www.karwachauth.com Open in urlscan Pro
192.185.23.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://karwachauth.com/
Effective URL:
https://www.karwachauth.com/
Submission: On May 16 via automatic, source certstream-suspicious (May 16th 2021, 11:26:50 am UTC)

Summary HTTP 112 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 11 domains to perform 112 HTTP transactions. The main IP is 192.185.23.100, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.karwachauth.com.
TLS certificate: Issued by R3 on March 13th 2021. Valid for: 3 months.

This is the only time www.karwachauth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	192.185.23.100 192.185.23.100	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
1	142.250.185.210 142.250.185.210	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2012	15169 (GOOGLE) (GOOGLE)
112	18

33 192.185.23.100 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mitsudell.com

karwachauth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.karwachauth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.163 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f163.1e100.net

p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.210 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f18.1e100.net

p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	470 KB
33	karwachauth.com 1 redirects karwachauth.com www.karwachauth.com	456 KB
18	doubleclick.net googleads.g.doubleclick.net	95 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i1-v6exp3.v4.metric.gstatic.com p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i2-v6exp3.ds.metric.gstatic.com	135 KB
7	google.com 5 redirects www.google.com adservice.google.com	2 KB
5	googletagservices.com www.googletagservices.com	171 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	643 B
1	googletagmanager.com www.googletagmanager.com	35 KB
112	11

	Domain	Requested by
32	www.karwachauth.com	www.karwachauth.com
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.karwachauth.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	5 redirects www.karwachauth.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	www.karwachauth.com googleads.g.doubleclick.net
3	fonts.googleapis.com	www.karwachauth.com googleads.g.doubleclick.net
2	p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i2-v6exp3.ds.metric.gstatic.com
1	p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i1-v6exp3.v4.metric.gstatic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.karwachauth.com
1	karwachauth.com	1 redirects
112	18

This site contains links to these domains. Also see Links.

Domain
www.giftalove.com
www.christmas-day.org
www.eastergoodfriday.com
www.mothersdaycelebration.com
www.fathersdaycelebration.com
www.womensdaycelebration.com
www.friendshipday.org
www.stvalentinesday.org
www.thanksgiving-day.org
www.newyearfestival.com
www.yogadaycelebration.com
www.happywink.org
www.diwalifestival.org
www.holifestival.org
www.raksha-bandhan.com
www.durga-puja.org
www.ganeshchaturthi.org
www.chhath.org
www.mahashivratri.org
www.krishnajanmashtami.com
www.teejfestival.org
www.ramnavami.com
www.baisakhifestival.com
www.lohrifestival.org
www.pongalfestival.org
www.onamfestival.org
www.bhaidooj.org
www.bihufestival.org
www.sarhulfestival.org
www.shigmofestival.org
www.ugadifestival.org
www.vishufestival.org
www.karmapuja.org
www.satyanarayanpuja.org
www.brihaspatipuja.org
www.santoshimata.org
www.vaibhavlakshmi.org
www.saibabapuja.org
www.grihapraveshpuja.org
www.vatsavitripuja.org
www.saraswatipuja.org
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
plus.google.com

Subject Issuer	Validity	Valid
cpanel.karwachauth.com R3	`2021-03-13` - `2021-06-11`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.karwachauth.com/
Frame ID: E13B95996144E2CBEDB3C548D42C9694
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html
Frame ID: D089EDCDA289E9AAF7DDC7BBEB2E6D4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2334688461&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388522&bpp=6&bdt=342&idt=83&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2017869517102&frm=20&pv=2&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=isnWM76n66&p=https%3A//www.karwachauth.com&dtd=99
Frame ID: 4EB92610F96DA6315A782B49D698924C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108
Frame ID: 964744FD4165DACE0F2F78A48C9E34B6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=3639232580&adk=492016216&adf=4061442901&pi=t.ma~as.3639232580&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=111&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8Sb0ZOVdvj&p=https%3A//www.karwachauth.com&dtd=114
Frame ID: 6641DFD9FCF811EE75297813AC00120B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118
Frame ID: E64F616D0E961E03D9B7BFA3FB5305A0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&adk=1812271804&adf=3025194257&lmt=1613479373&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.karwachauth.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388542&bpp=1&bdt=362&idt=110&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280%2C728x280&nras=1&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=115
Frame ID: 79CB56E72B0C70975EC45325FCC93705
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D7D5E56DD7F74FC91A4F325D8D1A44FC
Requests: 2 HTTP requests in this frame

Frame: https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: B42C6EA9BC002039BF4A490BEEC85FC5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C5F8444496B42372305B941055CE151B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E600606D6161586784A2E42413CA715B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: DF76D64537D069E87E27685C4B33F0AA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: 77F652181A3D01CC4777F21FDE720908
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4E7E8A70AEDB58FC2C4DC742EB032023
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: 15E2C5AD90C6EC5053E354869F7D0549
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B06DE06A7BCBBFB5830D4B033B55CC57
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://karwachauth.com/ HTTP 301
https://www.karwachauth.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

112
Requests

100 %
HTTPS

76 %
IPv6

11
Domains

18
Subdomains

18
IPs

2
Countries

1386 kB
Transfer

2512 kB
Size

0
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://www.giftalove.com/karwachauth
Title: Karwa Chauth Gifts

Search URL Search Domain Scan URL

URL: https://www.giftalove.com/anniversary/for-parents
Title: Anniversary gifts for Parents

Search URL Search Domain Scan URL

URL: https://www.christmas-day.org/
Title: Christmas Day

Search URL Search Domain Scan URL

URL: http://www.eastergoodfriday.com/
Title: Easter & Good Friday

Search URL Search Domain Scan URL

URL: https://www.mothersdaycelebration.com/
Title: Mother's Day

Search URL Search Domain Scan URL

URL: https://www.fathersdaycelebration.com/
Title: Father's Day

Search URL Search Domain Scan URL

URL: https://www.womensdaycelebration.com/
Title: Womens Day

Search URL Search Domain Scan URL

URL: https://www.friendshipday.org/
Title: Friendship Day

Search URL Search Domain Scan URL

URL: http://www.stvalentinesday.org/
Title: Valentines Day

Search URL Search Domain Scan URL

URL: http://www.thanksgiving-day.org/
Title: Thanksgiving Day

Search URL Search Domain Scan URL

URL: http://www.newyearfestival.com/
Title: New Year Festival

Search URL Search Domain Scan URL

URL: http://www.yogadaycelebration.com/
Title: Yoga Day Celebration

Search URL Search Domain Scan URL

URL: http://www.happywink.org/
Title: Happy Wink

Search URL Search Domain Scan URL

URL: https://www.diwalifestival.org/
Title: Diwali

Search URL Search Domain Scan URL

URL: https://www.holifestival.org/
Title: Holi

Search URL Search Domain Scan URL

URL: https://www.raksha-bandhan.com/
Title: Rakhi / Raksha Bandhan

Search URL Search Domain Scan URL

URL: http://www.durga-puja.org/
Title: Durga Puja

Search URL Search Domain Scan URL

URL: http://www.ganeshchaturthi.org/
Title: Ganesh Chaturthi

Search URL Search Domain Scan URL

URL: http://www.chhath.org/
Title: Chhath puja

Search URL Search Domain Scan URL

URL: https://www.mahashivratri.org/
Title: Mahashivratri

Search URL Search Domain Scan URL

URL: http://www.krishnajanmashtami.com/
Title: Krishna Janmashtami

Search URL Search Domain Scan URL

URL: http://www.teejfestival.org/
Title: Teej Festival

Search URL Search Domain Scan URL

URL: http://www.ramnavami.com/
Title: Ram Navami

Search URL Search Domain Scan URL

URL: http://www.baisakhifestival.com/
Title: Baisakhi

Search URL Search Domain Scan URL

URL: http://www.lohrifestival.org/
Title: Lohri

Search URL Search Domain Scan URL

URL: http://www.pongalfestival.org/
Title: Pongal

Search URL Search Domain Scan URL

URL: http://www.onamfestival.org/
Title: Onam

Search URL Search Domain Scan URL

URL: http://www.bhaidooj.org/
Title: Bhai Dooj

Search URL Search Domain Scan URL

URL: http://www.bihufestival.org/
Title: Bihu Festival

Search URL Search Domain Scan URL

URL: http://www.sarhulfestival.org/
Title: Sarhul Festival

Search URL Search Domain Scan URL

URL: http://www.shigmofestival.org/
Title: Shigmo Festival

Search URL Search Domain Scan URL

URL: http://www.ugadifestival.org/
Title: Ugadi Festival

Search URL Search Domain Scan URL

URL: http://www.vishufestival.org/
Title: Vishu Festival

Search URL Search Domain Scan URL

URL: http://www.karmapuja.org/
Title: Karma Puja

Search URL Search Domain Scan URL

URL: http://www.satyanarayanpuja.org/
Title: Satyanarayan Puja

Search URL Search Domain Scan URL

URL: http://www.brihaspatipuja.org/
Title: Brihaspati Puja

Search URL Search Domain Scan URL

URL: http://www.santoshimata.org/
Title: Santoshi Mata Puja

Search URL Search Domain Scan URL

URL: http://www.vaibhavlakshmi.org/
Title: Vaibhav Lakshmi Puja

Search URL Search Domain Scan URL

URL: http://www.saibabapuja.org/
Title: Sai Baba Puja

Search URL Search Domain Scan URL

URL: http://www.grihapraveshpuja.org/
Title: Griha Pravesh Puja

Search URL Search Domain Scan URL

URL: http://www.vatsavitripuja.org/
Title: Vat Savitri Puja

Search URL Search Domain Scan URL

URL: http://www.saraswatipuja.org/
Title: Saraswati Puja

Search URL Search Domain Scan URL

URL: https://www.facebook.com/scfifestivals/

Search URL Search Domain Scan URL

URL: https://twitter.com/scfifestivals

Search URL Search Domain Scan URL

URL: https://www.youtube.com/scfifestivals

Search URL Search Domain Scan URL

URL: https://www.instagram.com/scfifestivals/

Search URL Search Domain Scan URL

URL: https://plus.google.com/+SCFIFestivals

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://karwachauth.com/ HTTP 301
https://www.karwachauth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

112 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.karwachauth.com/
Redirect Chain

https://karwachauth.com/
https://www.karwachauth.com/

19 KB
7 KB

167ms
165ms

Document
text/html

192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 41c2ec8285a542019975ee55caa2219c2d51a10b2c5ba57f6aabc9f7674dd5bf

Request headers

:method: GET
:authority: www.karwachauth.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
server: Apache
last-modified: Tue, 16 Feb 2021 12:42:53 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 6643
content-type: text/html

Redirect headers

date: Sun, 16 May 2021 11:26:27 GMT
server: Apache
location: https://www.karwachauth.com/
content-length: 236
content-type: text/html; charset=iso-8859-1

GET
H2 200 style.css
www.karwachauth.com/css/ 17 KB
5 KB 202ms
201ms Stylesheet
text/css 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.karwachauth.com/css/style.css
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: d690322e2bf3042991535de85d01aa593259a4105c751f2f2d8e1971b8c101ee

Request headers

:path: /css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Sep 2018 08:45:57 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: none
content-length: 5172

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,800,700italic,800italic

Requested by

Host: www.karwachauth.com
URL: https://www.karwachauth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f30d71e5bdb3967590cefa56828a948b007de563e34997cb7a11e6946571122b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 11:26:28 GMT
server: ESF
date: Sun, 16 May 2021 11:26:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 May 2021 11:26:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 695 B
461 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Courgette

Requested by

Host: www.karwachauth.com
URL: https://www.karwachauth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fed29432df642109fbb60b82fa10c9241275c4d34ed7b6887df6206f1dad4cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 10:12:53 GMT
server: ESF
date: Sun, 16 May 2021 11:26:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 May 2021 11:26:28 GMT

GET
H2 200 drop-menu.css
www.karwachauth.com/css/ 6 KB
2 KB 186ms
185ms Stylesheet
text/css 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.karwachauth.com/css/drop-menu.css
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 03623051f0c88c75cbb5d424d0121ee9fefed58cad79c005b80c0a4657013d73

Request headers

:path: /css/drop-menu.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2017 10:13:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: none
content-length: 2254

GET
H2 200 drop-menu.js Show response
www.karwachauth.com/js/ 8 KB
4 KB 202ms
202ms Script
application/javascript 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.karwachauth.com/js/drop-menu.js
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 7c278f3097a2330d62992f422f0dac4b86e833c714494a73200d1be2af60e4f1

Request headers

:path: /js/drop-menu.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2017 10:07:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: none
content-length: 4201

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52741879-6

Requested by

Host: www.karwachauth.com
URL: https://www.karwachauth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11ed9eb707c69ceb4967ce19a994b352d589e0cb47ebb195f5aecf4f4ad04dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35639
x-xss-protection: 0
last-modified: Sun, 16 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 May 2021 11:26:28 GMT

GET
H2 200 scfi.png
www.karwachauth.com/images/ 11 KB
12 KB 179ms
175ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/scfi.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 057c5de4edabfac0c249877f7a97af6c8e8f9ee168cd52cd59cf43e9a5e235eb

Request headers

:path: /images/scfi.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Mon, 22 Oct 2018 12:04:26 GMT
server: Apache
accept-ranges: bytes
content-length: 11732
content-type: image/png

GET
H2 200 logo.png
www.karwachauth.com/images/ 8 KB
8 KB 176ms
173ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/logo.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 150791f9e8e99acd4afad1e1fec00344b3146f9584a6178c333860b35e8f5583

Request headers

:path: /images/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:45:10 GMT
server: Apache
accept-ranges: bytes
content-length: 7901
content-type: image/png

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

8ms
8ms

Script
text/javascript

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.karwachauth.com
URL: https://www.karwachauth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
age: 79811
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
expires: Sun, 16 May 2021 13:16:17 GMT

Redirect headers

date: Sun, 16 May 2021 11:20:53 GMT
x-content-type-options: nosniff
server: sffe
age: 335
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Sun, 16 May 2021 11:50:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.karwachauth.com
URL: https://www.karwachauth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49888
x-xss-protection: 0
server: cafe
etag: 503174456932000003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 May 2021 11:26:28 GMT

GET
H2 200 karwa-chauth-fast.jpg
www.karwachauth.com/images/ 36 KB
36 KB 314ms
311ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/karwa-chauth-fast.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 4711248d1d8e54c3173460e7007f9a574697415220d9111091c53941716921d4

Request headers

:path: /images/karwa-chauth-fast.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:44:58 GMT
server: Apache
accept-ranges: bytes
content-length: 36960
content-type: image/jpeg

GET
H2 200 karwa-chauth.jpg
www.karwachauth.com/images/ 56 KB
57 KB 310ms
307ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/karwa-chauth.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: d426385965f8ad67a88e7aa83d26c46b0bd8ef1037643930f7b6b908a63c1bb4

Request headers

:path: /images/karwa-chauth.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:45:05 GMT
server: Apache
accept-ranges: bytes
content-length: 57811
content-type: image/jpeg

GET
H2 200 mehendi.jpg
www.karwachauth.com/images/ 39 KB
39 KB 478ms
475ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/mehendi.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 22417e5c46696c92f5e7faf9287d837e895ffc7526ad43433b0f8ce19ca637ce

Request headers

:path: /images/mehendi.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:45:14 GMT
server: Apache
accept-ranges: bytes
content-length: 40063
content-type: image/jpeg

GET
H2 200 karwa-chauth-calender.jpg
www.karwachauth.com/images/ 11 KB
12 KB 444ms
442ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/karwa-chauth-calender.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: b7df8d1bc97aef430856adc061ff57e8b557c63ead319ee05feae4c34ced2b2b

Request headers

:path: /images/karwa-chauth-calender.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 09:55:13 GMT
server: Apache
accept-ranges: bytes
content-length: 11773
content-type: image/jpeg

GET
H2 200 karwa-chauth-items.jpg
www.karwachauth.com/images/ 9 KB
9 KB 518ms
518ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/karwa-chauth-items.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 6337c37bc43513efd38ddd1b55fb53201770630d6101b4e63924b5951036f054

Request headers

:path: /images/karwa-chauth-items.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:44:59 GMT
server: Apache
accept-ranges: bytes
content-length: 8799
content-type: image/jpeg

GET
H2 200 karwa-chauth-puja.jpg
www.karwachauth.com/images/ 7 KB
7 KB 162ms
162ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/karwa-chauth-puja.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: d3855f017fcb20fe87607659fa4912da9688e38e427549b5897946f4cd2f4305

Request headers

:path: /images/karwa-chauth-puja.jpg
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:45:00 GMT
server: Apache
accept-ranges: bytes
content-length: 7143
content-type: image/jpeg

GET
H2 200 karwa-chauth-thali.jpg
www.karwachauth.com/images/ 57 KB
57 KB 234ms
232ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/karwa-chauth-thali.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 8755f127841e0fd64fae2cf36e6d74a474da33a17680c5c28b06ce1d9261479a

Request headers

:path: /images/karwa-chauth-thali.jpg
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 05:45:03 GMT
server: Apache
accept-ranges: bytes
content-length: 58219
content-type: image/jpeg

GET
H2 200 shape.png
www.karwachauth.com/images/ 1 KB
1 KB 234ms
232ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/shape.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 203d79361f110060ff2c3cbd888d4f1a74cdabbdb4efd0526713d018b55e52b8

Request headers

:path: /images/shape.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 05:45:23 GMT
server: Apache
accept-ranges: bytes
content-length: 1352
content-type: image/png

GET
H2 200 badam-puri.jpg
www.karwachauth.com/images/ 6 KB
6 KB 218ms
217ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/badam-puri.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: e96744b4240e86b8e1472f6f730951c490b1ffaea3d5093733f2094a9694d149

Request headers

:path: /images/badam-puri.jpg
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 09:54:39 GMT
server: Apache
accept-ranges: bytes
content-length: 6083
content-type: image/jpeg

GET
H2 200 arrow.png
www.karwachauth.com/images/ 1 KB
1 KB 233ms
232ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/arrow.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 081cb29baad6885a73c93253a8e1f8c82bec221da413844616ccd1793b43e873

Request headers

:path: /images/arrow.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 09:54:38 GMT
server: Apache
accept-ranges: bytes
content-length: 1086
content-type: image/png

GET
H2 200 dum-aloo.jpg
www.karwachauth.com/images/ 7 KB
7 KB 232ms
232ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/dum-aloo.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 0b422aeb4cdf5d8a4b9f579e58a8ac70a37079fb16263242cd393c405515df38

Request headers

:path: /images/dum-aloo.jpg
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 09:54:46 GMT
server: Apache
accept-ranges: bytes
content-length: 7492
content-type: image/jpeg

GET
H2 200 wheat-kheer.jpg
www.karwachauth.com/images/ 4 KB
4 KB 159ms
157ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/wheat-kheer.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: c0de491cc44d75102012a1304b3ef46f792145abb69f551c2e6aa1059cf63708

Request headers

:path: /images/wheat-kheer.jpg
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 10:07:41 GMT
server: Apache
accept-ranges: bytes
content-length: 4518
content-type: image/jpeg

GET
H2 200 aloo-tikki.jpg
www.karwachauth.com/images/ 7 KB
7 KB 177ms
175ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/aloo-tikki.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: de2acad7dac5e06612db68bda7a85a0272f39c51452fe1ac6f2cb6595b3c7921

Request headers

:path: /images/aloo-tikki.jpg
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 09:54:37 GMT
server: Apache
accept-ranges: bytes
content-length: 7324
content-type: image/jpeg

GET
H2 200 facebook.png
www.karwachauth.com/images/ 4 KB
4 KB 174ms
173ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/facebook.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: bf687364bb0a5840fab4eb669d04c5b87447f926dfcfc5d661c667b6af53d034

Request headers

:path: /images/facebook.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Wed, 02 May 2018 11:26:31 GMT
server: Apache
accept-ranges: bytes
content-length: 3774
content-type: image/png

GET
H2 200 twitter.png
www.karwachauth.com/images/ 1 KB
1 KB 174ms
173ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/twitter.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 56e1de7e60c004753f1a3d681b6a337206b1b97d5eea9529342f8491ece8d20b

Request headers

:path: /images/twitter.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Wed, 02 May 2018 11:26:30 GMT
server: Apache
accept-ranges: bytes
content-length: 1246
content-type: image/png

GET
H2 200 youtube.png
www.karwachauth.com/images/ 1 KB
1 KB 175ms
174ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/youtube.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: bb441c64da825cc9f21e99ca685c2c69ecd9261c7e907e0d3bf610373bf78646

Request headers

:path: /images/youtube.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Wed, 02 May 2018 11:26:30 GMT
server: Apache
accept-ranges: bytes
content-length: 1280
content-type: image/png

GET
H2 200 instagram.png
www.karwachauth.com/images/ 1 KB
1 KB 175ms
174ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/instagram.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 326c1d706da63029834d456e17dd871cfb66f5d41406d07d8a5b421257021793

Request headers

:path: /images/instagram.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Wed, 02 May 2018 11:26:29 GMT
server: Apache
accept-ranges: bytes
content-length: 1370
content-type: image/png

GET
H2 200 gplus.png
www.karwachauth.com/images/ 1 KB
1 KB 3561ms
3559ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/gplus.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: bcff7fb6dd5fd503e30c5c06ba134b3cd9213f88ee8f0de362ce0b13f4e769cc

Request headers

:path: /images/gplus.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Wed, 02 May 2018 11:26:28 GMT
server: Apache
accept-ranges: bytes
content-length: 1272
content-type: image/png

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,800,700italic,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.karwachauth.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 466551
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 11 May 2022 01:50:37 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 16ms
13ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.karwachauth.com
URL: https://www.karwachauth.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 293002
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:06 GMT

GET
H2 200 karwa-right.png
www.karwachauth.com/images/ 83 KB
83 KB 395ms
394ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/karwa-right.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: ca0c72d8e0b8efd324a5b75e1a72b6a068180e2dfccae6248ba69e2f0d8cf9a1

Request headers

:path: /images/karwa-right.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:45:06 GMT
server: Apache
accept-ranges: bytes
content-length: 84763
content-type: image/png

GET
H2 200 header-bg.jpg
www.karwachauth.com/images/ 74 KB
74 KB 518ms
517ms Image
image/jpeg 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/header-bg.jpg
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 3c14c7e87fc4ecfd08cfbf1c77642eeca1a282eb0ca2eff8e58229af8d2910fb

Request headers

:path: /images/header-bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 09:54:53 GMT
server: Apache
accept-ranges: bytes
content-length: 75442
content-type: image/jpeg

GET
H2 200 border-right.png
www.karwachauth.com/images/ 1 KB
1 KB 395ms
394ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/border-right.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 78c733364fcffa399f5e9237560e5ee6d32bc54dd23f6e85d0b7fd316d812d49

Request headers

:path: /images/border-right.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 09:54:40 GMT
server: Apache
accept-ranges: bytes
content-length: 1062
content-type: image/png

GET
H2 200 border-left.png
www.karwachauth.com/images/ 1 KB
1 KB 518ms
517ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/border-left.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 293dbc6c6d3b1ddcf9f96986e19ca52469185b0aea9c097040209d33cef88ddc

Request headers

:path: /images/border-left.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 09:54:39 GMT
server: Apache
accept-ranges: bytes
content-length: 1071
content-type: image/png

GET
H2 200 left-braket.png
www.karwachauth.com/images/ 1012 B
1 KB 394ms
394ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/left-braket.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 5045e9737a9325fa8b69884590f9ec0614146b485399d43bed6fb703a06244bf

Request headers

:path: /images/left-braket.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:45:09 GMT
server: Apache
accept-ranges: bytes
content-length: 1012
content-type: image/png

GET
H2 200 right-braket.png
www.karwachauth.com/images/ 1011 B
1 KB 518ms
518ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/right-braket.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: fd38a92e64512c0ffe0fb37608e86c5fbf57d44178797326b071d877ee641c5f

Request headers

:path: /images/right-braket.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
last-modified: Fri, 09 Jun 2017 05:45:20 GMT
server: Apache
accept-ranges: bytes
content-length: 1011
content-type: image/png

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,800,700italic,800italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.karwachauth.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 4970
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,800,700italic,800italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.karwachauth.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 398750
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 11 May 2022 20:40:38 GMT

GET
H3-29 200 wEO_EBrAnc9BLjLQAUk1VvoK.woff2
fonts.gstatic.com/s/courgette/v8/ 24 KB
24 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courgette/v8/wEO_EBrAnc9BLjLQAUk1VvoK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0fe2d79a2476314a0ee068faa535cb80c352b228df20f226a3f1cfc96b762d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.karwachauth.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 23:24:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:18:33 GMT
server: sffe
age: 388936
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24984
x-xss-protection: 0
expires: Wed, 11 May 2022 23:24:12 GMT

GET
H2 200 list.png
www.karwachauth.com/images/ 1 KB
1 KB 3560ms
3559ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/list.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 2f5d4542a3ce8f61bb2ee1a1cb8478851b4bf0c83f8be704cc8893bc5521a13f

Request headers

:path: /images/list.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 05:45:09 GMT
server: Apache
accept-ranges: bytes
content-length: 1080
content-type: image/png

GET
H2 200 footer-bg.png
www.karwachauth.com/images/ 1003 B
1 KB 3561ms
3560ms Image
image/png 192.185.23.100
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.karwachauth.com/images/footer-bg.png
Requested by: Host: www.karwachauth.com
URL: https://www.karwachauth.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.23.100 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mitsudell.com
Software: Apache /
Resource Hash: 30c5aefde63f1b6692b0db576aa4486d9067f5b3415304b3ab8d0cbc1b1a0deb

Request headers

:path: /images/footer-bg.png
pragma: no-cache
cookie: _ga=GA1.2.1726721001.1621164389; _gid=GA1.2.2111478544.1621164389; _gat_gtag_UA_52741879_6=1; __gads=ID=b06a3f8e0e524dda-22c0948a15c80024:T=1621164388:RT=1621164388:S=ALNI_MaAncTZ4FbG4rrHXZ6_WTTMNAgglg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.karwachauth.com
referer: https://www.karwachauth.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.karwachauth.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
last-modified: Fri, 09 Jun 2017 09:54:46 GMT
server: Apache
accept-ranges: bytes
content-length: 1003
content-type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52741879-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3576
date: Sun, 16 May 2021 10:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 16 May 2021 12:26:52 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/ 223 KB
82 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1576525035954946&plah=www.karwachauth.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84097
x-xss-protection: 0
server: cafe
etag: 12558658968377452156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 May 2021 11:26:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/ Frame D089 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210511/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.karwachauth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.karwachauth.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 15 May 2021 20:20:17 GMT
expires: Sat, 29 May 2021 20:20:17 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 54371
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=364914462&t=pageview&_s=1&dl=https%3A%2F%2Fwww.karwachauth.com%2F&ul=en-us&de=UTF-8&dt=Karwa%20Chauth%20-%20%E0%A4%95%E0%A4%B0%E0%A4%B5%E0%A4%BE%20%E0%A4%9A%E0%A5%8C%E0%A4%A5%2C%20Karwa%20Chauth%20in%20India&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=80640706&gjid=1610415773&cid=1726721001.1621164389&tid=UA-52741879-6&_gid=2111478544.1621164389&_r=1&gtm=2ou5c1&z=1647694742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 11:26:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.karwachauth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
643 B 134ms
64ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.karwachauth.com&callback=_gfp_s_&client=ca-pub-1576525035954946

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1576525035954946&plah=www.karwachauth.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

114b64bb0ae9b95d169f74e3c73a7d27aad1e5910e3d9835ab7258714a1cc7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.karwachauth.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.karwachauth.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4EB9 56 KB
21 KB 458ms
457ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2334688461&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388522&bpp=6&bdt=342&idt=83&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2017869517102&frm=20&pv=2&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=isnWM76n66&p=https%3A//www.karwachauth.com&dtd=99

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66855b353b8e2e3d8165a26380dc8020bd937f67dfa2776c05ae1289269010db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2334688461&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388522&bpp=6&bdt=342&idt=83&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2017869517102&frm=20&pv=2&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=isnWM76n66&p=https%3A//www.karwachauth.com&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.karwachauth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.karwachauth.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 11:26:29 GMT
server: cafe
content-length: 21667
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 11:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sun, 16 May 2021 11:26:28 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9647 79 KB
26 KB 1089ms
1089ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50fc8fb2b0e7b45c2c6a1962b0d13c17135de0a6c1d56f556a68e115dcfa1535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.karwachauth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.karwachauth.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 11:26:29 GMT
server: cafe
content-length: 26111
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 11:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6641 58 KB
16 KB 578ms
577ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=3639232580&adk=492016216&adf=4061442901&pi=t.ma~as.3639232580&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=111&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8Sb0ZOVdvj&p=https%3A//www.karwachauth.com&dtd=114

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

818c0191e8e9a1b8c8d631f08298753fbe238afbe094577add3f13503c53688e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=3639232580&adk=492016216&adf=4061442901&pi=t.ma~as.3639232580&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=111&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8Sb0ZOVdvj&p=https%3A//www.karwachauth.com&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.karwachauth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.karwachauth.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 11:26:29 GMT
server: cafe
content-length: 16826
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 11:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E64F 79 KB
25 KB 575ms
574ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae372492d349cda0549b19b87f02792d59d51c4176325ab3361177e0129e688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.karwachauth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.karwachauth.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 11:26:29 GMT
server: cafe
content-length: 26044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 11:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79CB 5 KB
727 B 65ms
65ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&adk=1812271804&adf=3025194257&lmt=1613479373&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.karwachauth.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388542&bpp=1&bdt=362&idt=110&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280%2C728x280&nras=1&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=115

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac7505dd62d98ef68ad715c7507279e29cf00ee000e8dd039ed704a3e745fefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1576525035954946&output=html&adk=1812271804&adf=3025194257&lmt=1613479373&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.karwachauth.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388542&bpp=1&bdt=362&idt=110&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280%2C728x280&nras=1&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=115
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.karwachauth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.karwachauth.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 11:26:28 GMT
server: cafe
content-length: 704
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 11:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:28 GMT
cache-control: private

GET
H2 200 13941226069182231622
tpc.googlesyndication.com/daca_images/simgad/ Frame 4EB9 121 KB
121 KB 33ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13941226069182231622

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2334688461&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388522&bpp=6&bdt=342&idt=83&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2017869517102&frm=20&pv=2&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=isnWM76n66&p=https%3A//www.karwachauth.com&dtd=99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e1964b366729d0346b2daf96f9932b80ba38e6f0fc65e05341743f17c556cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:21:38 GMT
x-content-type-options: nosniff
age: 360291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123993
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 05:56:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 May 2022 07:21:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 4EB9 17 KB
7 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:23:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 4EB9 2 KB
1 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:25:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EB9 117 KB
36 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 11:26:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 4EB9 13 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:24:34 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 4EB9 25 KB
10 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 18:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 May 2021 18:01:37 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4EB9 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvGHMZAGhYOanJ8mczAbG1ofYB5OykeBiz7XOo8UNi4Ccr6QOEAEgi9KyBmCVAqABsoau9ALIAQKoAwHIA8kEqgS5AU_QoskAHw_ESdRk9qpVcxwNGFKIcBLnRV_E57dM0WiixE4ikHnWCX5Uhbhi7IiTTnyq1XS_0zhh-SEnU5l1yjpUZVmUgc8GJ8080Z2d471AZ7UGwzt33nyV-Ncjh85raWnk25_HZMyJhW4zWPBKOmUGTUI0FZx7eMCZNPINyTeIuHBjAEm7bAnh8NhQOK-nZJCprktd9yJSC8d4KEbqOYKEk86Jy9OjNsXoNPOuZmCyr-paNCz7OQKuwATOhaiJvQOSBQQIBBgBkgUECAUYBKAGAoAH38nrjwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQhu0I0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTE1NzY1MjUwMzU5NTQ5NDY&sigh=OHsycG6sJL4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2334688461&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388522&bpp=6&bdt=342&idt=83&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2017869517102&frm=20&pv=2&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=isnWM76n66&p=https%3A//www.karwachauth.com&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 11:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 16 May 2021 11:26:29 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7D5 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2334688461&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388522&bpp=6&bdt=342&idt=83&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2017869517102&frm=20&pv=2&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=isnWM76n66&p=https%3A//www.karwachauth.com&dtd=99
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2334688461&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388522&bpp=6&bdt=342&idt=83&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2017869517102&frm=20&pv=2&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=isnWM76n66&p=https%3A//www.karwachauth.com&dtd=99

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3430
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame B42C 247 B
787 B 150ms
67ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f163.1e100.net

Software

sffe /

Resource Hash

5d09978cc06ead7fdb1b916f1251e8789fb104cb2b7fa620e15d0699d6025afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-quPMHqGuewmxrCLVuz2ftg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 202
date: Sun, 16 May 2021 11:26:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4EB9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fdaddc73bb508708db2628574e7b761842a974811a5f6bee39031c03bafccf6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7D5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

41ms
41ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmZItbYHbkaVz7hiRKgxGpETD_M-cy8fAJxpXDMCwU87boycMhteiwdnZNcT20; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 12:26:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 269be715601f8e903b6672881cbcfc1c.js Show response
www.gstatic.com/mysidia/ Frame 6641 6 KB
3 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/269be715601f8e903b6672881cbcfc1c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=3639232580&adk=492016216&adf=4061442901&pi=t.ma~as.3639232580&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=111&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8Sb0ZOVdvj&p=https%3A//www.karwachauth.com&dtd=114

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6731bd12d2ea4eb4e7e640486c24fb5e44f65c6eb1b5e2541d64413c9402dcbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 07:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:22:03 GMT
server: sffe
age: 273897
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2730
x-xss-protection: 0
expires: Wed, 11 Aug 2021 07:21:32 GMT

GET
H3-29 200 0b151a84dfc65d913157adc442c1ad3d.js Show response
www.gstatic.com/mysidia/ Frame 6641 7 KB
3 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b151a84dfc65d913157adc442c1ad3d.js?tag=text/vanilla_rda_animated_cta

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b6fc15a82592fab0093b2eb04bd165b6aab47cb130a11a35d5b422fe7c1579e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 07:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 07:08:25 GMT
server: sffe
age: 272528
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2983
x-xss-protection: 0
expires: Wed, 11 Aug 2021 07:44:21 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6641 3 KB
578 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 09:51:20 GMT
server: ESF
date: Sun, 16 May 2021 11:26:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 May 2021 11:26:29 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 6641 1 KB
909 B 19ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:24:01 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 6641 17 KB
7 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:23:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 6641 2 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:25:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6641 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 11:26:29 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 6641 13 KB
6 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:24:34 GMT

GET
H3-29 200 a9a8364a2596c42846402f3b38495283.js Show response
www.gstatic.com/mysidia/ Frame 6641 25 KB
10 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 05:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 00:23:29 GMT
server: sffe
age: 108676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:15:13 GMT

GET
H3-29 200 10380099308700684846
tpc.googlesyndication.com/simgad/ Frame E64F 43 KB
43 KB 30ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10380099308700684846?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnAMqSby8JhKjXftPhN1B8mE1wapQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 00:02:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 16:16:14 GMT
server: sffe
age: 386657
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44007
x-xss-protection: 0
expires: Thu, 12 May 2022 00:02:12 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame E64F 17 KB
7 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:23:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame E64F 2 KB
1 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:25:05 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame E64F 67 B
91 B 32ms
17ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 01:32:03 GMT
x-content-type-options: nosniff
server: cafe
age: 35666
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 17 May 2021 01:32:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E64F 117 KB
36 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 11:26:29 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame E64F 13 KB
6 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:24:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E64F 0
0 45ms
45ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4AJ5ZAGhYObCKMW2-wbyqoSoB_nYnPthnaDYnqwNg52M7qoJEAEgi9KyBmCVAqABnK_7qALIAQKoAwHIA8kEqgS5AU_Qq44Y4MEWtobudp1OdwvEZfCHApIyCuwYqVaFOZTnNzxd6INji5QqkdRxPDWKA4QhXuQGSE_U2iyyAtltUmmv6cOFyoQjz3HuRw591U6UIyGNRfhYYyGnKCauai77oNNepRO_pV7lLd5r1bM28qBGhjo1G22JlY5xSJx9dwo2mf4KYY-siZ42qlCAPPFv7Y3CtuE_SFx1XPQnotZSsDxS40Ixzrf5Guxb62ATHOdV9wxjqv4dtkAhwASJpL32ywOSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQg_9h0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTE1NzY1MjUwMzU5NTQ5NDY&sigh=WYcKdL--T6k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 11:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame E64F 25 KB
10 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 18:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 May 2021 18:01:37 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17172837875220931685/ Frame 6641 2 KB
3 KB 17ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17172837875220931685/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d1531ff9a228cdfb6c9a7b9af1abbf58ee617a60f8d29a619f625aaa0dbc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:10:19 GMT
x-content-type-options: nosniff
age: 292570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2538
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 13:23:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 May 2022 02:10:19 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6641 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaNsLZAGhYMOUKIX5zAb84IKoA_r9vt5iyfuM6ZwN3Iv40pQOEAEgi9KyBmCVAqAB8vvT3wPIAQGpAs6P_jB0YLQ-qAMBqgTAAU_Qajmcrh1843umFokhcskdlNSLD0kA400ABkY_STNazR-0vgNWNknvtureuWmvatEEQ8EnkxarR2vj5P1x9jkytu80fAn9xxTEM7dQHzISg1AyAYYjWgYcv5m4D-KJoHYsDhVBtEztVPYucRgLlIqEu73yvRZTg75J1FhHE-IPGkqyDPO6-eaAuE_b9Els-rulyG704ctL-vUmdKOy-WvYStPV8DTYb6SFtUbM0aKqM8nKduWGPINRIMwRQ691tcAEm6f15_YCkgUECAQYAZIFBAgFGASAB9nlsiaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQqf4D0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBmBYBgBcBshcaChgIABIUcHViLTE1NzY1MjUwMzU5NTQ5NDY&sigh=udzyqfHAx4c&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=3639232580&adk=492016216&adf=4061442901&pi=t.ma~as.3639232580&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=111&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8Sb0ZOVdvj&p=https%3A//www.karwachauth.com&dtd=114
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 11:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5F8 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=3639232580&adk=492016216&adf=4061442901&pi=t.ma~as.3639232580&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=111&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8Sb0ZOVdvj&p=https%3A//www.karwachauth.com&dtd=114
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmZItbYHbkaVz7hiRKgxGpETD_M-cy8fAJxpXDMCwU87boycMhteiwdnZNcT20; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=3639232580&adk=492016216&adf=4061442901&pi=t.ma~as.3639232580&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=111&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8Sb0ZOVdvj&p=https%3A//www.karwachauth.com&dtd=114

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3430
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E600 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmZItbYHbkaVz7hiRKgxGpETD_M-cy8fAJxpXDMCwU87boycMhteiwdnZNcT20; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3430
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6641 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9c35081b5efd7f74dfc8e5e8adb7cb85742faba5a29968edecd67b80f695be9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E64F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c80dc40bf34fd9191090c6c95555a5731a7e8353e75dd3deeb6b6d7830e43233

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 iframe.html Show response
p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame B42C 4 KB
2 KB 179ms
51ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f163.1e100.net

Software

sffe /

Resource Hash

9a13557876b083b8df8e833546adfd1419b21f0276e43682d0f2605415127ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-UosFA9L8UMnmF2qZKCYlUw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1862
date: Sun, 16 May 2021 11:26:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6641 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 294867
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 13 May 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6641 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 294898
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 13 May 2022 01:31:31 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

41ms
41ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmZItbYHbkaVz7hiRKgxGpETD_M-cy8fAJxpXDMCwU87boycMhteiwdnZNcT20; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 12:26:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E600
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

74ms
74ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmZItbYHbkaVz7hiRKgxGpETD_M-cy8fAJxpXDMCwU87boycMhteiwdnZNcT20; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 12:26:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame DF76 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=452510332&adf=2251177354&pi=t.ma~as.6601704984&w=728&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388531&bpp=1&bdt=351&idt=116&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C339x280%2C728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=mJMxWdmsIR&p=https%3A//www.karwachauth.com&dtd=118

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 4732
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 10:07:37 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 77F6 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 4732
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 10:07:37 GMT

GET
H3-29 200 10380099308700684846
tpc.googlesyndication.com/simgad/ Frame 9647 43 KB
43 KB 6ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10380099308700684846?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnAMqSby8JhKjXftPhN1B8mE1wapQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 00:02:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 16:16:14 GMT
server: sffe
age: 386657
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44007
x-xss-protection: 0
expires: Thu, 12 May 2022 00:02:12 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 9647 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:23:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9647 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:25:05 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 9647 67 B
91 B 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 01:32:03 GMT
x-content-type-options: nosniff
server: cafe
age: 35666
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 17 May 2021 01:32:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9647 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 11:26:29 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9647 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 11:24:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9647 0
0 48ms
47ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2l4nZAGhYJbjJ9GA2fcPybGW6Az52Jz7YZ2g2J6sDYOdjO6qCRABIIvSsgZglQKgAZyv-6gCyAECqAMByAPJBKoEwAFP0OsuJql9eV0x-as2qGN8cVtcoJyi_moMxgfouaWfqSZBmo2tJicjl8mjjnoafZhTrarnQ9npehU1AqGSLv5WR0omsjXYY-qWJ9hOFoyU__W_UR1eCDWDjZ9hI0VshOodz14ZZiwRms48LE7Eud8O1d3E_80jzfuRg2N9Xi4JkbWAYX6_sysESejOMZZXTUMgeMEDVC1Y0QfAWPSrycdVwSdXP_EKDIbKdii0T8BxqF9PGPTH_7wroFLvYqku53nABImkvfbLA5IFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRDM_uYC0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTE1NzY1MjUwMzU5NTQ5NDY&sigh=9IFyChQJGTU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 11:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9647 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 18:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 May 2021 18:01:37 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E7E 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmZItbYHbkaVz7hiRKgxGpETD_M-cy8fAJxpXDMCwU87boycMhteiwdnZNcT20; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3430
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9647 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 976e65921a166a0fa8868c6b11f25ee6d43854dab7e2bab5f95eb4ec047fef3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E7E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmZItbYHbkaVz7hiRKgxGpETD_M-cy8fAJxpXDMCwU87boycMhteiwdnZNcT20; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 12:26:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 11:26:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 11:26:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 15E2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1576525035954946&output=html&h=280&slotname=6601704984&adk=1678176464&adf=2001117046&pi=t.ma~as.6601704984&w=339&fwrn=4&fwrnh=100&lmt=1613479373&rafmt=1&psa=0&format=339x280&url=https%3A%2F%2Fwww.karwachauth.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621164388530&bpp=1&bdt=350&idt=103&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=2017869517102&frm=20&pv=1&ga_vid=1726721001.1621164389&ga_sid=1621164389&ga_hid=364914462&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1046&ady=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060710%2C31060957&oid=3&pvsid=4283856023169959&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kok4OWF2t6&p=https%3A//www.karwachauth.com&dtd=108

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 4732
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 10:07:37 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EB9 42 B
501 B 59ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZynAV3qYwmN0kK8FABuoVsC7J7r2cfHP9RXciMEs_zpKvQeDGgLhZt-9emcvo50B9q8BtQLlDKgvi3jTluzgGqkS9d5QnaswLw2DsbBIJGTiweJ1POvgJcopejQ&sai=AMfl-YQZROGDS_Hi4taDOSi0IvcU97zHDrb_aBxMoZf14pAgluiZUGpFaqEBulOuKQlZSte_ImNwnK6GKg0x&sig=Cg0ArKJSzMrcGxoCjxr_EAE&id=lidar2&mcvt=1000&p=360,627,548,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=452510332&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621164388625&dlt=460&rpt=81&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 11:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210511&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1a12002c58fd7c07edb1c7c378bc4052dd4ea693134ac7af3284ddfd0c1d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 11:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7673
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 16 May 2021 11:26:32 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B06D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.karwachauth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.karwachauth.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 11:05:44 GMT
expires: Mon, 16 May 2022 11:05:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1249
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame B06D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 4736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 10:07:37 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210511&jk=4283856023169959&bg=!HR6lHlrNAAY59bwoOfU7ACkAdvg8Wkr-DGazpHqVqVSan8Bn7oKu0isvvp52hzTXNLLfiDumWe0h0wIAAABfUgAAAAxoAQcKAJ8E6SwUFVFIYNyIyi0drDyse43yjNaQGLr2FnPNCPdNnwmq_I5Jz0GmFkASZrHcP0ciHhnSpdVVKeDqu9EhBa8HAonWyvJFK8MStBbrEimxtI0mS6C-2ZLGbO8M505YMTOXcztagIsD5Zhy4X4GVxqEianGq7L5neAOpO6Jj05i5HZDp5usdMeis_djfMd63itDZFOXRn13ThGQN41sWcuZAlNxIG1NyN1oU-I9apIEHfMO8EkWmB5JKmG5xJtK_owKgF83RIE0pVV1V8l-f3APFhkRWZcqy3uaG32PoJN37lsD4hFrdJcl5f8kQoejBRHjeJa2qvn-_axKFNtv1UKKvmJtkmyfzDc620yLXwq-mZhuCo93Q-l9JKLJx1nH-6yNB8QWy08QChoDrcU3P6fJgAFRwQ09N1Z7INJqEjI3FoPR6cQqvEH7aM4T_JIxNM5_3TttLlimqqnLAy4EO-tZQWxE2cmVEu7eopHpJACMbtpTG2mNWK0_DoM6FjGoTz_q4U25qrlJ1FVDeXZvq3zDPPm611EnCMLNTZTeFmeZQPtN7n-f_Dp7VzSf73KoR85PNwDZRPL7Xb7yEH__DqYc4fm5MgD-1Lw1G1bv7xCvbdzx_5KUhjPtUljdLPauJFjpB_MGCDhs-q6JO4k4j1bbtXhwvVlFxXSe7DBfYkl4YCbBYdviUJqMv_nUnD6bq_jI0w04zZvTe1V5oIT-AtyMJR2bPpdpdtSPny6f_eomiUQNRbm0xrvkDSqjYlfedMjDnCUQUrdnjvgA5sBgtuHmpDMN3e7kAIlPetDIBhFZiaoFhlkPeLTUxcGRNVSV35luN8LA5gU1XqUGYz40RL7EJmpkQM1vAHq-mPvtc3mEmAmJGKL5NewwqZy6RRjGTWJDzEC2zQITJpSoneCAv1U70DwVMWJSPBR4iVPQpXTMpqqBTgJaEdb9N3B5zddpWl_G5xT0dI9A1uMGlLCrGasygXMCfE7fsbMyoR-Oc2bOEyh5nNHa

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.karwachauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 11:26:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame B42C 35 B
410 B 416ms
53ms Image
image/gif 142.250.185.210
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.210 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 11:26:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame B42C 35 B
410 B 62ms
13ms Image
image/gif 2a00:1450:4001:801::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 11:26:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
karwachauth.com
p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i1-v6exp3.v4.metric.gstatic.com
p4-gfechl5jdxkrg-atxafed6l25jxuas-618913-i2-v6exp3.ds.metric.gstatic.com
p4-gfechl5jdxkrg-atxafed6l25jxuas-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.karwachauth.com
142.250.185.210
172.217.23.98
192.185.23.100
216.58.212.163
2a00:1450:4001:800::2002
2a00:1450:4001:801::2012
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
03623051f0c88c75cbb5d424d0121ee9fefed58cad79c005b80c0a4657013d73
057c5de4edabfac0c249877f7a97af6c8e8f9ee168cd52cd59cf43e9a5e235eb
05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258
081cb29baad6885a73c93253a8e1f8c82bec221da413844616ccd1793b43e873
09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3
0b422aeb4cdf5d8a4b9f579e58a8ac70a37079fb16263242cd393c405515df38
114b64bb0ae9b95d169f74e3c73a7d27aad1e5910e3d9835ab7258714a1cc7b4
11ed9eb707c69ceb4967ce19a994b352d589e0cb47ebb195f5aecf4f4ad04dbf
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
150791f9e8e99acd4afad1e1fec00344b3146f9584a6178c333860b35e8f5583
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1fdaddc73bb508708db2628574e7b761842a974811a5f6bee39031c03bafccf6
203d79361f110060ff2c3cbd888d4f1a74cdabbdb4efd0526713d018b55e52b8
22417e5c46696c92f5e7faf9287d837e895ffc7526ad43433b0f8ce19ca637ce
293dbc6c6d3b1ddcf9f96986e19ca52469185b0aea9c097040209d33cef88ddc
2ae372492d349cda0549b19b87f02792d59d51c4176325ab3361177e0129e688
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f1a12002c58fd7c07edb1c7c378bc4052dd4ea693134ac7af3284ddfd0c1d42
2f5d4542a3ce8f61bb2ee1a1cb8478851b4bf0c83f8be704cc8893bc5521a13f
30c5aefde63f1b6692b0db576aa4486d9067f5b3415304b3ab8d0cbc1b1a0deb
326c1d706da63029834d456e17dd871cfb66f5d41406d07d8a5b421257021793
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3c14c7e87fc4ecfd08cfbf1c77642eeca1a282eb0ca2eff8e58229af8d2910fb
41c2ec8285a542019975ee55caa2219c2d51a10b2c5ba57f6aabc9f7674dd5bf
4711248d1d8e54c3173460e7007f9a574697415220d9111091c53941716921d4
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
5045e9737a9325fa8b69884590f9ec0614146b485399d43bed6fb703a06244bf
50fc8fb2b0e7b45c2c6a1962b0d13c17135de0a6c1d56f556a68e115dcfa1535
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
56e1de7e60c004753f1a3d681b6a337206b1b97d5eea9529342f8491ece8d20b
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5d09978cc06ead7fdb1b916f1251e8789fb104cb2b7fa620e15d0699d6025afa
62d1531ff9a228cdfb6c9a7b9af1abbf58ee617a60f8d29a619f625aaa0dbc2c
6337c37bc43513efd38ddd1b55fb53201770630d6101b4e63924b5951036f054
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
66855b353b8e2e3d8165a26380dc8020bd937f67dfa2776c05ae1289269010db
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
6731bd12d2ea4eb4e7e640486c24fb5e44f65c6eb1b5e2541d64413c9402dcbe
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b0fe2d79a2476314a0ee068faa535cb80c352b228df20f226a3f1cfc96b762d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
78c733364fcffa399f5e9237560e5ee6d32bc54dd23f6e85d0b7fd316d812d49
7c278f3097a2330d62992f422f0dac4b86e833c714494a73200d1be2af60e4f1
818c0191e8e9a1b8c8d631f08298753fbe238afbe094577add3f13503c53688e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
8755f127841e0fd64fae2cf36e6d74a474da33a17680c5c28b06ce1d9261479a
90e1964b366729d0346b2daf96f9932b80ba38e6f0fc65e05341743f17c556cf
976e65921a166a0fa8868c6b11f25ee6d43854dab7e2bab5f95eb4ec047fef3d
9a13557876b083b8df8e833546adfd1419b21f0276e43682d0f2605415127ace
9b6fc15a82592fab0093b2eb04bd165b6aab47cb130a11a35d5b422fe7c1579e
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ac7505dd62d98ef68ad715c7507279e29cf00ee000e8dd039ed704a3e745fefa
b7df8d1bc97aef430856adc061ff57e8b557c63ead319ee05feae4c34ced2b2b
b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7
bb441c64da825cc9f21e99ca685c2c69ecd9261c7e907e0d3bf610373bf78646
bcff7fb6dd5fd503e30c5c06ba134b3cd9213f88ee8f0de362ce0b13f4e769cc
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf687364bb0a5840fab4eb669d04c5b87447f926dfcfc5d661c667b6af53d034
c0de491cc44d75102012a1304b3ef46f792145abb69f551c2e6aa1059cf63708
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c80dc40bf34fd9191090c6c95555a5731a7e8353e75dd3deeb6b6d7830e43233
ca0c72d8e0b8efd324a5b75e1a72b6a068180e2dfccae6248ba69e2f0d8cf9a1
d3855f017fcb20fe87607659fa4912da9688e38e427549b5897946f4cd2f4305
d426385965f8ad67a88e7aa83d26c46b0bd8ef1037643930f7b6b908a63c1bb4
d690322e2bf3042991535de85d01aa593259a4105c751f2f2d8e1971b8c101ee
d9c35081b5efd7f74dfc8e5e8adb7cb85742faba5a29968edecd67b80f695be9
de2acad7dac5e06612db68bda7a85a0272f39c51452fe1ac6f2cb6595b3c7921
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96744b4240e86b8e1472f6f730951c490b1ffaea3d5093733f2094a9694d149
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f30d71e5bdb3967590cefa56828a948b007de563e34997cb7a11e6946571122b
fd38a92e64512c0ffe0fb37608e86c5fbf57d44178797326b071d877ee641c5f
fed29432df642109fbb60b82fa10c9241275c4d34ed7b6887df6206f1dad4cf0

www.karwachauth.com Open in urlscan Pro 192.185.23.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

100 %HTTPS

76 %IPv6

11 Domains

18 Subdomains

18 IPs

2 Countries

1386 kBTransfer

2512 kBSize

0 Cookies

47 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.karwachauth.com Open in urlscan Pro
192.185.23.100 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

100 %
HTTPS

76 %
IPv6

11
Domains

18
Subdomains

18
IPs

2
Countries

1386 kB
Transfer

2512 kB
Size

0
Cookies

112 HTTP transactions
4 data transactions