gbwhat.pk Open in urlscan Pro
2606:4700:3032::6815:2508 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gbwhatsappupdate.net/
Effective URL:
https://gbwhat.pk/
Submission: On November 23 via api (November 23rd 2023, 11:36:09 pm UTC) from US — Scanned from US

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 11 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3032::6815:2508, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbwhat.pk.
TLS certificate: Issued by GTS CA 1P5 on October 3rd 2023. Valid for: 3 months.

This is the only time gbwhat.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:12c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::ac43:d4b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3032::6815:2508	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 14	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
4	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::66	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c06::67	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
55	13

1 2606:4700:3032::6815:12c9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gbwhatsappupdate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d4b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gbwha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3032::6815:2508 (United States)

ASN13335 (CLOUDFLARENET, US)

gbwhat.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c08::9b (Ashburn, United States) 2 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::9a (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::66 (Washington, United States)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::67 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	295 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	92 KB
9	gbwhat.pk gbwhat.pk	117 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	107 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
3	google.com 1 redirects mts0.google.com — Cisco Umbrella Rank: 3807 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	128 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	4 KB
1	gbwha.net 1 redirects gbwha.net	541 B
1	gbwhatsappupdate.net 1 redirects gbwhatsappupdate.net	449 B
55	11

	Domain	Requested by
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	gbwhat.pk pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	gbwhat.pk	gbwhat.pk
4	www.googleadservices.com	googleads.g.doubleclick.net gbwhat.pk
4	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	gbwhat.pk
1	gbwha.net	1 redirects
1	gbwhatsappupdate.net	1 redirects
55	14

This site contains no links.

Subject Issuer	Validity	Valid
gbwhat.pk GTS CA 1P5	`2023-10-03` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://gbwhat.pk/
Frame ID: CBE0BD694309434F008BF0BE99809AE3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 94F38CEB65BC65476E7624D0BF40D820
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&adk=1812271804&adf=3025194257&lmt=1700782565&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564758&bpp=5&bdt=311&idt=326&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3592447956639&frm=20&pv=2&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=357
Frame ID: B1FFC7DCED25A291A7F4CDCDD3CEBB31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=6899391781&adk=2967000610&adf=1130495408&pi=t.ma~as.6899391781&w=1200&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1200x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564763&bpp=3&bdt=316&idt=357&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363
Frame ID: 49FEC97F4D39141FD8C00F21AB705EC9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=3854426045&adk=363387475&adf=1175198606&pi=t.ma~as.3854426045&w=1130&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1130x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564766&bpp=1&bdt=318&idt=365&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=370
Frame ID: 22C217D64F042515D1924DA967288C92
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=8552805685&adk=2677910144&adf=2334065795&pi=t.ma~as.8552805685&w=1130&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1130x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564767&bpp=1&bdt=319&idt=374&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1130x280&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=380
Frame ID: 18B37B3901CC281E0E95B3FC3D57380D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 258A6027947CFE81CB64F108955D5B92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 773ECCF38ABE18EAF6E4E154060B7276
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: F0AE28FCD015CD32E476D405C2A07B22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1D74588A2AB14034137ABFE3CAEEE84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45926C03FF2E8164A8D27556D2169F5F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GB WhatsApp APK Download (Official) Latest Version 2023 | Updated

Page URL History Show full URLs

https://gbwhatsappupdate.net/ HTTP 301
https://gbwha.net/ HTTP 301
https://gbwhat.pk/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

55
Requests

96 %
HTTPS

93 %
IPv6

11
Domains

14
Subdomains

13
IPs

1
Countries

747 kB
Transfer

1874 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbwhatsappupdate.net/ HTTP 301
https://gbwha.net/ HTTP 301
https://gbwhat.pk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://googleads.g.doubleclick.net/pagead/adview?ai=CT-jZ5eFfZZqKFcjHxtYPmIyx0A2spqyrc8LC2pXhEfjuw4vXNxABILSv-JUBYMmGgIDco8QQoAHO3ufkAsgBAagDAcgDywSqBM0BT9DTH4QgShdb0JBCqPeScnuqSUnXdrqtV-m7ZGxjZ9uNoLOY93d7BMeWkA-uvBMfGW3Uwwk0A7LsGRkw6WzMrOwr3nP2hBkFON9N-BnrMd1I7-4bAeqzqoat4uZRHVGx7TJKpMJm4PTsnCBfXtTuKzvOO364n5wWyyhsNtBUjmF0YK5Ow5hnmDhX3wnbW4pKg-HlKShbPE8HsdRtS9Cx8sBrloBi-K6wmQNdpPWbSmTcHU5f90-vhsg0dFMG5MszLE2pHfzekr4zjrI0McAE1-Tvk78DiAWs_ZC6LZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAeaoZibAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENqoE9IIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkZaHR0cHM6Ly9mb3J0aWdhdGUtYXdzLmNvbYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBAKChDgqofFq56Jn0ESAgED2BMNiBQD0BUBgBcBshccChoIABIUcHViLTY1Mzk1NTE1MjQ5OTEyODUYAA&sigh=Ezzr5utHFqs&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgDICaaNveXFrJGVC4HsudNIKEKrDoxB-w0CyR7vRKRA7VGTvXUy5wRrU7dEGrZb-OJlxFay-66hwBVoZWh7nhwA2jbfkRojstuMHqhgXhgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd25498f5b9eac5ae0000000000000000%22,%222%22:%220xa91243aba33b56c20000000000000000%22,%223%22:%220xc4b3555f320fed9c0000000000000000%22,%224%22:%220x71a44a4eb6098f8f0000000000000000%22,%225%22:%220xc4d7f45d3b857c50000000000000000%22},%22debug_key%22:%2216325269903223455605%22,%22debug_reporting%22:true,%22destination%22:%22https://fortigate-aws.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22748285774%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22739429240998441313%22}&andc=true

Request Chain 40

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 43

https://googleads.g.doubleclick.net/pagead/adview?ai=C80oL5eFfZdbNGL-p78EPzN22sA-FiueAdJiJpLq3Eteo4taSDhABILSv-JUBYMmGgIDco8QQoAGQosrNAcgBCagDAcgDywSqBMYBT9DaeZv9OG11t0e3hYiUCG4kCzIX5nZBWeRRHZlxXci5q8uvWfnGSaVXutC6gOlagT8O2FtWqtTL01IAwcDnNRhjiTcC6MueJ6OABHUcQhSovRecJCjsYbm3OgvyUB3VoQ9IOdMyJ3mi2NCy_wJ5mHR451IBsS8Tb5FIH83iXA3Tc6MnrmgH8UGWrIZNlsCkBSwCJlfde6RpcCMCq-zfXjZD5nGBEo_oU6vs-Gmf09IAVAPtSy7E0E_7LMs7DptwJdao5BqUwASO3d-MnwSIBYGPyvg_kgUECAQYAZIFBAgFGASgBi6AB9jdtbICqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ0-EH0ggUCIBhEAEYHzICigI6AoBASL39wTqaCVFodHRwczovL29yZGVycy5ib2xheS5jb20vP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cG1heCZ1dG1fY29udGVudD0yMDIzYm9sYXmACgHICwGYDM23hpKPBKIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEND389zew7i-DxICAQO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTY1Mzk1NTE1MjQ5OTEyODUYAA&sigh=Y0VirLxJTFY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNzxVv3PDsomJqF1eXGrDv_hvoBCmibCZC4R6ydt84OnJexfcjlKcAzvsixq71nKNX46P2zw2B5cTF13nWBeZ1FzPBYpVMoMOSQhgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x61575717b041f8050000000000000000%22,%222%22:%220xd8c97e80c530819d0000000000000000%22,%223%22:%220x2aa2ff3f1ffff4d90000000000000000%22,%224%22:%220xca60073017b4b7ca0000000000000000%22,%225%22:%220x15cbc919da8ab4f10000000000000000%22},%22debug_key%22:%222551469507214809100%22,%22debug_reporting%22:true,%22destination%22:%22https://bolay.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22431132944%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212996440874531064161%22}&andc=true

55 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gbwhat.pk/
Redirect Chain

https://gbwhatsappupdate.net/
https://gbwha.net/
https://gbwhat.pk/

86 KB
21 KB

487ms
210ms

Document
text/html

2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1369bebce861263052dcf768500c80ea29054d418da6fc8ccb3e91b7379942d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=300
cf-cache-status: DYNAMIC
cf-ray: 82ad3b72893c2227-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 23 Nov 2023 23:36:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2B%2BFbBJYjwapCeMSnHzhKfqUSzA8VFW55o%2FAFdS5XOjfWDtKAmL7AzqRpYHdgfK8rK56GZayfxhgRvq3fs8pehLnSJSObtKfh%2BrP5OczEJnI6jQ6Tc%2F4xxMuEsJkEGcU8dyZAjeQP54%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ad3b6fdcd925b8-MIA
content-type: text/html; charset=iso-8859-1
date: Thu, 23 Nov 2023 23:36:03 GMT
location: https://gbwhat.pk/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLN8Z%2FRGN%2F%2BI5ruzybjf4ucSYIQckAQMpt8ofk60bY%2FE63D51NP0wJk7N4iMClnxH1R%2BWwIEztgCxTJ8M49AxeKipZXNL4wVmU78oIIEjVUnx9ngB0h3kiNSjmLUWVRvsnaRc%2BlJIqM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 193ms
82ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6539551524991285

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4921c707808ad253a2fde7a5a7739c55ce13d97166f05a9e0c7067eb3e3322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhat.pk/
Origin: https://gbwhat.pk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52977
x-xss-protection: 0
server: cafe
etag: 2589478192759929511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 23:36:04 GMT

GET
H2 200 gbwhatpk-logo_591a4.png
gbwhat.pk/images/ 6 KB
7 KB 37ms
34ms Image
image/png 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/images/gbwhatpk-logo_591a4.png

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f18f15bbdedcaa2f7b16ec9f64ef89f7a3eb1c0ee712b550305eedf27bac88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165168
alt-svc: h3=":443"; ma=86400
content-length: 6424
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 05 Aug 2023 16:36:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu3vxcwohk1A6FTP3gfw59JSblVNN%2BVtxjppkR38n2j4kT6eTpLdDkj%2BO1n%2Bd5uuEfeDPpOT4fshk%2FhjLGmaggR0nkxXAFXBt6skayV7CtTBwTxoZWyc7ofBjcmi5AWZLeFErbthiiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b73fa9c2227-MIA
expires: Sun, 21 Jan 2024 01:43:16 GMT

GET
H2 200 favicon_c87f4.png
gbwhat.pk/images/ 5 KB
5 KB 214ms
212ms Image
image/png 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/images/favicon_c87f4.png

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b20c6d9b9442da748cdc8be2ecbbd943ae9ae57053ff7c338e5b4f4bb103f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4708
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 05 Aug 2023 16:36:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Hlm8UsNSpa4AyyCZT%2F8bW5x2O1TUAbDbjdCMv3tG4dhcGomhf3hib12PdUCleE1JizCE0BfridN3%2F1y1UPPb%2BFyo6etolbJCtmOIp1OB1MctAUCnLn5DXPm8zSlfoDp91sE2D72hQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b73fa992227-MIA
expires: Mon, 22 Jan 2024 23:36:04 GMT

GET
H2 200 gbwhatsapp-apk_6d8af.jpg
gbwhat.pk/media/2023/08/_3/760x450/ 17 KB
17 KB 241ms
240ms Image
image/jpeg 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/media/2023/08/_3/760x450/gbwhatsapp-apk_6d8af.jpg

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42154ee162a205799cce6b6abb0e919797963a9b29e3c5d999f6699d54a33be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17088
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 23 Nov 2023 22:23:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZps7OqBT1Qax13k1bkW4xF4t4CaEaLpao7jVZf6t1V5BY9yu0GDGkO9qZycnsQY4fPPwrll9EWTO%2BHiPRXpgVqGF9FXNGjRIGzeHdDNbjP0qhEIoh0IPz3gnP6AmHCkgtrn4F8IUjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b73fa9b2227-MIA
expires: Mon, 22 Jan 2024 23:36:04 GMT

GET
H2 200 download-gbwhatsapp_e5baf.jpg
gbwhat.pk/media/2023/08/_3/760x450/ 15 KB
16 KB 216ms
212ms Image
image/jpeg 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/media/2023/08/_3/760x450/download-gbwhatsapp_e5baf.jpg

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab75351cc4727d7882a2b54b383894e942cdbe40d7fd9f3f1941f63249bbca93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15827
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 23 Nov 2023 22:38:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUquQZ2EigqMPWMcKTWnPEupoOfRaS1IduS%2FnvGAI02BR27CzFYZIc5qMbV%2FmMr8xpR42P9G4OitiJUQYJ63G99Bm3JU%2FQt9uItkqCbAaxkoZg9wC8nJRejLBcBSkIONsw7VsPI6jEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b742ad02227-MIA
expires: Mon, 22 Jan 2024 23:36:04 GMT

GET
H2 200 update-whatsapp_90477.jpg
gbwhat.pk/media/2023/08/_3/760x450/ 21 KB
22 KB 220ms
215ms Image
image/jpeg 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/media/2023/08/_3/760x450/update-whatsapp_90477.jpg

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

518edd503e60efe5907fa05dc0230642914099bf89a0df3e21fec687c8be93f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21773
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 23 Nov 2023 21:20:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYK9AfpcX78S7g%2B629zimZR7vjdI17PVI18Sk73xmKe01n0kLOs3C9B4DXb04KeIbrwMxMWqqaiSfv90UzIpMtet6w%2FSsheiaaroa645swSLAfjns9P%2FcP0C%2FYH9ekbbI4jNoTb0CxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b742ad22227-MIA
expires: Mon, 22 Jan 2024 23:36:04 GMT

GET
H2 200 gbwhatsapp-mass-message-sender_e367c.jpg
gbwhat.pk/media/2023/08/_3/760x450/ 7 KB
7 KB 186ms
182ms Image
image/jpeg 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/media/2023/08/_3/760x450/gbwhatsapp-mass-message-sender_e367c.jpg

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceea207c2758ba5cee9b5ee7fbd4a39966701d10d29d9cf950530a2f311a7b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7333
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 23 Nov 2023 21:20:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd%2FDxWnVjv0oAGtE8gOo6RZxAfpReklofXJG7c2rh3fBCxLJxjazKf73C2j3sQAUJ0Bklu%2ByW2s1meE9EnB9gkCzIHUjcDeMWsnTZnwYrcN0kTa6x2jLvjoLVQ5OKnYg9RaLNY9buWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b742ad32227-MIA
expires: Mon, 22 Jan 2024 23:36:04 GMT

GET
H2 200 search-logo-holder.jpg
gbwhat.pk/images/ 1 KB
2 KB 36ms
34ms Image
image/jpeg 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/images/search-logo-holder.jpg

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24ee41631bf1465c440d0bcbc798ddb4b589419c4816ea42813a77dd863c773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 467244
alt-svc: h3=":443"; ma=86400
content-length: 1197
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 20 Jan 2023 20:43:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGC2bWVP7cVmZ5KJvrDGaMXo%2FNbk2dlA07O2awvILeI2OAY%2F5LrucJ2ZEq1m%2FXT8Ye%2BLW9gubqFJUJn2a1hlnug3HOz97ZJqWnPekornY33N8tStb0ymQ%2BeJoTjEWwAGOI769mvoHpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b742ad42227-MIA
expires: Wed, 17 Jan 2024 13:48:40 GMT

GET
H2 200 lazysizes-umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/ 8 KB
4 KB 96ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/lazysizes-umd.min.js

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928ba0931c67bf5b7f0d9bae946d2d0e5c643eb528e2384847e8875f7de3362b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1354886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3118
last-modified: Wed, 27 May 2020 09:33:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ece33f7-1e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bhx1ZbUlPFwn2b%2B4EE7JK0b209rDV3PpmwW46a2eFGle4A84Vb7SnBsdi3uoyoX0weR2UXaLc%2BfSIszZXCr6eabj%2B313b4br6ZBBnyL3Q7bJIsK1l33lf2MgKMn5x1rvhDJqYvq%2FGidg0uY29qKADIFH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ad3b748d845731-MIA
expires: Tue, 12 Nov 2024 23:36:04 GMT

GET
H3 200 gbwhatpk_8b9a7.jpg
gbwhat.pk/media/2023/08/_3/760x450/ 21 KB
22 KB 209ms
208ms Image
image/jpeg 2606:4700:3032::6815:2508
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbwhat.pk/media/2023/08/_3/760x450/gbwhatpk_8b9a7.jpg

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:2508 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092be11064640f09b515211c545ff8e55f853fed1ae52f4c690ca33ece0259f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21459
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 23 Nov 2023 22:08:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Xeuu%2FTm7lJMvvtrikPYkA84rSndpO%2BFoiScdicDnl1D8GZAQbzuRJEI3ef2y6tJInhBvmfja8%2BQ%2B7%2FG6yDiOb2%2Fda3ffUCu3RDqQKmVHudRP6fEhNsgt5V6d2%2BzVdfju%2FdBZ%2Fx3E68%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 82ad3b74c989099a-MIA
expires: Mon, 22 Jan 2024 23:36:04 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 200ms
96ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6539551524991285

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

533bff0dbc7c762a36d33c381e97a0f9347490336deff465d193ff615f54c2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138492
x-xss-protection: 0
server: cafe
etag: 8915362338591649433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 23:36:04 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 94F3 9 KB
4 KB 557ms
51ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6539551524991285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhat.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 32595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:32:50 GMT
etag: 16674218716276178799
expires: Thu, 07 Dec 2023 14:32:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1FF 0
190 B 156ms
151ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&adk=1812271804&adf=3025194257&lmt=1700782565&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564758&bpp=5&bdt=311&idt=326&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3592447956639&frm=20&pv=2&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=357

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhat.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 23:36:05 GMT
expires: Thu, 23 Nov 2023 23:36:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49FE 122 KB
40 KB 902ms
898ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=6899391781&adk=2967000610&adf=1130495408&pi=t.ma~as.6899391781&w=1200&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1200x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564763&bpp=3&bdt=316&idt=357&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7428ee232d52fee4d3cdf0927df2fe045003bfcab382194789814db76747c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhat.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 23:36:06 GMT
expires: Thu, 23 Nov 2023 23:36:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 22C2 154 KB
46 KB 1126ms
1123ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=3854426045&adk=363387475&adf=1175198606&pi=t.ma~as.3854426045&w=1130&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1130x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564766&bpp=1&bdt=318&idt=365&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=370

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28ec23496ec1025abd2e23ede707df52d0106d3ff2462da4cd1fea86a122225d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhat.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 23:36:06 GMT
expires: Thu, 23 Nov 2023 23:36:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 18B3 713 B
545 B 703ms
701ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=8552805685&adk=2677910144&adf=2334065795&pi=t.ma~as.8552805685&w=1130&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1130x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564767&bpp=1&bdt=319&idt=374&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1130x280&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=380

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc0a29622a55280a3dd695aadf989cc6987e8a9b8475fb86ac6f8af5f64b1b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhat.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 23:36:05 GMT
expires: Thu, 23 Nov 2023 23:36:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 49FE 9 KB
4 KB 177ms
58ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=6899391781&adk=2967000610&adf=1130495408&pi=t.ma~as.6899391781&w=1200&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1200x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564763&bpp=3&bdt=316&idt=357&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 23:31:53 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 49FE 11 KB
5 KB 183ms
64ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:49:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 49FE 14 KB
2 KB 184ms
64ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 23:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 23:00:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 23:36:06 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 49FE 2 KB
903 B 55ms
53ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 02:50:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 49FE 23 KB
9 KB 57ms
55ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 12:05:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 49FE 3 KB
1 KB 97ms
96ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:30:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 49FE 20 KB
9 KB 197ms
57ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:01:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 05:01:34 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49FE 202 KB
64 KB 194ms
59ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 23:36:06 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 49FE 37 KB
15 KB 57ms
55ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 17:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 17:48:22 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 49FE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CT-jZ5eFfZZqKFcjHxtYPmIyx0A2spqyrc8LC2pXhEfjuw4vXNxABILSv-JUBYMmGgIDco8QQoAHO3ufkAsgBAagDAcgDywSqBM0BT9DTH4QgShdb0JBCqPeScnuqSUnXdrqtV-m7ZGxjZ9u...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd25498f5b9eac5ae0000000000000000%22,%222%22:%220xa91243aba33b56c20000000000000000%22,%223%22:%220xc4b355...

0
0

184ms
74ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd25498f5b9eac5ae0000000000000000%22,%222%22:%220xa91243aba33b56c20000000000000000%22,%223%22:%220xc4b3555f320fed9c0000000000000000%22,%224%22:%220x71a44a4eb6098f8f0000000000000000%22,%225%22:%220xc4d7f45d3b857c50000000000000000%22},%22debug_key%22:%2216325269903223455605%22,%22debug_reporting%22:true,%22destination%22:%22https://fortigate-aws.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22748285774%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22739429240998441313%22}&andc=true

Requested by

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:06 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd25498f5b9eac5ae0000000000000000","2":"0xa91243aba33b56c20000000000000000","3":"0xc4b3555f320fed9c0000000000000000","4":"0x71a44a4eb6098f8f0000000000000000","5":"0xc4d7f45d3b857c50000000000000000"},"debug_key":"16325269903223455605","debug_reporting":true,"destination":"https://fortigate-aws.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["748285774"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"739429240998441313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 23:36:06 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 23:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd25498f5b9eac5ae0000000000000000","2":"0xa91243aba33b56c20000000000000000","3":"0xc4b3555f320fed9c0000000000000000","4":"0x71a44a4eb6098f8f0000000000000000","5":"0xc4d7f45d3b857c50000000000000000"},"debug_key":"16325269903223455605","debug_reporting":true,"destination":"https://fortigate-aws.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["748285774"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"739429240998441313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 258A 143 B
166 B 52ms
51ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=6899391781&adk=2967000610&adf=1130495408&pi=t.ma~as.6899391781&w=1200&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1200x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564763&bpp=3&bdt=316&idt=357&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:52:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 22C2 14 KB
1 KB 68ms
61ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=3854426045&adk=363387475&adf=1175198606&pi=t.ma~as.3854426045&w=1130&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1130x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564766&bpp=1&bdt=318&idt=365&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 23:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 22:44:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 23:36:06 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 22C2 225 B
355 B 57ms
51ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:17:16 GMT
x-content-type-options: nosniff
server: cafe
age: 73130
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 24 Nov 2023 03:17:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 22C2 2 KB
856 B 52ms
51ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 02:50:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 22C2 23 KB
9 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 12:05:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 22C2 3 KB
1 KB 52ms
51ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:30:16 GMT

GET
H2 400 data=LzTB_YGPsCHRiV72cJbFEr8VidIBcQUlQfvFAZKZTxPM8REDfE7daN3D7Cxp7HDNFXSNprR0GK434f1WKcJWvuMxKJXyrdhxt3PcS4ywtjeGryAqBI9UeFil
mts0.google.com/vt/ Frame 22C2 0
0 203ms
52ms Image
text/html 2607:f8b0:4004:c1d::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=LzTB_YGPsCHRiV72cJbFEr8VidIBcQUlQfvFAZKZTxPM8REDfE7daN3D7Cxp7HDNFXSNprR0GK434f1WKcJWvuMxKJXyrdhxt3PcS4ywtjeGryAqBI9UeFil
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6539551524991285&output=html&h=280&slotname=3854426045&adk=363387475&adf=1175198606&pi=t.ma~as.3854426045&w=1130&fwrn=4&fwrnh=100&lmt=1700782565&rafmt=1&format=1130x280&url=https%3A%2F%2Fgbwhat.pk%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700782564766&bpp=1&bdt=318&idt=365&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3592447956639&frm=20&pv=1&ga_vid=1086306595.1700782565&ga_sid=1700782565&ga_hid=1195251313&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079759%2C44809315%2C31078301%2C31079653%2C44806139%2C44807763%2C44808148%2C44808284%2C44809056%2C44809071&oid=2&pvsid=3621508036377226&tmod=799177609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 22C2 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 22C2 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 22C2 20 KB
8 KB 57ms
48ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:01:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 05:01:34 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22C2 202 KB
64 KB 63ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 23:36:06 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 22C2 37 KB
15 KB 62ms
57ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 17:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 17:48:22 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 195ms
73ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 23:36:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 49FE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1f6599852662d0d3fe31ec33a6321dd8a999649410175a33160b8c45be49865

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 258A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
72ms

Document
text/html

2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 23:36:06 GMT
expires: Thu, 23 Nov 2023 23:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 23:36:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 49FE 33 KB
34 KB 170ms
57ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 02:11:16 GMT
x-content-type-options: nosniff
age: 336290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 02:11:16 GMT

GET
DATA 200
OK truncated
/ Frame 22C2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75115434cf9c4112b9f9f231168869834336b3e68a6c603cfb3658d6f61bb1b2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 22C2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C80oL5eFfZdbNGL-p78EPzN22sA-FiueAdJiJpLq3Eteo4taSDhABILSv-JUBYMmGgIDco8QQoAGQosrNAcgBCagDAcgDywSqBMYBT9DaeZv9OG11t0e3hYiUCG4kCzIX5nZBWeRRHZlxXci...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x61575717b041f8050000000000000000%22,%222%22:%220xd8c97e80c530819d0000000000000000%22,%223%22:%220x2aa2ff...

0
0

78ms
74ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x61575717b041f8050000000000000000%22,%222%22:%220xd8c97e80c530819d0000000000000000%22,%223%22:%220x2aa2ff3f1ffff4d90000000000000000%22,%224%22:%220xca60073017b4b7ca0000000000000000%22,%225%22:%220x15cbc919da8ab4f10000000000000000%22},%22debug_key%22:%222551469507214809100%22,%22debug_reporting%22:true,%22destination%22:%22https://bolay.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22431132944%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212996440874531064161%22}&andc=true

Requested by

Host: gbwhat.pk
URL: https://gbwhat.pk/

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:06 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x61575717b041f8050000000000000000","2":"0xd8c97e80c530819d0000000000000000","3":"0x2aa2ff3f1ffff4d90000000000000000","4":"0xca60073017b4b7ca0000000000000000","5":"0x15cbc919da8ab4f10000000000000000"},"debug_key":"2551469507214809100","debug_reporting":true,"destination":"https://bolay.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["431132944"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"12996440874531064161"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 23:36:06 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 23:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x61575717b041f8050000000000000000","2":"0xd8c97e80c530819d0000000000000000","3":"0x2aa2ff3f1ffff4d90000000000000000","4":"0xca60073017b4b7ca0000000000000000","5":"0x15cbc919da8ab4f10000000000000000"},"debug_key":"2551469507214809100","debug_reporting":true,"destination":"https://bolay.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["431132944"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"12996440874531064161"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 22C2 33 KB
33 KB 163ms
118ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 02:11:16 GMT
x-content-type-options: nosniff
age: 336290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 02:11:16 GMT

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 773E 38 KB
15 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 604597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:39:29 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 83ms
74ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 23:36:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 74ms
73ms XHR
application/json 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

326e9030d00e2dde68e191611a3235953261fa1beb1686609ecb87c77bb2c624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12376
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame F0AE 38 KB
15 KB 55ms
52ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 604597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:39:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 23:36:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1D7 13 KB
5 KB 59ms
53ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhat.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 90331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 22:30:36 GMT
expires: Thu, 21 Nov 2024 22:30:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4592 829 B
1000 B 75ms
70ms Document
text/html 2607:f8b0:4004:c06::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61b9f45633ba5c0f6a04c84c0a498d463fe53fc961767faf4c42436f894e0eb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0ACcGdH2v5nXVy6sk4l4lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbwhat.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0ACcGdH2v5nXVy6sk4l4lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 23:36:07 GMT
expires: Thu, 23 Nov 2023 23:36:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E1D7 39 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 10:37:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4592 0
0 77ms
76ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3621508036377226&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E1D7 0
10 B 51ms
50ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0xrHkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:36:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 22C2 42 B
64 B 80ms
80ms Fetch
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsso1Cj4nSV7o4jlpoFfrIFAZukbI_mWAR6VFHV1h1SMRtLrcbwaayzIZUzGS6EjJKuYzSksaltLkIoFAu9D4fne_Nt68gg25XQ_wijAn1YKUGDJQ1FkiKkWKZZ9_VV7O9-nbLOLzw-roVrsxBHwFW0wICHty-FDast5h-a0V-w2sea3wi9b0ipmuYQoQL0dmWyaYxUF7AtqKCjphSxjZOwHJ_3AUG3NoeWp7LHAvhslOJfj3fXz3K07LmhAelLcJa6BUFh1ZvfTRM-PNUVnmJdCSjgxG7QHr08AvY4LksLJ-fVFs0MmkWxsrCS_PGLfzyYYKfT7stOZE7n9hPy7XGNm86_f2OQYU8syBLTCd9QjNTJu21_-i_CzWghygeX1clTSP9XlP7J8bXcOEjNmZAzjctrYyxOScOUih5W6luO4DmGLgFSbEE_oaAvy7DgiX8SmYmjP4K7Q5MeZseKMueXG7Z76txZpgzCYB1g5omK95cGSfhTKMfpsSud1KGP_ld5VS0UY242ztD-4U8bv3fJirB4fdeefYs7LTT2JfFavCC__gTbJQRDqQPJl0PeTcMof5Y7ihOrKtHzTcR0KdlrFi18xOJUQWVZ9qiKr-25HsfAZvpt58UzGQjq9LkhX00e10EFrr06QquonWqptxebOKPvh3GZoAv641bqLAD21jf4FFIIvxQuwE_OMNBcDS4k76OgpPMHjCvqqVYFoYcJsNMpeWGIieIswTB-5BUxMKeH8zAQX-09lucesQk1OZ5M_9np5RyjPgNosEo4tsx-Qa2nOZ2vZFwN78g9OZWnns87McTjzEcroAzDF8Bu1uIXQZu-1__l-zvlrIBQv72sXQwY4QtYdXFt5ggRTxZm7lGVx95sea8hZFt_EYWbQUlDI7b0QzcBMT9qtNpWDySEqRIhmQ4zraTuYvDEYZn45jkhG9MpqyictpJ8YsTvjm6nMsrrKG5ZJhbZRlJWoUV6b-6o2BdhTZh8yTcifnlj3W8lLikJlv2L194AoZ5cgXaqRU3ioTmZ57Osp80tcVMsDl7uQsDWG0gCNuN5lgAyrE_fjelsa0trYLupEcuKlF_SA-4fb-4j9KcAFc9EdABb5jDFt4GPlj8D12oFI_MC4olow2yQXzxwcQbSJ6hzpezDBo9_OY_VUFbzaBwp_gBiGPUAAeoy_Brjm9FhqlToyEYWO8bnrkoN6Dt62dupmcku4ygaQwrYBTQi1Y7IaZg_5GpBrLa73ZxbZx6dHofZg2gTGedV9kdeG0ZLXsQ&sai=AMfl-YS4MaPVUonmc8dTrGoIRnYJmwZFM0gOFkz6WicrUma0i7sSX8gU4XlJpXjBbdy2ufGcUMj-NMd7qGaL5Dn60OtDrovWf8vIJdKr9ROq7Wg78HGoBRfMEme1SmKV9HgQsOnSkH02R9Nf5530_iUjM8n_LXxj005BsWTfyA&sig=Cg0ArKJSzAXx6_HEtwgIEAE&cid=CAQSTgDICaaNzxVv3PDsomJqF1eXGrDv_hvoBCmibCZC4R6ydt84OnJexfcjlKcAzvsixq71nKNX46P2zw2B5cTF13nWBeZ1FzPBYpVMoMOSQhgB&id=lidar2&mcvt=1000&p=0,0,280,1130&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=363387475&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700782565138&rpt=1603&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 23:36:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49FE 42 B
64 B 80ms
80ms Fetch
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJhtw5Lm6B-pfY5JY4VMQT-7rBxd7cOFPTrw4rNfB4WKHSYXpF34J54DKNMujRtBOhltpxFDgjnpobTkb6DjG_jRANwn8i4rcXeWM6rgyxLn1S6uZ0QmunXE6FXNYnNAeCPvzP9tqIYQ&sai=AMfl-YSo_SJBJLJ5Zv3NZy01pZB3v8KbVVKX_2wOTdVanF10W_pOzL2AHPdCfVUBW7T1B7TaJKNrspJy2E-F1vfBBYNzxJyPv9PNEJCpuAlpM-NzGRuNx3qSl_UTTpGNA_9CO1L-18BFbC84c5fTPzhY&sig=Cg0ArKJSzGHu4l5z7dWWEAE&cid=CAQSTgDICaaNveXFrJGVC4HsudNIKEKrDoxB-w0CyR7vRKRA7VGTvXUy5wRrU7dEGrZb-OJlxFay-66hwBVoZWh7nhwA2jbfkRojstuMHqhgXhgB&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2967000610&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700782565128&rpt=1811&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 23:36:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3621508036377226&bg=!yMuly4TNAAZxrfrxUa07ADQBe5WfOLFoSX5MhsAAD-dDq7AemtKSrde62hZZ5CmIArJif8-ub9bE1VVaG3ZxgZ7ZwF68AgAAAGtSAAAABGgBBwoAmSoIIva5iztBwNZ8BhUK24RzihgdZvxKSroAgtz03vhkwYQmHrdzoGmRQNLupFpKIDI90pkJGTu3lqJaTk-tccFwLqIVFm5MsvDK4gWgkHMZo2qGuyE4rPF-DqrvdA95m-3t-RNdULzU5wc9QKy8Z7vweeKMXfrRyg0S5fWCikGJNFfTkoGHE_rKHkNDL4_uc2GFjEP1GYbguZkCsb1jLrcUbjw9n4HYeeq0aXzZ6AxZf8fhI9EUUEJ6vi8dYAIkRnliFlV7jC-nTxAaMD4VXSkR-fkdOApQkyJvffUtF1x2xOyRMf5Mot_Lvn5NQgNKBd2GAIqPo603cM_PPsez3QpwBBVIrypw34oDk-buh4h13DwEvwt2Fx5vjaJksnY7tWrOLjLgsbalIJ8qKYgExqylHnjoC0l4tdgfrTG_A9vuxSMRUHrwTfaDDlULDTbMjxwXzJ6bacyfrjrijy2YRqHqcX3EG11c4FS-onMGd7mTjoQWzI3oh189sRzk7-3tWzaIM11JHZ9RGuB1DJCY3KhaI98psNKR-lMyF9C_LenoS06QRSCaM5mwKMQAFDs4TsQpTMoMViKKRknRjeCYhBLd9CcdEj_YCxjf4dR8jBF1Ps90DID4APgv5YVIf9z5FOhqu_-wDFy_UqIAx7_GMtyK487HNZOh7MhJTwBOqMB6B6pu7oMHHWV7LN55S_ubmZds2JZr8F-8tg_tkKCYSnYmvE8YhdiJLOMaEs_yqmcyj2amhO_g0dE0csgje1wgHHlRI0p4Wj3KPkB0F9eBqskiSBPxV2Cn-hn1Y6Tx_QN9SNZ4lwRghPUM5PYBk3L0IYm6kLd81UBQeVATszyX7RlOtdQvOWRMh0xHenIyU-4zCtNQyRIj8zdl1SyTUVOLIQ7w3WbuI8RrajoTVPlJ1z-hWXtsaAqdaxyb6XxX3udTRF7-PKghgk-YJ6q6BZxp7m0Ua-A2TZCXyUA5xjv8HaR1et2IFCGVw1k0eANAkKGPrQkxl0kzxJNHlZbGbc3pKuKxEiFS8zMoVWLddPlzRTsK0OVftj-kTOrv6d485DQje__w8R8NjDB5YZdzbxv2xjbxwbrGFHp4QhJvtWnGzBLSzcnoEVq2ovmSjCbq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gbwhat.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gbwhat.pk/	1970-01-21 01:47:58	Name: __gads Value: ID=b4f12c8d6eea3773:T=1700782565:RT=1700782565:S=ALNI_MZ4R7dmtLYQRIw_pkeg7qFoglVV-g
.gbwhat.pk/	1970-01-21 01:47:58	Name: __gpi Value: UID=00000da38a6270e0:T=1700782565:RT=1700782565:S=ALNI_MZahKVSXc17ACs4yimxsFFxkZVYfA
.doubleclick.net/	1970-01-21 02:02:22	Name: IDE Value: AHWqTUnp0kVeeaqVekDK8NhlwMBhUZ37UfXEIcDO6Or_0iS_mSSJkziznSmlgCmp0Gk
.doubleclick.net/	1970-01-20 16:26:26	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:35:58	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=LzTB_YGPsCHRiV72cJbFEr8VidIBcQUlQfvFAZKZTxPM8REDfE7daN3D7Cxp7HDNFXSNprR0GK434f1WKcJWvuMxKJXyrdhxt3PcS4ywtjeGryAqBI9UeFil Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gbwha.net
gbwhat.pk
gbwhatsappupdate.net
googleads.g.doubleclick.net
mts0.google.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
172.253.63.154
2606:4700:3032::6815:12c9
2606:4700:3032::6815:2508
2606:4700:3036::ac43:d4b9
2606:4700::6811:180e
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::67
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::84
2607:f8b0:4004:c1d::66
2607:f8b0:4004:c1d::9a
092be11064640f09b515211c545ff8e55f853fed1ae52f4c690ca33ece0259f9
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
1369bebce861263052dcf768500c80ea29054d418da6fc8ccb3e91b7379942d1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
28ec23496ec1025abd2e23ede707df52d0106d3ff2462da4cd1fea86a122225d
2f4921c707808ad253a2fde7a5a7739c55ce13d97166f05a9e0c7067eb3e3322
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326e9030d00e2dde68e191611a3235953261fa1beb1686609ecb87c77bb2c624
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42154ee162a205799cce6b6abb0e919797963a9b29e3c5d999f6699d54a33be4
42b20c6d9b9442da748cdc8be2ecbbd943ae9ae57053ff7c338e5b4f4bb103f6
518edd503e60efe5907fa05dc0230642914099bf89a0df3e21fec687c8be93f8
533bff0dbc7c762a36d33c381e97a0f9347490336deff465d193ff615f54c2d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
61b9f45633ba5c0f6a04c84c0a498d463fe53fc961767faf4c42436f894e0eb6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
75115434cf9c4112b9f9f231168869834336b3e68a6c603cfb3658d6f61bb1b2
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
928ba0931c67bf5b7f0d9bae946d2d0e5c643eb528e2384847e8875f7de3362b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab75351cc4727d7882a2b54b383894e942cdbe40d7fd9f3f1941f63249bbca93
b7f18f15bbdedcaa2f7b16ec9f64ef89f7a3eb1c0ee712b550305eedf27bac88
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
ceea207c2758ba5cee9b5ee7fbd4a39966701d10d29d9cf950530a2f311a7b62
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
e1f6599852662d0d3fe31ec33a6321dd8a999649410175a33160b8c45be49865
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7428ee232d52fee4d3cdf0927df2fe045003bfcab382194789814db76747c10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24ee41631bf1465c440d0bcbc798ddb4b589419c4816ea42813a77dd863c773
fc0a29622a55280a3dd695aadf989cc6987e8a9b8475fb86ac6f8af5f64b1b5e

gbwhat.pk Open in urlscan Pro 2606:4700:3032::6815:2508 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

93 %IPv6

11 Domains

14 Subdomains

13 IPs

1 Countries

747 kBTransfer

1874 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

gbwhat.pk Open in urlscan Pro
2606:4700:3032::6815:2508 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

93 %
IPv6

11
Domains

14
Subdomains

13
IPs

1
Countries

747 kB
Transfer

1874 kB
Size

5
Cookies

55 HTTP transactions
4 data transactions