URL: https://karwachauthwishes.robloxstar.com/
Submission Tags: phishingrod
Submission: On December 21 via api from DE — Scanned from DE

Summary

This website contacted 20 IPs in 5 countries across 18 domains to perform 48 HTTP transactions. The main IP is 103.21.59.123, located in Mumbai, India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is karwachauthwishes.robloxstar.com.
TLS certificate: Issued by R3 on October 12th 2022. Valid for: 3 months.
This is the only time karwachauthwishes.robloxstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
204 KB
8 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 9741
4.bp.blogspot.com — Cisco Umbrella Rank: 12667
135 KB
8 robloxstar.com
karwachauthwishes.robloxstar.com
1 MB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
9 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 kananath.com
kananath.com
www.kananath.com
588 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 304
31 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
10 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
698 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2623
359 B
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1658
468 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
75 KB
1 sanatanpragya.com
sanatanpragya.com
460 KB
1 xn--c1a8a.io
xn--c1a8a.io
499 B
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
24 KB
0 xn--t1au.io Failed
xn--t1au.io Failed
0 fest-wishes.com Failed
fest-wishes.com Failed
48 18
Domain Requested by
8 karwachauthwishes.robloxstar.com karwachauthwishes.robloxstar.com
7 pagead2.googlesyndication.com karwachauthwishes.robloxstar.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 1.bp.blogspot.com karwachauthwishes.robloxstar.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cdnjs.cloudflare.com karwachauthwishes.robloxstar.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 i.pinimg.com karwachauthwishes.robloxstar.com
1 www.kananath.com karwachauthwishes.robloxstar.com
1 kananath.com 1 redirects
1 www.googletagmanager.com karwachauthwishes.robloxstar.com
1 4.bp.blogspot.com karwachauthwishes.robloxstar.com
1 sanatanpragya.com karwachauthwishes.robloxstar.com
1 xn--c1a8a.io karwachauthwishes.robloxstar.com
1 cdn.ampproject.org karwachauthwishes.robloxstar.com
1 ajax.googleapis.com karwachauthwishes.robloxstar.com
1 fonts.googleapis.com karwachauthwishes.robloxstar.com
0 xn--t1au.io Failed karwachauthwishes.robloxstar.com
0 fest-wishes.com Failed karwachauthwishes.robloxstar.com
48 23

This site contains no links.

Subject Issuer Validity Valid
www.karwachauthwishes.robloxstar.com
R3
2022-10-12 -
2023-01-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sanatanpragya.com
R3
2022-10-11 -
2023-01-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-28 -
2023-08-08
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh

This page contains 8 frames:

Primary Page: https://karwachauthwishes.robloxstar.com/
Frame ID: 5811471B83F6C256628213E68767852C
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: EE7FE468A17C52E52F99BF90E3C16CB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&adk=1812271804&adf=4235265862&lmt=1665618398&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948822&bpp=3&bdt=1465&idt=485&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=862389746739&frm=20&pv=2&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=507
Frame ID: 9AAD277E8BE7546E41BA8B003CC682D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&h=280&slotname=6877334426&adk=2270106647&adf=3025194257&pi=t.ma~as.6877334426&w=1200&fwrn=4&fwrnh=100&lmt=1665618398&rafmt=1&format=1200x280&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948825&bpp=2&bdt=1468&idt=509&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=862389746739&frm=20&pv=1&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v0m8FOaXjB&p=https%3A//karwachauthwishes.robloxstar.com&dtd=513
Frame ID: 680D40F4924D2B34F643D11EFE60FDAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&h=280&slotname=6877334426&adk=2270106647&adf=1573534164&pi=t.ma~as.6877334426&w=1200&fwrn=4&fwrnh=100&lmt=1665618398&rafmt=1&format=1200x280&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948827&bpp=1&bdt=1471&idt=514&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=862389746739&frm=20&pv=1&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Pe5oWZr37E&p=https%3A//karwachauthwishes.robloxstar.com&dtd=516
Frame ID: E4DB92F79E20171B650D9C89D59FC332
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&h=280&slotname=6877334426&adk=1291410438&adf=3319664614&pi=t.ma~as.6877334426&w=1200&fwrn=4&fwrnh=100&lmt=1665618398&rafmt=1&format=1200x280&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948828&bpp=1&bdt=1471&idt=517&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=862389746739&frm=20&pv=1&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=27eBYcxEUi&p=https%3A//karwachauthwishes.robloxstar.com&dtd=518
Frame ID: 0B41256F69DD8D06A4973F30BFEC7500
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 654D171118649DCAF6D1ED2EF46EC0CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2231216BF2CCDE586D86CE92F201F7F0
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

🙏 हैप्पी करवा चौथ 🙏

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

94 %
HTTPS

89 %
IPv6

18
Domains

23
Subdomains

20
IPs

5
Countries

2590 kB
Transfer

3533 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://fest-wishes.com/slide.js HTTP 0
  • http://fest-wishes.com/slide.js
Request Chain 19
  • https://kananath.com/kananath.js HTTP 301
  • https://www.kananath.com/kananath.js

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
karwachauthwishes.robloxstar.com/
38 KB
13 KB
Document
General
Full URL
https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash
35738a807a056984efb272135c08fca672ecc43d06c6f05b62597bc0995689f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
13116
content-type
text/html
date
Wed, 21 Dec 2022 22:32:27 GMT
last-modified
Wed, 12 Oct 2022 23:46:38 GMT
server
Apache
vary
Accept-Encoding
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/
52 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
792699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm7OwCRmph42mCRrRlsuJ8h8Qfi%2BLpofeaMtdxoEcCNkLpnXoDG%2FXNC1JdPwTfyTr7yEL4boB9FJjBGsBdR2oeAkPQ414j6c%2FvWZABfhCkrJiX14h%2BR7Xpm8dPjVF1ldeIbjltUA%2Fzy0HusgRuzS3WqF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77d412e38dbebb55-FRA
expires
Mon, 11 Dec 2023 22:32:27 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
531703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQk5B8M%2Bdm6EA4688SfE2i24eQU4lh098REAUa6g643vHV4tvmnlsSbY6L577O7PoAa9x%2BBfRryeTNZmTzY6%2FQbdIjhe7j0F5wcj3gAATNOA4Mzuw9MO4sw3SXMxSCqhN4bS185MZw95JjQjhOkJjdJ1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77d412e38dc2bb55-FRA
expires
Mon, 11 Dec 2023 22:32:27 GMT
css
fonts.googleapis.com/
538 B
861 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Sofia:&effect=neon
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4dd0a151b52069e9f89e843024dd87415603c08a124eee9cf651873458b294d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Dec 2022 22:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 22:32:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Dec 2022 22:32:27 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
559278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:11:09 GMT
slide.js
karwachauthwishes.robloxstar.com/
0
0
Script
General
Full URL
https://karwachauthwishes.robloxstar.com/slide.js
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:27 GMT
content-encoding
gzip
last-modified
Sun, 09 Jan 2022 03:41:53 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
358
slide.js
fest-wishes.com/
Redirect Chain
  • https://fest-wishes.com/slide.js
  • http://fest-wishes.com/slide.js
0
0

amp-ad-0.1.js
cdn.ampproject.org/v0/
82 KB
24 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37f6ae60595a0d47a07f29de8025c7f9023ede6b23230df0af72a9698c7ca849
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 22:32:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23078
x-xss-protection
0
server
sffe
etag
"e8aa1933667594a4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 21 Dec 2022 22:32:28 GMT
1.png
1.bp.blogspot.com/-YzeGkr9WBcM/X5vfT7O7JNI/AAAAAAAAAK8/8JTQHqTOsCUIIcT4_JgXeVHlXz4kNnEcQCLcBGAsYHQ/s320/
32 KB
32 KB
Image
General
Full URL
https://1.bp.blogspot.com/-YzeGkr9WBcM/X5vfT7O7JNI/AAAAAAAAAK8/8JTQHqTOsCUIIcT4_JgXeVHlXz4kNnEcQCLcBGAsYHQ/s320/1.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b328f61283d5524da3e128fea59ba6cdd1e12956f52e6d1eb0711f8631834353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32714
x-xss-protection
0
server
fife
etag
"vb3"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:09:22 GMT
/
xn--c1a8a.io/1/
0
499 B
Script
General
Full URL
https://xn--c1a8a.io/1/
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:124f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 21 Dec 2022 22:32:27 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 12 Jun 2021 21:20:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPFld%2BQB4aVwnG91VVdny9PClUax2A9YA%2FMH%2BWlOrRUE67rWAQKrgNM%2FC52CqpoXXm5oRz8TnqpPk29Zszygxml0t2acEssBEw%2FvfN0NbFIsVLQDQMRGJJMGTiKlkMVmW6DlMybdFR%2Fsx38%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
77d412e47abfbbd4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
4.png
1.bp.blogspot.com/-CJ42kSTWo_c/X5vfUxHF3ZI/AAAAAAAAALI/qA14Z11olDQ6gCV79ZyiqbhdByk0boVgQCLcBGAsYHQ/s0/
3 KB
4 KB
Image
General
Full URL
https://1.bp.blogspot.com/-CJ42kSTWo_c/X5vfUxHF3ZI/AAAAAAAAALI/qA14Z11olDQ6gCV79ZyiqbhdByk0boVgQCLcBGAsYHQ/s0/4.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b5826beeca03c7f9cf538df2874f5182a7c8719128b008527831d86b85e97fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="4.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3435
x-xss-protection
0
server
fife
etag
"vb6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:09:22 GMT
3.png
1.bp.blogspot.com/-dMqtUgrNPAI/X5vfT56EU2I/AAAAAAAAALA/Yof90TxWIoUk7E9--aWRBOZ_TjyYcV-IACLcBGAsYHQ/s0/
4 KB
4 KB
Image
General
Full URL
https://1.bp.blogspot.com/-dMqtUgrNPAI/X5vfT56EU2I/AAAAAAAAALA/Yof90TxWIoUk7E9--aWRBOZ_TjyYcV-IACLcBGAsYHQ/s0/3.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d8dac2deaa3aec291b2e13699248c2f645012c957c034a5f193ecea83025379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="3.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4469
x-xss-protection
0
server
fife
etag
"vb4"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:09:23 GMT
2.png
1.bp.blogspot.com/-Y4eC_HFQTBw/X5vfT_9VGgI/AAAAAAAAALE/Rmn6wfTRQX0__fkKStMKak0VgBCCBKVVwCLcBGAsYHQ/s320/
17 KB
17 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Y4eC_HFQTBw/X5vfT_9VGgI/AAAAAAAAALE/Rmn6wfTRQX0__fkKStMKak0VgBCCBKVVwCLcBGAsYHQ/s320/2.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
85ff8a3833c82f1d9da148cc49e92e4cdc56359b4349daa0e6abdd09fe0ec5b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16953
x-xss-protection
0
server
fife
etag
"vb5"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:09:24 GMT
kiTarafSe2020.png
1.bp.blogspot.com/-mJaJ0lT_P4g/X3gixHZ4-NI/AAAAAAAAAJc/28_LIO3l6fg5OwoufgDi4I5jnnU-6T6wACLcBGAsYHQ/s16000/
25 KB
25 KB
Image
General
Full URL
https://1.bp.blogspot.com/-mJaJ0lT_P4g/X3gixHZ4-NI/AAAAAAAAAJc/28_LIO3l6fg5OwoufgDi4I5jnnU-6T6wACLcBGAsYHQ/s16000/kiTarafSe2020.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5038beaa7d71fb31f1c52d51725eb3c9f6eee1646a21f5320a59c2c9e208ecfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="kiTarafSe2020.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25561
x-xss-protection
0
server
fife
etag
"v98"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:09:24 GMT
karwa_chauth_png_12.png
sanatanpragya.com/gallery_images/
460 KB
460 KB
Image
General
Full URL
https://sanatanpragya.com/gallery_images/karwa_chauth_png_12.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.83.81.74 , India, ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN),
Reverse DNS
host.gordhan.in
Software
Apache /
Resource Hash
9afa1f36a3092bbf8afac7bdb9461313dff1a077571e30f941a8d37ea4f1b120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 22:32:29 GMT
Last-Modified
Sun, 15 Aug 2021 05:13:08 GMT
Server
Apache
ETag
"72e7b-5c99223eff56e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
470651
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542482550220149
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0948effdc9fd4d41412a1fa726292608ba68da90c963cab6a2b21a13b63879e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Origin
https://karwachauthwishes.robloxstar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49473
x-xss-protection
0
server
cafe
etag
2571533495242432855
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 22:32:28 GMT
kc.png
karwachauthwishes.robloxstar.com/files/
528 KB
532 KB
Image
General
Full URL
https://karwachauthwishes.robloxstar.com/files/kc.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash
574d6ad9ae1f42a077ec9d12000606a87672d03e7e8c7e5b0aca4cca0a2882b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
last-modified
Wed, 12 Oct 2022 23:35:29 GMT
server
Apache
accept-ranges
bytes
content-length
540655
content-type
image/png
c.gif
4.bp.blogspot.com/-_ZpU-nyCpMc/WyNC8YxwrfI/AAAAAAAAAaw/KXfG3ltVcsgu57_M4_Fa7dZEaRVu1EyGACLcBGAs/s1600/
26 KB
27 KB
Image
General
Full URL
https://4.bp.blogspot.com/-_ZpU-nyCpMc/WyNC8YxwrfI/AAAAAAAAAaw/KXfG3ltVcsgu57_M4_Fa7dZEaRVu1EyGACLcBGAs/s1600/c.gif
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e954b4587a76d6b3ea2f52056e19d269e02487579702569f6443ad2eb526c692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 20:21:42 GMT
x-content-type-options
nosniff
age
7846
content-disposition
inline;filename="c.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26849
x-xss-protection
0
server
fife
etag
"v1ad"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 06:48:34 GMT
techbhavesh.png
1.bp.blogspot.com/-d611KgIsh9U/X3gkQzfD5qI/AAAAAAAAAJs/w171oteBnGcT9bOa2gP51s9WK-Has4NawCLcBGAsYHQ/s0/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-d611KgIsh9U/X3gkQzfD5qI/AAAAAAAAAJs/w171oteBnGcT9bOa2gP51s9WK-Has4NawCLcBGAsYHQ/s0/techbhavesh.png
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
17f3f0f474eb23143eaa753171a5a2b96693eca972610c9646fbc953e4e80992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="techbhavesh.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2700
x-xss-protection
0
server
fife
etag
"v9d"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:09:24 GMT
js
www.googletagmanager.com/gtag/
213 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HGR4PJ5HWL
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee9b6d4bbadbcfa89a6ea05b0112b4492fc44696cfcd3b43cb7f585874d14be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 21 Dec 2022 22:32:28 GMT
kananath.js
www.kananath.com/
Redirect Chain
  • https://kananath.com/kananath.js
  • https://www.kananath.com/kananath.js
0
0
Script
General
Full URL
https://www.kananath.com/kananath.js
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Wed, 21 Dec 2022 22:32:29 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKH6nZTqrLkzCSHt5qKRKiCK3QJCXU4RlNgSQRNfrjD1hlKY70dcgblK2TgqEgo5DKQCoyO1rMVJRP46HyW3%2Bbn%2BhnGJz3LCK76HuvWd33FOrofaxRem1BBTXokFHBUD5z5oRmdZfSkUeYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.kananath.com/kananath.js
cache-control
max-age=14400, must-revalidate
cf-ray
77d412eb0b6b9b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
32d76bda14ee5e1dc93bdf36a6d2e46d.gif
i.pinimg.com/originals/32/d7/6b/
467 KB
468 KB
Image
General
Full URL
https://i.pinimg.com/originals/32/d7/6b/32d76bda14ee5e1dc93bdf36a6d2e46d.gif
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19c6f40f8fc45e3ee3af0641b0b4c3d21701802da52b7474df57d909d550faec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-cdn
fastly
etag
"490ea1a230f32b3f53da2e449c65aa73"
vary
Origin
content-type
image/gif
cache-control
max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length
478575
/
karwachauthwishes.robloxstar.com/
38 KB
38 KB
Image
General
Full URL
https://karwachauthwishes.robloxstar.com/
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 23:46:38 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
13116
Snow_falling1.gif
1.bp.blogspot.com/-l0EVRb2fd3Q/WyNAg2N6m6I/AAAAAAAAAag/yA795u9GRJIf-DaE6-UCcWxL_bbdR5rXwCLcBGAs/s1600/
23 KB
23 KB
Image
General
Full URL
https://1.bp.blogspot.com/-l0EVRb2fd3Q/WyNAg2N6m6I/AAAAAAAAAag/yA795u9GRJIf-DaE6-UCcWxL_bbdR5rXwCLcBGAs/s1600/Snow_falling1.gif
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
71c394e2d7b9c3dc5d654080613cd6e4facb04fe5d9e53c036192be2258e1003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Snow_falling1.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23685
x-xss-protection
0
server
fife
etag
"v1aa"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Dec 2022 09:38:57 GMT
/
xn--t1au.io/
0
0

truncated
/
382 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
karwachauthkatha.mp3
karwachauthwishes.robloxstar.com/files/
64 KB
0
Media
General
Full URL
https://karwachauthwishes.robloxstar.com/files/karwachauthkatha.mp3
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-14904374/14904375
date
Wed, 21 Dec 2022 22:32:28 GMT
last-modified
Wed, 12 Oct 2022 23:36:55 GMT
server
Apache
accept-ranges
bytes
Content-Length
14904375
content-type
audio/mpeg
karwachauthstory.mp4
karwachauthwishes.robloxstar.com/files/
80 KB
0
Media
General
Full URL
https://karwachauthwishes.robloxstar.com/files/karwachauthstory.mp4
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-130492862/130492863
date
Wed, 21 Dec 2022 22:32:28 GMT
last-modified
Wed, 12 Oct 2022 23:06:55 GMT
server
Apache
accept-ranges
bytes
Content-Length
130492863
content-type
video/mp4
truncated
/
180 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
354 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
region1.google-analytics.com/g/
0
359 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HGR4PJ5HWL&gtm=2oebu0&_p=483632494&cid=98299462.1671661949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671661948&sct=1&seg=0&dl=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&dt=%F0%9F%99%8F%20%E0%A4%B9%E0%A5%88%E0%A4%AA%E0%A5%8D%E0%A4%AA%E0%A5%80%20%E0%A4%95%E0%A4%B0%E0%A4%B5%E0%A4%BE%20%E0%A4%9A%E0%A5%8C%E0%A4%A5%20%F0%9F%99%8F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGR4PJ5HWL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 22:32:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://karwachauthwishes.robloxstar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/
356 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542482550220149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d92721dd47e5c794fe81b3c561aa285592c507e6516fe181dfbe24f998e8bf8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120024
x-xss-protection
0
server
cafe
etag
17415391616907432565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 22:32:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame EE7F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8542482550220149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:29 GMT
etag
10353107486223812946
expires
Wed, 04 Jan 2023 01:38:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
395 B
698 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=karwachauthwishes.robloxstar.com&callback=_gfp_s_&client=ca-pub-8542482550220149&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a658e5085450eddcca307d1e1ea7a2fc0cbf0ee5a5263ee96e902aa60c69e5e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=karwachauthwishes.robloxstar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=karwachauthwishes.robloxstar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&tn=DIV&id=formBox&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 22:32:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9AAD
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&adk=1812271804&adf=4235265862&lmt=1665618398&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948822&bpp=3&bdt=1465&idt=485&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=862389746739&frm=20&pv=2&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=507
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dd71db4349168ae3c658b1a47a6041164a245501446cf28676545c1bb9854f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
4182
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 22:32:29 GMT
expires
Wed, 21 Dec 2022 22:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 680D
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&h=280&slotname=6877334426&adk=2270106647&adf=3025194257&pi=t.ma~as.6877334426&w=1200&fwrn=4&fwrnh=100&lmt=1665618398&rafmt=1&format=1200x280&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948825&bpp=2&bdt=1468&idt=509&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=862389746739&frm=20&pv=1&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v0m8FOaXjB&p=https%3A//karwachauthwishes.robloxstar.com&dtd=513
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa4d6cb0fee7247c5cfa7f3184a16eacda666f0a1be4b57518a73014e62ff534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 22:32:29 GMT
expires
Wed, 21 Dec 2022 22:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E4DB
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&h=280&slotname=6877334426&adk=2270106647&adf=1573534164&pi=t.ma~as.6877334426&w=1200&fwrn=4&fwrnh=100&lmt=1665618398&rafmt=1&format=1200x280&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948827&bpp=1&bdt=1471&idt=514&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=862389746739&frm=20&pv=1&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Pe5oWZr37E&p=https%3A//karwachauthwishes.robloxstar.com&dtd=516
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
201e897b8c2c4e2ae85e624cf8e2dea982f6d40f373f22dcbee80fef9604b5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 22:32:29 GMT
expires
Wed, 21 Dec 2022 22:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0B41
436 B
238 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542482550220149&output=html&h=280&slotname=6877334426&adk=1291410438&adf=3319664614&pi=t.ma~as.6877334426&w=1200&fwrn=4&fwrnh=100&lmt=1665618398&rafmt=1&format=1200x280&url=https%3A%2F%2Fkarwachauthwishes.robloxstar.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671661948828&bpp=1&bdt=1471&idt=517&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=862389746739&frm=20&pv=1&ga_vid=98299462.1671661949&ga_sid=1671661949&ga_hid=483632494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3051&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071250%2C44779793%2C44780792&oid=2&pvsid=3054922140869572&tmod=1235521206&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=27eBYcxEUi&p=https%3A//karwachauthwishes.robloxstar.com&dtd=518
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36446e35d708dc178a7b4fd7b798d94fa59ee623026148e5f0f1ded025f6f166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 22:32:29 GMT
expires
Wed, 21 Dec 2022 22:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
karwachauthstory.mp4
karwachauthwishes.robloxstar.com/files/
586 KB
587 KB
Media
General
Full URL
https://karwachauthwishes.robloxstar.com/files/karwachauthstory.mp4
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash
13c4152efb2da7d0999636cd555f24e1ac2e656690e6d53611526bb7bcda4b32

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=129892352-

Response headers

Content-Range
bytes 129892352-130492862/130492863
date
Wed, 21 Dec 2022 22:32:29 GMT
last-modified
Wed, 12 Oct 2022 23:06:55 GMT
server
Apache
accept-ranges
bytes
Content-Length
600511
content-type
video/mp4
karwachauthstory.mp4
karwachauthwishes.robloxstar.com/files/
64 KB
0
Media
General
Full URL
https://karwachauthwishes.robloxstar.com/files/karwachauthstory.mp4
Requested by
Host: karwachauthwishes.robloxstar.com
URL: https://karwachauthwishes.robloxstar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.21.59.123 Mumbai, India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-46.webhostbox.net
Software
Apache /
Resource Hash

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=65536-

Response headers

Content-Range
bytes 65536-130492862/130492863
date
Wed, 21 Dec 2022 22:32:30 GMT
last-modified
Wed, 12 Oct 2022 23:06:55 GMT
server
Apache
accept-ranges
bytes
Content-Length
130427327
content-type
video/mp4
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b753c0533961b9d14d942ad0c047cf914ead49ef07bd64b1b7ce79940242666e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11268
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542482550220149&plah=karwachauthwishes.robloxstar.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 22:32:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 654D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
75238
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2231
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7a2d3e5c04ad583b4cd70e549ae52890939c341b19e373969efee991160dac91
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RjLC79aTHPO__JrvzCn03g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwachauthwishes.robloxstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-RjLC79aTHPO__JrvzCn03g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 22:32:31 GMT
expires
Wed, 21 Dec 2022 22:32:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 654D
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2231
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3054922140869572&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 654D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?-oySoA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 22:32:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3054922140869572&bg=!9vWl9bHNAAYgquz3AKo7ACkAdvg8WkuPjsgc-87m70TjkCctfc6yEbPPgIBPWyeI1thaYsruUoXZTAIAAABVUgAAAANoAQeZAvfD0ae07p_bc8vNgOb_KoOxmKeO_rCFA7Frg_YkndpnA3352AxCSVzkw2y8J_Zh4Cc3jhbDh3MGjNdDZWC9TQrHuDu0tOuvq6nhM0w-hkEtCfWxVUXvL20I0FLdrW9H7qR4lKdyW_7B-oaiTDFaRo7Abm5-y9nnN01fuDyLI8W8ZNRlCNXV5eSImHlcNPS15VykBSbfKk4_KJUryKiiOO23fqbnPx9-NoXJXlXBgcjETZTdykcwXc5DNnzx_w4HDmVZP5sn2oE09xxt2dDsFOLouhWRQIUxawKjO5hKF3gNHyXdwz6owwwinCj91N9zbCn69RnqKhucvP2AHQhlPBzBOSUu-KVF_zUs8To71YMgGwKU90Nf25bYQu6AxiOhssRLOGV3PnbqHYGeNsQIHT1KzMftH6CUke9jKtKNGBX5cOuCMghbrP4Vt3LZ8n3E4fpT4Vkw5HlD4DXM9nU24P7lOOY03SUxfH3wVIHErQ7s1auiukCtcBBeWh2DhHSAj1RTXSFXUpo6O32HiBPDcE7Opa_um0TLd8Y0vTGtdb3inJoFE6At6qGQ_WT6IHauHl9Bk2CAjyvpxfHlhjwIBBVIuoXHbKXkE7T97bGmrkzKmeJnfEnjauC1aJbFknWHHxZBr28bbEaBwZeN_CScalmCwEJyMw_4FGwEaBkCHiaw8e3LOuQ8LhtaPC7DZg33PD7eKs51Sb_di1Ax_cFlgANW75plXNMSrjSB3HszkHl2DH6MEKHT54kSZr9sVZLSwOdrRSdlKaFn9HiERDqndqirBn9eR-jdosqTPGYcT7k8TGOplG7QPKwltKBnCsiHFHyCyxjujqEY4PH4LNF5hr2o610DoxUlANQhoQzrCN2kovRX6egQPo_pwUs4HdkB_1wJNPE9YKdBlEWU0WrHUpvUqBeCLQLNsgYuVPZ1_Ojm5p7ZgGFumv4BASQB1s48m1VCxchUNgYjA-JsKFdUtDMgUNj5LQGfR8Yi-eOeQrJ_MSUTTcUeLmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://karwachauthwishes.robloxstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fest-wishes.com
URL
http://fest-wishes.com/slide.js
Domain
xn--t1au.io
URL
https://xn--t1au.io/

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange function| write_fire function| createDiv function| launch function| bang function| stepthrough function| set_width number| bits number| speed number| bangs object| colours object| bangheight object| intensity object| colour object| Xpos object| Ypos object| dX object| dY object| stars object| decay number| swide number| shigh object| boddie function| $ function| jQuery function| tag function| meta object| AMP object| adsbygoogle function| jqs function| checkName function| createGreeting function| shareActionWA number| countDownDate number| x function| gtag object| dataLayer boolean| $curtainopen object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.robloxstar.com/ Name: _ga_HGR4PJ5HWL
Value: GS1.1.1671661948.1.0.1671661948.0.0.0
.robloxstar.com/ Name: _ga
Value: GA1.1.98299462.1671661949
.robloxstar.com/ Name: __gads
Value: ID=b040d7aa60f467dd-220c1c604cda00ba:T=1671661949:RT=1671661949:S=ALNI_MYmip3cX0tXFBtRfjHDDL4KJtakew
.robloxstar.com/ Name: __gpi
Value: UID=00000b95d6335550:T=1671661949:RT=1671661949:S=ALNI_MZ9jCN2nkNj2miK04C1D__13L7yfg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

8 Console Messages

Source Level URL
Text
javascript warning URL: https://karwachauthwishes.robloxstar.com/(Line 281)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--c1a8a.io/1/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://karwachauthwishes.robloxstar.com/(Line 281)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--c1a8a.io/1/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://karwachauthwishes.robloxstar.com/slide.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://karwachauthwishes.robloxstar.com/
Message:
Mixed Content: The page at 'https://karwachauthwishes.robloxstar.com/' was loaded over HTTPS, but requested an insecure script 'http://fest-wishes.com/slide.js'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://karwachauthwishes.robloxstar.com/(Line 827)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--t1au.io/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://karwachauthwishes.robloxstar.com/(Line 827)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--t1au.io/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://xn--t1au.io/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.kananath.com/kananath.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
cdnjs.cloudflare.com
fest-wishes.com
fonts.googleapis.com
googleads.g.doubleclick.net
i.pinimg.com
kananath.com
karwachauthwishes.robloxstar.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
sanatanpragya.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.kananath.com
xn--c1a8a.io
xn--t1au.io
fest-wishes.com
xn--t1au.io
103.21.59.123
103.83.81.74
2001:4860:4802:34::36
2606:4700:3033::6815:124f
2606:4700::6811:180e
2a00:1450:4001:800::2008
2a00:1450:4001:802::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:400d:802::2002
2a00:1450:400d:808::2001
2a00:1450:400d:80c::2004
2a00:1450:400d:80d::2002
2a04:4e42:41::84
2a06:98c1:3120::c
0948effdc9fd4d41412a1fa726292608ba68da90c963cab6a2b21a13b63879e4
13c4152efb2da7d0999636cd555f24e1ac2e656690e6d53611526bb7bcda4b32
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17f3f0f474eb23143eaa753171a5a2b96693eca972610c9646fbc953e4e80992
19c6f40f8fc45e3ee3af0641b0b4c3d21701802da52b7474df57d909d550faec
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
201e897b8c2c4e2ae85e624cf8e2dea982f6d40f373f22dcbee80fef9604b5e1
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
35738a807a056984efb272135c08fca672ecc43d06c6f05b62597bc0995689f5
36446e35d708dc178a7b4fd7b798d94fa59ee623026148e5f0f1ded025f6f166
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37f6ae60595a0d47a07f29de8025c7f9023ede6b23230df0af72a9698c7ca849
4dd0a151b52069e9f89e843024dd87415603c08a124eee9cf651873458b294d5
5038beaa7d71fb31f1c52d51725eb3c9f6eee1646a21f5320a59c2c9e208ecfd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574d6ad9ae1f42a077ec9d12000606a87672d03e7e8c7e5b0aca4cca0a2882b5
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5dd71db4349168ae3c658b1a47a6041164a245501446cf28676545c1bb9854f7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71c394e2d7b9c3dc5d654080613cd6e4facb04fe5d9e53c036192be2258e1003
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7a2d3e5c04ad583b4cd70e549ae52890939c341b19e373969efee991160dac91
85ff8a3833c82f1d9da148cc49e92e4cdc56359b4349daa0e6abdd09fe0ec5b2
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9afa1f36a3092bbf8afac7bdb9461313dff1a077571e30f941a8d37ea4f1b120
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658e5085450eddcca307d1e1ea7a2fc0cbf0ee5a5263ee96e902aa60c69e5e8
b328f61283d5524da3e128fea59ba6cdd1e12956f52e6d1eb0711f8631834353
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b5826beeca03c7f9cf538df2874f5182a7c8719128b008527831d86b85e97fbb
b753c0533961b9d14d942ad0c047cf914ead49ef07bd64b1b7ce79940242666e
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8dac2deaa3aec291b2e13699248c2f645012c957c034a5f193ecea83025379b
d92721dd47e5c794fe81b3c561aa285592c507e6516fe181dfbe24f998e8bf8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e954b4587a76d6b3ea2f52056e19d269e02487579702569f6443ad2eb526c692
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ee9b6d4bbadbcfa89a6ea05b0112b4492fc44696cfcd3b43cb7f585874d14be5
fa4d6cb0fee7247c5cfa7f3184a16eacda666f0a1be4b57518a73014e62ff534