.

Subject Issuer Validity Valid
gbpluss.pk
WE1		 2024-08-18 -
2024-11-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.googleadservices.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://gbpluss.pk/
Frame ID: 52309D82FFBF9B4B327128F48BCB2788
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Frame ID: B4AC304D8065D119DBAA1A4DB9C3FFC2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-6539551524991285&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1726452047&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgbpluss.pk%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726452047576&bpp=8&bdt=149&idt=235&shv=r20240911&mjsv=m202409100101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5409171470460&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95331688%2C95338226%2C95341662%2C95341670&oid=2&pvsid=1651295673856844&tmod=1507151555&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=249
Frame ID: 73859105767D2CE1CDABAAFDC3297991
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&adk=3697857502&adf=1175198606&pi=t.aa~a.108489206~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1726452047&rafmt=1&to=qs&pwprc=5070916778&format=1200x280&url=https%3A%2F%2Fgbpluss.pk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726452047584&bpp=1&bdt=156&idt=253&shv=r20240911&mjsv=m202409100101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=5409171470460&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95331688%2C95338226%2C95341662%2C95341670&oid=2&pvsid=1651295673856844&tmod=1507151555&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: AADFFFE3481721808A38E002BF2ADACB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Frame ID: 24268FA1C2A1733ED53B0834FC66362F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Frame ID: 430072563A9EB371106F87014E9BF4E1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Frame ID: 4E43B69B21C7C20DF08A97176F118A9F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Frame ID: 1DD9BFE17FE55DCA0D35483354581F67
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 438106869EB77F3B9B3DA2DF41FF7771
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GBWhatsApp APK Download V18.00 Latest Official (Updated) Anti-Ban 2024

Page URL History Show full URLs

  1. http://fmwhatsapp.su/ HTTP 307
    https://fmwhatsapp.su/ HTTP 301
    https://fmwhatsappapk.org/ HTTP 301
    https://fmwhat.net/ HTTP 301
    https://fmwhatsup.net/ HTTP 301
    https://gbapppro.net/ HTTP 301
    https://gbwapps.com.pk/ HTTP 301
    https://gbpluss.pk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

96 %
HTTPS

100 %
IPv6

13
Domains

14
Subdomains

9
IPs

2
Countries

493 kB
Transfer

1357 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fmwhatsapp.su/ HTTP 307
    https://fmwhatsapp.su/ HTTP 301
    https://fmwhatsappapk.org/ HTTP 301
    https://fmwhat.net/ HTTP 301
    https://fmwhatsup.net/ HTTP 301
    https://gbapppro.net/ HTTP 301
    https://gbwapps.com.pk/ HTTP 301
    https://gbpluss.pk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gbpluss.pk/
Redirect Chain
  • http://fmwhatsapp.su/
  • https://fmwhatsapp.su/
  • https://fmwhatsappapk.org/
  • https://fmwhat.net/
  • https://fmwhatsup.net/
  • https://gbapppro.net/
  • https://gbwapps.com.pk/
  • https://gbpluss.pk/
76 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5215b40f7d51f95768d8e031072c4d424a6c92eeed5db759fbaae3cb4155ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=300
cf-cache-status
DYNAMIC
cf-ray
8c3d43ce3d449f4b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 02:00:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoFQ1pb6MDP6Vn6hXGG7T%2Bk6kwaOQYVtE52Jx%2BSQw2NCCaUYcaZGxY%2BvAXf46A1Ei2z0B4e%2FDdzlOxrGUFe1AvaU7yGebXBBuq2OUdwd%2FQmRaJr0b9hcIS7q4%2BJojnU%2Biy7QsduqiGgT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
HIT
x-server-powered-by
Engintron
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c3d43cc3afb3665-FRA
content-type
text/html; charset=iso-8859-1
date
Mon, 16 Sep 2024 02:00:47 GMT
location
https://gbpluss.pk/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehYPESwYpS7Vd2dAVV5B0IKG7ZyT4QUi2d76fYGk7r%2BOyS%2F%2FTt2CxUUMiTpACWZ6D4w3AxJeJB9L21x2J3sz9UW13temBOx9mI5wMEMna6zaGecXn3Ls1ppzz1K%2Byz17HNhxCvVfQmXbeBF%2FTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6539551524991285
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b105ff79be344d77fc4437884a2e819f10b2a111acb2525e18321380ed75da7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Origin
https://gbpluss.pk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52616
x-xss-protection
0
server
cafe
etag
11873306482531019320
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 16 Sep 2024 02:00:47 GMT
gbplusspk-logo_fc68a.png
gbpluss.pk/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbpluss.pk/images/gbplusspk-logo_fc68a.png
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0fd370fbfe8498ad3c754799ba15c5ebe74f0b2b2f31fd465207844ac16b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6172
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sat, 24 Aug 2024 11:58:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQ4JqOjEZdMnJM6E%2BLBY05lO0UwmM9YwIg2OMj1KRcdSb3LwJwLYp0VtNNKsWMa%2FDkJz0vbGQxGr66vlxvUDXsogXLo2jsPkyREjCWaoH9jwWlulxyf57nF7ayhtppsp0eOBuZKQcSTH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8c3d43d09e7c9f4b-FRA
expires
Fri, 15 Nov 2024 02:00:47 GMT
gbwa-mod-apk_208f8_762f4.jpg
gbpluss.pk/media/2024/05/_3/760x450/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbpluss.pk/media/2024/05/_3/760x450/gbwa-mod-apk_208f8_762f4.jpg
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67c659be0bb8c2050fe99ad39b8ee64e9edab7e0a3760b526fdb7d758a87c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 15 Sep 2024 21:31:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAiRbzaBsRRzdc4d3LBDsi4jED46dU7wFCjfBYod0bvNs6ZXkbPYQgn9IStJzvowxO3DsZC4eYICNRN%2BHQIEwim3dmXiu0zTgRFbBRMlyVZgFo1mVwkT0tRrHTsRzI8pxUyF5X937SIg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
cf-ray
8c3d43d09e7d9f4b-FRA
expires
Fri, 15 Nov 2024 02:00:47 GMT
search-logo-holder.jpg
gbpluss.pk/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbpluss.pk/images/search-logo-holder.jpg
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24ee41631bf1465c440d0bcbc798ddb4b589419c4816ea42813a77dd863c773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1197
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Fri, 20 Jan 2023 20:43:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ma4h45zXuD%2FgJIPgCeTeu48AQUX5J1NdBgvc5GTzVn%2BxnUNVtXUGg4pe7tnIPs2GARzGe%2FxEvz0BCoMdhWGjJvIY%2BS6d%2BLBLeA4jCA8oTx07xxWrkZ46MDFaklKf5zpq3HRYpa7PIyHU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8c3d43d09e7e9f4b-FRA
expires
Fri, 15 Nov 2024 02:00:47 GMT
lazysizes-umd.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/lazysizes-umd.min.js
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
928ba0931c67bf5b7f0d9bae946d2d0e5c643eb528e2384847e8875f7de3362b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
274579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3118
last-modified
Wed, 27 May 2020 09:33:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ece33f7-1e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GO0pNk%2FrzbVpkAUJSuhqX7FCcMwQaj8UxVD1rWKiPxq4eZWtnBmgScGixxc4soOWum1N5I6RSjOCdxFOTicfBp3p9wa0ZaErySmP9Ah3mEAzshA972Ki8bqmsE0KdN%2FRwSL%2FhMZXH1IhPMfDQpISC991"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c3d43d0cd7965d0-FRA
expires
Sat, 06 Sep 2025 02:00:47 GMT
js
www.googletagmanager.com/gtag/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3HKTZ5QQ7
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc8640996a3def12d39ec8eb75c0fadb65d5f67e3f28dfa968619dc7c5d12ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104863
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 02:00:47 GMT
gbplusspk_3707f.jpg
gbpluss.pk/media/2024/08/_3/760x450/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbpluss.pk/media/2024/08/_3/760x450/gbplusspk_3707f.jpg
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ebb67d9b28336efbd9d11508f871d6cdcf1c9659d91e1e1a007d17e6f98d150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sun, 15 Sep 2024 21:23:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pk6wA9PiAIRPgJjwrSqngfQe3qcrZ4kywtps1OyUncFI3WqAdIOZhwcam34gc0qvbpCLEdSTi%2Fu6s3gmq8dM8NHPeeKWcsPU2kCrB6%2BFITmp08zq1h5Pbvnxie03D9jQJkC9PrHk6Vq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
cf-ray
8c3d43d10ead9f4b-FRA
expires
Fri, 15 Nov 2024 02:00:47 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6539551524991285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d074d7d151cf006d2d6cd1a3d8aa47ddd46438460039ac6cc9cb7a9ea9cf00b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142892
x-xss-protection
0
server
cafe
etag
8845824363544230977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Sep 2024 02:00:47 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3HKTZ5QQ7&gtm=45je4990v9116027908za200&_p=1726452047511&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=640900329.1726452048&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726452047&sct=1&seg=0&dl=https%3A%2F%2Fgbpluss.pk%2F&dt=GBWhatsApp%20APK%20Download%20V18.00%20Latest%20Official%20(Updated)%20Anti-Ban%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2320
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3HKTZ5QQ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 02:00:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gbpluss.pk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/ Frame B4AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
5252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 00:33:15 GMT
etag
14908419571193397619
expires
Mon, 30 Sep 2024 00:33:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 7385 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-6539551524991285&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1726452047&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgbpluss.pk%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726452047576&bpp=8&bdt=149&idt=235&shv=r20240911&mjsv=m202409100101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5409171470460&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95331688%2C95338226%2C95341662%2C95341670&oid=2&pvsid=1651295673856844&tmod=1507151555&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
116939
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 02:00:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame AADF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&adk=3697857502&adf=1175198606&pi=t.aa~a.108489206~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1726452047&rafmt=1&to=qs&pwprc=5070916778&format=1200x280&url=https%3A%2F%2Fgbpluss.pk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726452047584&bpp=1&bdt=156&idt=253&shv=r20240911&mjsv=m202409100101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=5409171470460&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C95331688%2C95338226%2C95341662%2C95341670&oid=2&pvsid=1651295673856844&tmod=1507151555&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
40420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 02:00:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/ 		172 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
baab810cde86fd2641e13005e621f20769c9f9872666c402be11584fbf0da56a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59077
x-xss-protection
0
server
cafe
etag
17171981189355774569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Sep 2024 02:00:48 GMT
async-ads.js
www.google.com/adsense/search/ 		148 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/async-ads.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bee7798ecee5efa3728a741a2b6ac58edc2fd8785febf208e207877c74894db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"17558881351017503002"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://syndicatedsearch.goog>; rel="preconnect"
expires
Mon, 16 Sep 2024 02:00:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C44795921%2C95331688%2C95338226%2C95341662%2C95341670&hl=en&pvc=1651295673856844
Requested by
Host: gbpluss.pk
URL: https://gbpluss.pk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 02:00:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/ Frame 2426 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
5252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 00:33:15 GMT
etag
14908419571193397619
expires
Mon, 30 Sep 2024 00:33:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/ Frame 4300 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
5252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 00:33:15 GMT
etag
14908419571193397619
expires
Mon, 30 Sep 2024 00:33:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/ Frame 4E43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
5252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 00:33:15 GMT
etag
14908419571193397619
expires
Mon, 30 Sep 2024 00:33:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/ Frame 1DD9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240911/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
5252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 00:33:15 GMT
etag
14908419571193397619
expires
Mon, 30 Sep 2024 00:33:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		374 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=gbpluss.pk&client=partner-pub-6539551524991285&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fce5463c547866a020e820829023bc6b4ea28a4c4cf8264702d73dc03c98f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240911&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583de5328fe16435d4386678e5cc5e425134e561029a5be7e21caaddd6b54620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12829
x-xss-protection
0
favicon_c87f4.png
gbpluss.pk/images/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gbpluss.pk/images/favicon_c87f4.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b20c6d9b9442da748cdc8be2ecbbd943ae9ae57053ff7c338e5b4f4bb103f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:49 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4708
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sat, 05 Aug 2023 16:36:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OvHrrY9xz7CTgdW2byQrU7pnN6Y%2BcuUKlw9VpHsyRcYwM%2FXHax1mgcSdSxlAAdMOubFx7fwrjjsFH897sL2BpfPrfyUj98g72vpCfjfcQvEHj6Jcp%2Bw7hthcfx0C17b9NGeyj9bL5y7B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8c3d43d9cab89f4b-FRA
expires
Fri, 15 Nov 2024 02:00:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6539551524991285&plah=gbpluss.pk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Sep 2024 02:00:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4381 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gbpluss.pk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
43016
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 14:03:53 GMT
expires
Mon, 15 Sep 2025 14:03:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240911&jk=1651295673856844&bg=!iIuli8TNAAbpMHvgyTA7ADQBe5WfONb6hQIsLUmnfLnVeZdpVtRVvytwFwheSGRkbaF9cCuofj6XiIj8W62Rv_CfnbtrAgAAADZSAAAAAmgBB34ANtYJgM_h8E_fr9B3yFHelTv24O8Soj8Tz5NzpbnuOwftNE3JK32hXza4yMOtHyqyLs6aYPX8aJkClBNr_ZTuvfb5AQzSPSujyYiXwDrC8rjVGRvmF92w3nDJjjTVAWw6MEPwVWS7xbHTr5dOtbgECYH_irzQCQc5jXCja8GNa2t99Y0zACOD9XtJ3SGba6eBt2C_rNeUmkzf3NU1Yp3nJpuJ3kPUtVRp0d7CRJZjIhF6N19_x80fWWNNsY489K2B194cbUjDRDzFNmVaJm8rfR-tCRnOaFut5yHmgpnFdfYXHCaLfrZwL-W8cn8nbG-kRls53XyzkyuUIbbaiKQh2Tb16DZjQEz-BnAOaFco6Y5bbMQbEEVOmdRjiBbmRSLxD9h5aeh12Hv1szt6rZDEkZKqFjLBqWFZFE-sOizvhoE0IYq97RAWWPKFbRvBKfGuJ8WR1k-XIWWAT8YtXU36OGvtkvA6i-H-71_B3cRsTN0JS7D6ez84hKgzUxOT_PFXn5ea2lj9Mes3O8xQI3O-A8P6k_kev-D9WYHQKhVCsHCZbVMMZEMufozGciHCXrGpsKpiO69bAuLNcN39-xgPtQQvWbqynVnWjEJ5Y7Ef9NbW7Q8ePHrrNrnoZ-eJg6Ekzlxo3UDLdJ6n5p1D6tJpQKO6nsEDkPj-9JP1-Q5jlufJLsv6BgL-GCf9wtzvCt9dYIFsH86IcKPsx-PPW_1WxDxBXHt5c7G2gCFxGqME_3T0iQHFF6yxXU-n8_yJe2QFedyPR76-SEN8Q-nuWiA9RJSol3CSg1EDOUIblxZ3tXEzeDP4d5z_UTGVOITSEBQVAeqeQj4AUFyBTteOHJlobXr36ZURnQ_WDJ3uSiyxdPgU4qW0UUemfYPlqurcTeeSEP4qIQ5uaITVPIhPUVFfuJFyeZLQboq-wbPN6OeiULHn5u_hCa5z8ttkV3_jjA

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 string| site_base string| base_url string| base_cdn string| base_img object| upgj_w object| upgj_d object| upgj_e number| upgj_x number| upgj_y string| upgj_protocol string| upgj_host_name string| upgj_pathname string| upgj_curent_url object| upgj_path_list function| show_menu_mob function| hide_menu_mob function| on_search function| off_search object| ScrollButton function| scrollFunction function| topFunction function| scrollToi function| scrollToc function| manage_cat_box object| lazySizes function| gtag object| dataLayer function| get_more_latest_items object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| googTempStyleOverrideInfo object| googNavStack function| _googCsa object| google_image_requests number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| GoogleGcLKhOms

4 Cookies

Domain/Path Name / Value
.gbpluss.pk/ Name: _ga_S3HKTZ5QQ7
Value: GS1.1.1726452047.1.0.1726452047.0.0.0
.gbpluss.pk/ Name: _ga
Value: GA1.1.640900329.1726452048
.gbpluss.pk/ Name: __eoi
Value: ID=55cc504f8ce8a3a5:T=1726452047:RT=1726452047:S=AA-AfjYsnMonm5wd1BaG6vviHsXr
.gbpluss.pk/ Name: __gsas
Value: ID=47ea49ca827dea42:T=1726452048:RT=1726452048:S=ALNI_MY30qIFgWspCBBYEafPCQKV5H0lhg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fmwhat.net
fmwhatsapp.su
fmwhatsappapk.org
fmwhatsup.net
gbapppro.net
gbpluss.pk
gbwapps.com.pk
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
2001:4860:4802:32::36
2606:4700:3030::ac43:a044
2606:4700:3032::ac43:bd99
2606:4700:3033::6815:2290
2606:4700:3034::6815:3080
2606:4700:3035::ac43:9c33
2606:4700::6811:190e
2a00:1450:4001:800::2001
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2002
2a00:1450:4001:830::2004
2a06:98c1:3120::3
1fce5463c547866a020e820829023bc6b4ea28a4c4cf8264702d73dc03c98f63
3bee7798ecee5efa3728a741a2b6ac58edc2fd8785febf208e207877c74894db
42b20c6d9b9442da748cdc8be2ecbbd943ae9ae57053ff7c338e5b4f4bb103f6
583de5328fe16435d4386678e5cc5e425134e561029a5be7e21caaddd6b54620
5d0fd370fbfe8498ad3c754799ba15c5ebe74f0b2b2f31fd465207844ac16b8c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8ebb67d9b28336efbd9d11508f871d6cdcf1c9659d91e1e1a007d17e6f98d150
928ba0931c67bf5b7f0d9bae946d2d0e5c643eb528e2384847e8875f7de3362b
9d074d7d151cf006d2d6cd1a3d8aa47ddd46438460039ac6cc9cb7a9ea9cf00b
a67c659be0bb8c2050fe99ad39b8ee64e9edab7e0a3760b526fdb7d758a87c5e
b105ff79be344d77fc4437884a2e819f10b2a111acb2525e18321380ed75da7d
baab810cde86fd2641e13005e621f20769c9f9872666c402be11584fbf0da56a
cc8640996a3def12d39ec8eb75c0fadb65d5f67e3f28dfa968619dc7c5d12ed5
cd5215b40f7d51f95768d8e031072c4d424a6c92eeed5db759fbaae3cb4155ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f24ee41631bf1465c440d0bcbc798ddb4b589419c4816ea42813a77dd863c773