facebook-kiwami.com Open in urlscan Pro
157.112.145.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://facebook-kiwami.com/
Submission Tags: @phishunt_io
Submission: On September 02 via api (September 2nd 2021, 3:31:29 am UTC) from DE

Summary HTTP 133 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 13 domains to perform 133 HTTP transactions. The main IP is 157.112.145.105, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is facebook-kiwami.com.
TLS certificate: Issued by R3 on September 1st 2021. Valid for: 3 months.

This is the only time facebook-kiwami.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	157.112.145.105 157.112.145.105	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
1	76.223.26.175 76.223.26.175	16509 (AMAZON-02) (AMAZON-02)
1 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
133	27

41 157.112.145.105 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: cloud4.wpx.ne.jp

facebook-kiwami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Gelsenkirchen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)

ad.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.26.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com

de1-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	facebook-kiwami.com facebook-kiwami.com	3 MB
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	511 KB
22	doubleclick.net 1 redirects googleads.g.doubleclick.net ad.doubleclick.net	129 KB
8	gstatic.com fonts.gstatic.com	124 KB
7	google.com 4 redirects adservice.google.com www.google.com	919 B
5	googletagservices.com www.googletagservices.com	175 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
4	adsrvr.org 1 redirects ad.adsrvr.org de1-bid.adsrvr.org match.adsrvr.org	230 KB
2	google.de adservice.google.de	287 B
2	google-analytics.com www.google-analytics.com	19 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	tchibo.se tagm.tchibo.se	1 KB
1	googleadservices.com partner.googleadservices.com	265 B
133	13

	Domain	Requested by
41	facebook-kiwami.com	facebook-kiwami.com
30	tpc.googlesyndication.com	googleads.g.doubleclick.net facebook-kiwami.com tpc.googlesyndication.com pagead2.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com facebook-kiwami.com googleads.g.doubleclick.net www.googletagservices.com
9	pagead2.googlesyndication.com	facebook-kiwami.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	facebook-kiwami.com googleads.g.doubleclick.net
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	match.adsrvr.org	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	facebook-kiwami.com www.google-analytics.com
1	de1-bid.adsrvr.org	googleads.g.doubleclick.net
1	ad.adsrvr.org	googleads.g.doubleclick.net
1	tagm.tchibo.se	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	facebook-kiwami.com
1	stats.wp.com	facebook-kiwami.com
1	ajax.googleapis.com	facebook-kiwami.com
133	20

This site contains no links.

Subject Issuer	Validity	Valid
www.facebook-kiwami.com R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tagm.tchibo.se AlphaSSL CA - SHA256 - G2	`2020-10-08` - `2021-11-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://facebook-kiwami.com/
Frame ID: 631D5CD600872564BA8333ED8C854CFB
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html
Frame ID: 5CE44C89FD9DCD283809C4A264AE19F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&adk=1812271804&adf=3025194257&lmt=1630553468&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffacebook-kiwami.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468599&bpp=5&bdt=1137&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4002813999305&frm=20&pv=2&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
Frame ID: 06FA06DC96B38D85D09E8DF65252366A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160
Frame ID: DB0640BF76E8E4B810B693CA7DCBC43E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
Frame ID: 320565513AE955C0D356A0524B55E0B0
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=280&slotname=3154048351&adk=349515542&adf=1784787236&pi=t.ma~as.3154048351&w=634&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=634x280&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468608&bpp=2&bdt=1146&idt=169&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKNa3zwzOR&p=https%3A//facebook-kiwami.com&dtd=172
Frame ID: 4E9BA48F37304E55BA5BF4BAC1BB5704
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=250&slotname=9144741633&adk=1392859910&adf=3966419046&pi=t.ma~as.9144741633&w=310&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468644&bpp=2&bdt=1182&idt=140&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287%2C634x280&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=auoPlhTYVj&p=https%3A//facebook-kiwami.com&dtd=143
Frame ID: EA0F1C1FA77DD2EF68B691420B6A2131
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html
Frame ID: 045382655FD51213BFB2654C2214E83A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CDrnHfEUwYZzWMY6F7gOtuo6ACLnz7p9k5srZiPsN6ZHZt_EhEAEgv8jHHmCVAqABouTS-QLIAQmpAu6r0YGC3bM-qAMByANIqgTeAU_Q5BrFIMa_DSqQE4g-1OWvtkpp3nL3guMKNO29uce0iZoOytBROzD_-f4R9lYMHB30XZEvub9YLTIRkjoV4wvWb_29Mtt9_V5OizDbMeXjrmqK_cgmr-IZLxUE5A5QmcqBNDibTsZ_JSIBLRrJYuz9bLZN1PBtSvPCOzV8KWpPb1TsYsyB_DXMQCnc5N4jxZ3k0z60ilRpm9Vr9gZYllbB73ZR-98lOaIMVhH_bFVbKs_hEjBr2POOeudhQpSs8fSUHvV52voLT-OQ0zt1rpYALQbtsrIkkOaTBoWPZMAExcGjvqcDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8abrYYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHAxCkftIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02NjIxNzUzNTMyNTU1NDMyGAA&sigh=7f5FL3FQ-W8&template_id=419
Frame ID: D5728891B1403D8A05AA8AE064A656B3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2AF65025599DB815F8764F1AAB799844
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2DD7E52D2D32F2710879045CE8381E09
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7B624F32E12111BB26D4725E1B20BC61
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Frame ID: D3AE50C64ABEAD03ACE58B9408F30E9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A2407E3338AA74DCA5BBCF33F06EF299
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Frame ID: 07BBD0D31A49371C3EDDF3DCD74CE0ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C78953B0C07518D2A56C691ACEE50E65
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5986769C22DD32AD22324AD5DC6D8E3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebookの極み〜使い方・裏技・小ネタ大全〜 | Facebookの使い方や裏技などについて取り上げています。

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

133
Requests

100 %
HTTPS

68 %
IPv6

13
Domains

20
Subdomains

27
IPs

3
Countries

4462 kB
Transfer

6130 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 120

https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1

Request Chain 121

https://ad.doubleclick.net/ddm/trackimp/N1549806.422087PLISTAGMBH/B26137803.312251865;dc_trk_aid=504833006;dc_trk_cid=156914295;ord=838597;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1549806.422087PLISTAGMBH/B26137803.312251865;dc_pre=CIG_44Kt3_ICFRI34AodAgoPgQ;dc_trk_aid=504833006;dc_trk_cid=156914295;ord=838597;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

133 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
facebook-kiwami.com/ 32 KB
9 KB 1366ms
507ms Document
text/html 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: dd58f343c8d319ebbb93fc737854378485c81fa7623758f222b8a94a2f31a025

Request headers

:method: GET
:authority: facebook-kiwami.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://facebook-kiwami.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/6W41v>; rel=shortlink
x-cache-status: BYPASS
x-ua-device: pc
content-encoding: gzip

GET
H2 200 style.min.css
facebook-kiwami.com/wp-includes/css/dist/block-library/ 53 KB
10 KB 299ms
294ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 20:33:57 GMT
etag: W/"d293-5ae46703db0db"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 styles.css
facebook-kiwami.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
952 B 299ms
294ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:25:51 GMT
etag: W/"780-5ad6ee90fb4f9"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 style.css
facebook-kiwami.com/wp-content/uploads/pz-linkcard/ 6 KB
2 KB 299ms
295ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/uploads/pz-linkcard/style.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 0bc5ce7005fe75c07bc4b8338d46455f94f6e1156722fff8625847944fb8f7b6

Request headers

:path: /wp-content/uploads/pz-linkcard/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:27:22 GMT
etag: W/"199b-5ad6eee805c7b"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 style.php
facebook-kiwami.com/wp-content/plugins/st-kaiwa/assets/css/ 19 KB
2 KB 637ms
632ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/st-kaiwa/assets/css/style.php
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: f510db5457fd9c445218df9a3ec3c3eb70657710f7ece589c277d0c36ace7c0f

Request headers

:path: /wp-content/plugins/st-kaiwa/assets/css/style.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ua-device: pc
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 wpp.css
facebook-kiwami.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 1 KB
756 B 300ms
295ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:26:45 GMT
etag: W/"5e5-5ad6eec4ad326"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 style.css
facebook-kiwami.com/wp-content/themes/sango-theme/ 77 KB
23 KB 300ms
296ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/style.css?ver15
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 5a69c04798699979eca58aa03f3c93430284f9fdc7ff72bca514355184785811

Request headers

:path: /wp-content/themes/sango-theme/style.css?ver15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:17 GMT
etag: W/"13209-57a2afe56014d"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 entry-option.css
facebook-kiwami.com/wp-content/themes/sango-theme/ 43 KB
11 KB 300ms
296ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/entry-option.css?ver15
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: e2b6f883d3afb02c3b200f0302d9fae01f0919a3a7202933625e24b3cf300e8a

Request headers

:path: /wp-content/themes/sango-theme/entry-option.css?ver15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:17 GMT
etag: W/"ac05-57a2afe55fd65"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 poripu-style.css
facebook-kiwami.com/wp-content/themes/sango-theme-poripu/ 41 KB
9 KB 300ms
296ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme-poripu/poripu-style.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 08bdf159b52666fc97ab30f6fee53621346dc0ea9302dc5edfa3d83eb9e564ee

Request headers

:path: /wp-content/themes/sango-theme-poripu/poripu-style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:44 GMT
etag: W/"a218-57a2afff2d4e3"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 style.css
facebook-kiwami.com/wp-content/themes/sango-theme-poripu/ 917 B
1 KB 300ms
296ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme-poripu/style.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: bf6d818a189b36e4cae7e9fc0a13c6558f1ae713185fabb24031df0d1a533114

Request headers

:path: /wp-content/themes/sango-theme-poripu/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
last-modified: Thu, 08 Nov 2018 17:59:44 GMT
etag: "395-57a2afff2d8cb"
x-cache-status: BYPASS
content-type: text/css
x-ua-device: pc
accept-ranges: bytes
content-length: 917

GET
H2 200 ofi.css
facebook-kiwami.com/wp-content/themes/sango-theme-poripu/library/css/ 106 B
274 B 634ms
630ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme-poripu/library/css/ofi.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 8c86f7ae44857ebefeb919e1b53e7c28f0322d9d972b406fad9eae39222e7394

Request headers

:path: /wp-content/themes/sango-theme-poripu/library/css/ofi.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
last-modified: Thu, 08 Nov 2018 17:59:44 GMT
etag: "6a-57a2afff286c3"
x-cache-status: BYPASS
content-type: text/css
x-ua-device: pc
accept-ranges: bytes
content-length: 106

GET
H2 200 amazonjs.css
facebook-kiwami.com/wp-content/plugins/amazonjs/css/ 2 KB
952 B 634ms
630ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/amazonjs/css/amazonjs.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 3a03881d88437511e4ad027306b3fb17de46f7c81a0411faf13b857b09a1d1db

Request headers

:path: /wp-content/plugins/amazonjs/css/amazonjs.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:25:37 GMT
etag: W/"9ff-5ad6ee83381e1"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 default.min.css
facebook-kiwami.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 634ms
630ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/tablepress/css/default.min.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

:path: /wp-content/plugins/tablepress/css/default.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:26:29 GMT
etag: W/"13e4-5ad6eeb563dde"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 skin-standard.css
facebook-kiwami.com/wp-content/plugins/wp-associate-post-r2/css/ 8 KB
2 KB 634ms
631ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/wp-associate-post-r2/css/skin-standard.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: a87c1c11d9d3af7fe9419153b9a1b231f8879c701b70ec793ef425dad0fa4a63

Request headers

:path: /wp-content/plugins/wp-associate-post-r2/css/skin-standard.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:26:47 GMT
etag: W/"1e5e-5ad6eec6a5d5d"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 css
fonts.googleapis.com/ 2 KB
542 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand%3A500%2C700

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea7999a32f1de1d57d22ceba7a9229b7bbdbde8eea4583ce332a43fe63413a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 03:31:07 GMT
server: ESF
date: Thu, 02 Sep 2021 03:31:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Sep 2021 03:31:07 GMT

GET
H2 200 font-awesome.min.css
facebook-kiwami.com/wp-content/themes/sango-theme/library/fontawesome/css/ 30 KB
8 KB 634ms
631ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/fontawesome/css/font-awesome.min.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path: /wp-content/themes/sango-theme/library/fontawesome/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:17 GMT
etag: W/"7918-57a2afe55650d"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 rippler.min.css
facebook-kiwami.com/wp-content/themes/sango-theme/library/ripple/ 1 KB
667 B 634ms
631ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/ripple/rippler.min.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 82c5a353a20ad78944a065dfe1f81d0503521f10d06a761df55e632fb250b962

Request headers

:path: /wp-content/themes/sango-theme/library/ripple/rippler.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:17 GMT
etag: W/"5de-57a2afe55ca9d"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 jetpack.css
facebook-kiwami.com/wp-content/plugins/jetpack/css/ 75 KB
17 KB 634ms
631ms Stylesheet
text/css 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/jetpack/css/jetpack.css
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 9cc6b5e3ec2f0a35a4b83aa1875b46adcd16f96f0f54251ef535834fe319668a

Request headers

:path: /wp-content/plugins/jetpack/css/jetpack.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 08:28:23 GMT
etag: W/"12be4-5c3d85bbd019d"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: text/css
x-ua-device: pc

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:02:15 GMT

GET
H2 200 wpp.min.js Show response
facebook-kiwami.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
1 KB 634ms
631ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:26:45 GMT
etag: W/"a3a-5ad6eec4af64e"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 ofi.min.js Show response
facebook-kiwami.com/wp-content/themes/sango-theme-poripu/library/js/ 3 KB
2 KB 634ms
632ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme-poripu/library/js/ofi.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 126efbcdc48a9eef57a0de949224a0ba971cd391e759ef1bd79520571b731de1

Request headers

:path: /wp-content/themes/sango-theme-poripu/library/js/ofi.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:44 GMT
etag: W/"cd5-57a2afff2b98b"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 prp-ofi.js Show response
facebook-kiwami.com/wp-content/themes/sango-theme-poripu/library/js/ 28 B
205 B 634ms
631ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme-poripu/library/js/prp-ofi.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 82729d2a91f9fd991da671cac1c057741259f9cc8a85b96f91dc26d98f250d86

Request headers

:path: /wp-content/themes/sango-theme-poripu/library/js/prp-ofi.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
last-modified: Thu, 08 Nov 2018 17:59:44 GMT
etag: "1c-57a2afff2b98b"
x-cache-status: BYPASS
content-type: application/javascript
x-ua-device: pc
accept-ranges: bytes
content-length: 28

GET
H2 200 modernizr.custom.min.js Show response
facebook-kiwami.com/wp-content/themes/sango-theme/library/js/ 15 KB
7 KB 634ms
632ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/js/modernizr.custom.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa

Request headers

:path: /wp-content/themes/sango-theme/library/js/modernizr.custom.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:17 GMT
etag: W/"3b16-57a2afe55bee5"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ca3e284c54b48858e8c7c2cd728605f01b700bac501f72e6bc64da80056c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49570
x-xss-protection: 0
server: cafe
etag: 15245715175060219534
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 03:31:08 GMT

GET
H2 200 1_Primary_logo_on_transparent_402x75.png
facebook-kiwami.com/wp-content/uploads/2016/04/ 21 KB
21 KB 294ms
291ms Image
image/png 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2016/04/1_Primary_logo_on_transparent_402x75.png
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 4a3259567828beb6ad5248a9b1aef7f95ff0eb9fd58c6524df178a276de82e2d

Request headers

:path: /wp-content/uploads/2016/04/1_Primary_logo_on_transparent_402x75.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Tue, 19 Apr 2016 09:09:49 GMT
etag: "520a-530d2d6d6be1a"
x-cache-status: BYPASS
content-type: image/png
x-ua-device: pc
accept-ranges: bytes
content-length: 21002

GET
H2 200 hacker_1542382273.jpg
facebook-kiwami.com/wp-content/uploads/2018/11/ 214 KB
215 KB 296ms
292ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2018/11/hacker_1542382273.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 11e8da9c7d9d5b0c7d749a72347b1e0e897cdfe721cb4bc503e4594063ed9045

Request headers

:path: /wp-content/uploads/2018/11/hacker_1542382273.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Fri, 16 Nov 2018 15:31:13 GMT
etag: "358e5-57ac9db7dc482"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 219365

GET
H2 200 shutterstock_384026797.jpg
facebook-kiwami.com/wp-content/uploads/2017/10/ 77 KB
77 KB 298ms
294ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/10/shutterstock_384026797.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: a38a0701bd69d4d9ee08f38b430227d679ff7c59d62459cee922f552f28727b7

Request headers

:path: /wp-content/uploads/2017/10/shutterstock_384026797.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Tue, 03 Oct 2017 00:09:28 GMT
etag: "13291-55a994e04a41f"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 78481

GET
H2 200 shutterstock_293759954.jpg
facebook-kiwami.com/wp-content/uploads/2017/10/ 528 KB
528 KB 583ms
579ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/10/shutterstock_293759954.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 8cc7d9e82a91c42266ba98be8d5e8457488b592dd9f589f58f2e9cc643790083

Request headers

:path: /wp-content/uploads/2017/10/shutterstock_293759954.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Wed, 04 Oct 2017 09:59:39 GMT
etag: "83eec-55ab5aa7e34ec"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 540396

GET
H2 200 shutterstock_428739817.jpg
facebook-kiwami.com/wp-content/uploads/2017/10/ 318 KB
318 KB 583ms
580ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/10/shutterstock_428739817.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 00e689f1595c7a46f94297991536079601d2b69f0d3d54afe5b0cb61970e44fc

Request headers

:path: /wp-content/uploads/2017/10/shutterstock_428739817.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Tue, 03 Oct 2017 00:10:53 GMT
etag: "4f643-55a99530f467a"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 325187

GET
H2 200 shutterstock_253518619.jpg
facebook-kiwami.com/wp-content/uploads/2017/05/ 662 KB
663 KB 583ms
580ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/05/shutterstock_253518619.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 9fee3068a1b220e2cbbb03517fdaa499458012ad32fee4a4cf04cd949ae326e9

Request headers

:path: /wp-content/uploads/2017/05/shutterstock_253518619.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Fri, 12 May 2017 05:13:14 GMT
etag: "a57c5-54f4cc32b17f2"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 677829

GET
H2 200 shutterstock_226959178.jpg
facebook-kiwami.com/wp-content/uploads/2017/05/ 753 KB
754 KB 586ms
583ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/05/shutterstock_226959178.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 9581d8e4ff9f05a8f26b46ac10d976488c7faf44720f00cd24497d826e7d1b71

Request headers

:path: /wp-content/uploads/2017/05/shutterstock_226959178.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Fri, 12 May 2017 10:17:56 GMT
etag: "bc32e-54f5104e55e62"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 770862

GET
H2 200 shutterstock_542946187.jpg
facebook-kiwami.com/wp-content/uploads/2017/09/ 58 KB
58 KB 586ms
583ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/09/shutterstock_542946187.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 4abca85f333b293f68833f495298aaca87a1cbd440379d93768ea3cd419c96df

Request headers

:path: /wp-content/uploads/2017/09/shutterstock_542946187.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Thu, 11 May 2017 11:53:54 GMT
etag: "e675-54f3e3e400953"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 58997

GET
H2 200 2017-05-09_084314.png
facebook-kiwami.com/wp-content/uploads/2017/05/ 66 KB
66 KB 586ms
584ms Image
image/png 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/05/2017-05-09_084314.png
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: f370459f2fc6feedbcca67e0fee404720d5ad0afa1ba7b2585f9834b8978df2c

Request headers

:path: /wp-content/uploads/2017/05/2017-05-09_084314.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Mon, 08 May 2017 23:43:29 GMT
etag: "10729-54f0bce6320e6"
x-cache-status: BYPASS
content-type: image/png
x-ua-device: pc
accept-ranges: bytes
content-length: 67369

GET
H2 200 shutterstock_404506177.jpg
facebook-kiwami.com/wp-content/uploads/2017/05/ 276 KB
277 KB 586ms
583ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/05/shutterstock_404506177.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 3bb1ec7c061713f44bf35840d4a9b600dbf95056249c5c366a0e182a52abf68d

Request headers

:path: /wp-content/uploads/2017/05/shutterstock_404506177.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Tue, 09 May 2017 12:22:12 GMT
etag: "45088-54f1667cac979"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 282760

GET
H2 200 shutterstock_369995447.jpg
facebook-kiwami.com/wp-content/uploads/2017/05/ 57 KB
57 KB 589ms
586ms Image
image/jpeg 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facebook-kiwami.com/wp-content/uploads/2017/05/shutterstock_369995447.jpg
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 9b8ba81a9c41755a218f8405fb9ac8cecaff8c2dd04691625bb1beeb27575ad3

Request headers

:path: /wp-content/uploads/2017/05/shutterstock_369995447.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Tue, 09 May 2017 00:22:35 GMT
etag: "e474-54f0c5a4094b0"
x-cache-status: BYPASS
content-type: image/jpeg
x-ua-device: pc
accept-ranges: bytes
content-length: 58484

GET
H2 200 scripts.js Show response
facebook-kiwami.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 292ms
291ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:25:51 GMT
etag: W/"3719-5ad6ee90fef91"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 front.min.js Show response
facebook-kiwami.com/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 292ms
291ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path: /wp-content/plugins/table-of-contents-plus/front.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:26:27 GMT
etag: W/"17cb-5ad6eeb35d117"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 jquery.optimum-lazy-load.min.js Show response
facebook-kiwami.com/wp-content/plugins/unveil-lazy-load/js/ 614 B
792 B 294ms
290ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/unveil-lazy-load/js/jquery.optimum-lazy-load.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: f496e07103d16733e37931c80067cabde1102e631ddf431642247c50f813c176

Request headers

:path: /wp-content/plugins/unveil-lazy-load/js/jquery.optimum-lazy-load.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Sat, 14 Nov 2015 01:55:26 GMT
etag: "266-524767846d4d1"
x-cache-status: BYPASS
content-type: application/javascript
x-ua-device: pc
accept-ranges: bytes
content-length: 614

GET
H2 200 ofi.min.js Show response
facebook-kiwami.com/wp-content/plugins/wp-associate-post-r2/js/ 3 KB
2 KB 296ms
292ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/wp-associate-post-r2/js/ofi.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 2319bf626b545c1409f7cb8ba5496d22ca2438c2206a1b9b6be28ccd98a004ef

Request headers

:path: /wp-content/plugins/wp-associate-post-r2/js/ofi.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
last-modified: Sat, 22 Aug 2020 03:26:47 GMT
etag: W/"d82-5ad6eec6a8c3d"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 common.js Show response
facebook-kiwami.com/wp-content/plugins/wp-associate-post-r2/js/ 338 B
516 B 294ms
291ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/plugins/wp-associate-post-r2/js/common.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: fce4c5386621632428fdff385296f42710c3a3a0403427b204521d3224b8bc10

Request headers

:path: /wp-content/plugins/wp-associate-post-r2/js/common.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Sat, 22 Aug 2020 03:26:47 GMT
etag: "152-5ad6eec6a8c3d"
x-cache-status: BYPASS
content-type: application/javascript
x-ua-device: pc
accept-ranges: bytes
content-length: 338

GET
H2 200 jquery.rippler.js Show response
facebook-kiwami.com/wp-content/themes/sango-theme/library/ripple/ 6 KB
2 KB 295ms
291ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/ripple/jquery.rippler.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 3badbf163f2abd239e28cb6122361cb65d9dc730ea2772533f4d13b437d76f9f

Request headers

:path: /wp-content/themes/sango-theme/library/ripple/jquery.rippler.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 17:59:17 GMT
etag: W/"19bf-57a2afe55ca9d"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 wp-embed.min.js Show response
facebook-kiwami.com/wp-includes/js/ 1 KB
959 B 295ms
291ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-includes/js/wp-embed.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 08:27:23 GMT
etag: W/"592-5bffea1f9bb6a"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H2 200 e-202135.js Show response
stats.wp.com/ 9 KB
3 KB 127ms
41ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202135.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 21 Aug 2022 23:08:08 GMT

GET
H2 200 wp-emoji-release.min.js Show response
facebook-kiwami.com/wp-includes/js/ 14 KB
5 KB 589ms
586ms Script
application/javascript 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 08:27:23 GMT
etag: W/"3795-5bffea1f9bf52"
x-cache-status: BYPASS
vary: Accept-Encoding
content-type: application/javascript
x-ua-device: pc

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 7129
date: Thu, 02 Sep 2021 01:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 02 Sep 2021 03:32:19 GMT

GET
H2 200 fontawesome-webfont.woff2
facebook-kiwami.com/wp-content/themes/sango-theme/library/fontawesome/fonts/ 75 KB
76 KB 587ms
586ms Font
application/octet-stream 157.112.145.105
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/fontawesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.112.145.105 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: cloud4.wpx.ne.jp
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/sango-theme/library/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://facebook-kiwami.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: facebook-kiwami.com
referer: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/fontawesome/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://facebook-kiwami.com
Referer: https://facebook-kiwami.com/wp-content/themes/sango-theme/library/fontawesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
last-modified: Thu, 08 Nov 2018 17:59:17 GMT
etag: "12d68-57a2afe557895"
x-cache-status: BYPASS
content-type: application/octet-stream
x-ua-device: pc
accept-ranges: bytes
content-length: 77160

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v24/ 25 KB
25 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://facebook-kiwami.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 19:51:14 GMT
x-content-type-options: nosniff
age: 27594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25700
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 18:17:05 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 19:51:14 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 12ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1746461595&t=pageview&_s=1&dl=https%3A%2F%2Ffacebook-kiwami.com%2F&ul=en-us&de=UTF-8&dt=Facebook%E3%81%AE%E6%A5%B5%E3%81%BF%20%E3%80%9C%E4%BD%BF%E3%81%84%E6%96%B9%E3%83%BB%E8%A3%8F%E6%8A%80%E3%83%BB%E5%B0%8F%E3%83%8D%E3%82%BF%E5%A4%A7%E5%85%A8%E3%80%9C%20%7C%20Facebook%E3%81%AE%E4%BD%BF%E3%81%84%E6%96%B9%E3%82%84%E8%A3%8F%E6%8A%80%E3%81%AA%E3%81%A9%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E5%8F%96%E3%82%8A%E4%B8%8A%E3%81%92%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=381495322&gjid=266851554&cid=1579931297.1630553469&tid=UA-81135314-7&_gid=2073833063.1630553469&_r=1&_slc=1&z=84878628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://facebook-kiwami.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ 250 KB
93 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6621753532555432&plah=facebook-kiwami.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95226
x-xss-protection: 0
server: cafe
etag: 17201458395757084847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 03:31:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/ Frame 5CE4 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210830/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Sep 2021 12:45:30 GMT
expires: Wed, 15 Sep 2021 12:45:30 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 53138
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 42ms
41ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.8.3&blog=102496509&post=0&tz=9&srv=facebook-kiwami.com&host=facebook-kiwami.com&ref=&fcp=2547&rand=0.4935894372774836
Requested by: Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
265 B 46ms
46ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=facebook-kiwami.com&callback=_gfp_s_&client=ca-pub-6621753532555432

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6621753532555432&plah=facebook-kiwami.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ebe8dea36ada75445ab05dfdb5b5aa248ad49d85e3d907929843ac47e88c34a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=facebook-kiwami.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=facebook-kiwami.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06FA 21 KB
5 KB 543ms
541ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&adk=1812271804&adf=3025194257&lmt=1630553468&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffacebook-kiwami.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468599&bpp=5&bdt=1137&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4002813999305&frm=20&pv=2&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42a68f704f17fcbb3f7164daffef75ff1584c8382ab6c9da7ed42d17be53a45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6621753532555432&output=html&adk=1812271804&adf=3025194257&lmt=1630553468&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffacebook-kiwami.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468599&bpp=5&bdt=1137&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4002813999305&frm=20&pv=2&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Sep 2021 03:31:09 GMT
server: cafe
content-length: 5218
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Sep-2021 03:46:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Thu, 02 Sep 2021 03:31:08 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB06 96 KB
30 KB 467ms
466ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8d02beb10aba77e9255c788b3c2d89d3483eea18e7cded116ca5763fc4d1e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Sep 2021 03:31:09 GMT
server: cafe
content-length: 31088
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Sep-2021 03:46:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3205 70 KB
20 KB 636ms
635ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6bdf7fcbd3c94d2a42fb986dbdd171e515fd76a6afa0d94536e3de5005efc09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Sep 2021 03:31:09 GMT
server: cafe
content-length: 20459
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Sep-2021 03:46:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E9B 91 KB
28 KB 515ms
514ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=280&slotname=3154048351&adk=349515542&adf=1784787236&pi=t.ma~as.3154048351&w=634&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=634x280&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468608&bpp=2&bdt=1146&idt=169&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKNa3zwzOR&p=https%3A//facebook-kiwami.com&dtd=172

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d168ee09cbdc7bc2844cd17a8b0206ce16dc14025672b2714a0df068e192720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6621753532555432&output=html&h=280&slotname=3154048351&adk=349515542&adf=1784787236&pi=t.ma~as.3154048351&w=634&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=634x280&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468608&bpp=2&bdt=1146&idt=169&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKNa3zwzOR&p=https%3A//facebook-kiwami.com&dtd=172
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Sep 2021 03:31:09 GMT
server: cafe
content-length: 28246
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Sep-2021 03:46:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=facebook-kiwami.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=facebook-kiwami.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 03:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA0F 132 KB
41 KB 442ms
441ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=250&slotname=9144741633&adk=1392859910&adf=3966419046&pi=t.ma~as.9144741633&w=310&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468644&bpp=2&bdt=1182&idt=140&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287%2C634x280&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=auoPlhTYVj&p=https%3A//facebook-kiwami.com&dtd=143

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edd19187af39f75913ba3cfd12676b3e3f12accb62ce6d740bcdcafaffeba651

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJyEr4Kt3_ICFY6CewodLZ0DgA&gqi=fEUwYev_MIuWx_APzYq38AI&layout=/sadbundle/%24csp%253Der3%24/16969535942247343020/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6621753532555432&output=html&h=250&slotname=9144741633&adk=1392859910&adf=3966419046&pi=t.ma~as.9144741633&w=310&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468644&bpp=2&bdt=1182&idt=140&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287%2C634x280&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=auoPlhTYVj&p=https%3A//facebook-kiwami.com&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJyEr4Kt3_ICFY6CewodLZ0DgA&gqi=fEUwYev_MIuWx_APzYq38AI&layout=/sadbundle/%24csp%253Der3%24/16969535942247343020/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Sep 2021 03:31:09 GMT
server: cafe
content-length: 41727
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Sep-2021 03:46:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame EA0F 67 B
196 B 8ms
5ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=250&slotname=9144741633&adk=1392859910&adf=3966419046&pi=t.ma~as.9144741633&w=310&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468644&bpp=2&bdt=1182&idt=140&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287%2C634x280&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=auoPlhTYVj&p=https%3A//facebook-kiwami.com&dtd=143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:19:04 GMT
x-content-type-options: nosniff
server: cafe
age: 40325
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Thu, 02 Sep 2021 16:19:04 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame DB06 6 KB
668 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 03:03:09 GMT
server: ESF
date: Thu, 02 Sep 2021 03:31:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DB06 31 KB
12 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8397158285a8d2f46833b98e8a1c150bb0231fffcd22ff22c7fab650afc0b922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 00:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12715
x-xss-protection: 0
server: cafe
etag: 16890462019002884935
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 00:22:54 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9075113473240103049/ Frame DB06 13 KB
13 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9075113473240103049/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7237f9bcc52685fce66f75957df9032518c59b09ba0bb077e6d69ec65470194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 14:43:17 GMT
x-content-type-options: nosniff
age: 218872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13454
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 15:28:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Aug 2022 14:43:17 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame DB06 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:44:37 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DB06 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:26:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB06 122 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DB06 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:54:17 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 0453 65 KB
17 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2b6b2ad63a3bc5d0aa508fb167895565cc4dad4646b6052ed3e55707e728d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16969535942247343020/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 28 Aug 2021 20:17:19 GMT
expires: Sun, 28 Aug 2022 20:17:19 GMT
last-modified: Wed, 12 May 2021 22:44:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 16884
age: 371630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D572 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDrnHfEUwYZzWMY6F7gOtuo6ACLnz7p9k5srZiPsN6ZHZt_EhEAEgv8jHHmCVAqABouTS-QLIAQmpAu6r0YGC3bM-qAMByANIqgTeAU_Q5BrFIMa_DSqQE4g-1OWvtkpp3nL3guMKNO29uce0iZoOytBROzD_-f4R9lYMHB30XZEvub9YLTIRkjoV4wvWb_29Mtt9_V5OizDbMeXjrmqK_cgmr-IZLxUE5A5QmcqBNDibTsZ_JSIBLRrJYuz9bLZN1PBtSvPCOzV8KWpPb1TsYsyB_DXMQCnc5N4jxZ3k0z60ilRpm9Vr9gZYllbB73ZR-98lOaIMVhH_bFVbKs_hEjBr2POOeudhQpSs8fSUHvV52voLT-OQ0zt1rpYALQbtsrIkkOaTBoWPZMAExcGjvqcDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8abrYYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHAxCkftIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02NjIxNzUzNTMyNTU1NDMyGAA&sigh=7f5FL3FQ-W8&template_id=419

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=250&slotname=9144741633&adk=1392859910&adf=3966419046&pi=t.ma~as.9144741633&w=310&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468644&bpp=2&bdt=1182&idt=140&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287%2C634x280&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=auoPlhTYVj&p=https%3A//facebook-kiwami.com&dtd=143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Sep 2021 03:31:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame D572 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:44:37 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame D572 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:26:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D572 122 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame D572 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:54:17 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DB06 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 12:23:16 GMT
x-content-type-options: nosniff
age: 140873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 12:23:16 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DB06 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:32:47 GMT
x-content-type-options: nosniff
age: 385102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:32:47 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DB06 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options: nosniff
age: 403167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:42 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2AF6 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=250&slotname=9144741633&adk=1392859910&adf=3966419046&pi=t.ma~as.9144741633&w=310&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468644&bpp=2&bdt=1182&idt=140&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287%2C634x280&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=auoPlhTYVj&p=https%3A//facebook-kiwami.com&dtd=143
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=250&slotname=9144741633&adk=1392859910&adf=3966419046&pi=t.ma~as.9144741633&w=310&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468644&bpp=2&bdt=1182&idt=140&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287%2C634x280&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=auoPlhTYVj&p=https%3A//facebook-kiwami.com&dtd=143

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 Sep 2021 02:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB06 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW72LfEUwYb2fMM_e7gP09rWYCJqNoOtkiLzK-YkOv-EeEAEgv8jHHmCVAqABgpDlhwPIAQapAu6r0YGC3bM-qAMByAPLBKoE2wFP0NN-sk7hDKSw51a5t6FqEGgUuzsNHHPNIzLcT_NqZ5GlMLMK2U_EWJUwZhq0FUVC0PhBmYcgNTHEWYOY58Wh4zrhxXpR63pvwLABDghO-ghAiNbrSjUOnwRU6sAyApEVy8VlfBqe-rffIVT0bRZHm8o4QrZLHxoDrgX_ehuiu9RDgATtA-V6wobmSOoWVpAl1hdKsLFivlVbewyDBAsAMx0bFF2olTYD4CT7snqAaE8DbXKK8V_glbNC-qC3rOYMBpXkwV6UgNZLIOm1725vVfDgYLNRNQ5dX__ABMv20bHaA6AGN4AHroan6QKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcFEKD5qQHSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNjYyMTc1MzUzMjU1NTQzMhgA&sigh=5pvQCTMVCJw&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Sep 2021 03:31:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx Show response
tagm.tchibo.se/ Frame DB06 43 B
1 KB 208ms
56ms Fetch
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://tagm.tchibo.se/ai.aspx?extProvId=5&extPu=tchibo-pm-display&extLi=14449696940&cb=2943910372

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Gelsenkirchen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://tagm.tchibo.se/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 02 Sep 2021 03:31:09 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 02 Sep 2021 03:31:08 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 821
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D572 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5cdbefdf0565256e14c865bc08cf921dacc91dfd9eb78af6cbeb10fffcdebb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DD7 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 Sep 2021 02:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DB06 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e14eea970eec942ce53d969855d6e7ead6c53f73cfd55606f33af042ca410bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 5599481253972554863
tpc.googlesyndication.com/simgad/ Frame 4E9B 16 KB
16 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5599481253972554863?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn4b-P6seECdKUDuYNbJlM4YGc-MA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=280&slotname=3154048351&adk=349515542&adf=1784787236&pi=t.ma~as.3154048351&w=634&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=634x280&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468608&bpp=2&bdt=1146&idt=169&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKNa3zwzOR&p=https%3A//facebook-kiwami.com&dtd=172

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b221651d354c9f7454903f38cda6521197e1596842f65c49291a71ceeb5b888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 20:26:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 07:45:04 GMT
server: sffe
age: 371077
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16092
x-xss-protection: 0
expires: Sun, 28 Aug 2022 20:26:32 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 4E9B 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:44:37 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 4E9B 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:26:52 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 4E9B 67 B
91 B 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 18:28:17 GMT
x-content-type-options: nosniff
server: cafe
age: 32572
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Thu, 02 Sep 2021 18:28:17 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4E9B 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQmwefEUwYZ_bMI-vgQer1aOIApSjiIJkqbfvqbIN99DGpJsfEAEgv8jHHmCVAqABp4LVgwPIAQKpArs5-N4BhkM-qAMByAPJBKoE1AFP0FWecJ7Cw5VvaWSCOGkTCmAlCSMF7nOmPMpG1OgCWGArjcg2YzuggDm1USLZ2eEI2vC36qu7RKOIt5imY9YG_mnkNvcQKC1jW5ldg4O-H4WRBxd8HfOG1CwtWAJpIERrprEtitEKSfRQieCPrlfQhjgbucwpqCs6tEaNDdnqUu8w29TtTwOmdmIS-2I7kPpkenn8VKnPp_VgQvekj6uIEpbeL8bq4OlTP2hGTJOrGU7s4m5w-TVAronZlrxiT08M7ka6NpInBFEKguRZS0QPZ6ZhWsAE97r29LcDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8H9qnyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEO2ZA9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02NjIxNzUzNTMyNTU1NDMyGAA&sigh=m3kFEssSfss

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=280&slotname=3154048351&adk=349515542&adf=1784787236&pi=t.ma~as.3154048351&w=634&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=634x280&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468608&bpp=2&bdt=1146&idt=169&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKNa3zwzOR&p=https%3A//facebook-kiwami.com&dtd=172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Sep 2021 03:31:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E9B 122 KB
37 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 4E9B 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:54:17 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 4E9B 26 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c7c4858536f566e1f4dd585c586dfadb5421cb8b246f03a8bfb680fbabe776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10740
x-xss-protection: 0
server: cafe
etag: 6955949258460630505
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:51:47 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0453 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:07:09 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0453 26 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 02 Sep 2021 20:35:29 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B62 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=280&slotname=3154048351&adk=349515542&adf=1784787236&pi=t.ma~as.3154048351&w=634&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=634x280&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468608&bpp=2&bdt=1146&idt=169&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKNa3zwzOR&p=https%3A//facebook-kiwami.com&dtd=172
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=280&slotname=3154048351&adk=349515542&adf=1784787236&pi=t.ma~as.3154048351&w=634&fwrn=4&fwrnh=100&lmt=1630553468&rafmt=1&psa=0&format=634x280&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468608&bpp=2&bdt=1146&idt=169&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKNa3zwzOR&p=https%3A//facebook-kiwami.com&dtd=172

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 Sep 2021 02:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4E9B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b830e6cad0210eedde0f8ab525661f70768dda191e73e517b502ef1286402c0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3205 6 KB
668 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 03:31:09 GMT
server: ESF
date: Thu, 02 Sep 2021 03:31:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3205 959 B
468 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:300,400,500&text=BfoT+K%C3%A4hVzFOHclu%E2%80%93%E5%91%8AA%C3%BCwenS%E5%BA%83Lg!EWriNGtIdmR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3c9078a26c1af30c7d0226b65166c628f4e4f0d628270fa6d20f69a5cd10216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 03:31:09 GMT
server: ESF
date: Thu, 02 Sep 2021 03:31:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3205 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8397158285a8d2f46833b98e8a1c150bb0231fffcd22ff22c7fab650afc0b922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 00:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12715
x-xss-protection: 0
server: cafe
etag: 16890462019002884935
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 00:22:54 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 3205 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:44:37 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3205 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:26:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3205 122 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Thu, 02 Sep 2021 03:31:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3205 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 02:54:17 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2AF6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
17ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 02-Sep-2021 04:31:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DD7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

21ms
21ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 02-Sep-2021 04:31:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame D3AE 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0453 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29 200 CANCELACION_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 0453 8 KB
8 KB 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/CANCELACION_DE.png

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 392891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8598
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Sat, 28 Aug 2021 14:22:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 14:22:58 GMT

GET
H3-29 200 CTA_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 0453 10 KB
10 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/CTA_DE_GRANDE.png

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 121269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Tue, 31 Aug 2021 17:50:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 17:50:00 GMT

GET
H3-29 200 TEXTO3ADULT_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 0453 12 KB
13 KB 17ms
16ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/TEXTO3ADULT_DE_GRANDE.png

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2b1e7e485a1aa72118ae749b410a94e3aee5853dca9e5da49461081858d9b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 419934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12776
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Sat, 28 Aug 2021 06:52:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 06:52:15 GMT

GET
H3-29 200 TEXTO2_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 0453 14 KB
14 KB 18ms
16ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/TEXTO2_DE_GRANDE.png

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d0c73d97749dd61bf2a3e295270acfdf38d4eb3a333a622feadc473d4a667e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 121269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14459
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Tue, 31 Aug 2021 17:50:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 17:50:00 GMT

GET
H3-29 200 TEXTO1_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 0453 12 KB
13 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/TEXTO1_DE_GRANDE.png

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e8ee6411ee4d21f517e5b71bcd7b5ac80a4a761ed07696bf56f4860d5f9e54

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 404207
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Sat, 28 Aug 2021 11:14:22 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:14:22 GMT

GET
H3-29 200 fondo300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/ Frame 0453 83 KB
83 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16969535942247343020/fondo300x250.jpg

Requested by

Host: facebook-kiwami.com
URL: https://facebook-kiwami.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f88833455142494fd0080b47f654ac4535aab0fb5cbb04abb44ef4d66bdf5b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 396447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85229
x-xss-protection: 0
last-modified: Wed, 12 May 2021 22:44:01 GMT
server: sffe
date: Sat, 28 Aug 2021 13:23:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 13:23:42 GMT

GET
H2 200 gxc11u4l_main_0_1200x627.jpg
ad.adsrvr.org/vko50on/kywm6zw/ Frame 3205 227 KB
228 KB 146ms
53ms Image
image/jpg 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adsrvr.org/vko50on/kywm6zw/gxc11u4l_main_0_1200x627.jpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d037b4602153c804b85b95e3ecc924455551e9f9b3130d52e17338596243734

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:51:39 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
etag: "30ef66cea0d4727f3c3fc109c1d3b5ad"
last-modified: Mon, 30 Aug 2021 09:36:53 GMT
server: AmazonS3
age: 63753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 232638
x-amz-cf-id: QY3daNR---vce87ZD6RE8xs8DUw_esZ32LOMVdy7tllqgP85irB_SQ==

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3205 16 KB
16 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 12:23:16 GMT
x-content-type-options: nosniff
age: 140873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 12:23:16 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3205 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:32:47 GMT
x-content-type-options: nosniff
age: 385102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:32:47 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3205 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options: nosniff
age: 403167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:42 GMT

GET
H3-29 200 font
fonts.gstatic.com/l/ Frame 3205 6 KB
6 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpF8nYkxa9TU5EphNe8meZs7JbAAN0CIMEqSDV8MQIhjw9VsLuvi3ztfdKonBrMljgA4YgebUF-M1B_vMEq26SZa5IZuLpB1jvPwn92yPJHxg&skey=72472b0eb8793570&v=v28

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:300,400,500&text=BfoT+K%C3%A4hVzFOHclu%E2%80%93%E5%91%8AA%C3%BCwenS%E5%BA%83Lg!EWriNGtIdmR

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

633d9d31d58556c55223f4656b5ffb29877c2b4bc380b0f355d0a8f15c164387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5904
x-xss-protection: 0
expires: Fri, 03 Sep 2021 03:31:09 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3205 0
0 29ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqI8vfEUwYdDQMPr57gOT8ZnIApm8ibdcqqSAvM8CwI23ARABIABglQKCARdjYS1wdWItNjYyMTc1MzUzMjU1NTQzMsgBCagDAcgDAqoEywFP0JJE5WzDBXREvgfKRQpZHAzpyz7s2utzZtp1rN0A2T8jMmOBHcJgcZkG6RBtONO5GcS1MIe-vFsjGl59Gu_e7zKYzf0i_aKdvJ4_pO-aKYWpg9rUvpltS6iaVyifLu5ntxBwwo1kFRLx3wmtOjoAfKoROnagCHTgdNpVmXcoQof2PzCrL1yHEVsg7BND7hekOtim4DkzpSebIP6aI7yUveXl0UQ7sEEOpcu2wrz2uDva0-9pEy1tG_aJi9O1dlBvaVpjdWukexf10YAGxp-s_bW0isUDoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjYyMTc1MzUzMjU1NTQzMhgA&sigh=XfnzhzM2Gas

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Sep 2021 03:31:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK google Show response
de1-bid.adsrvr.org/bid/feedback/ Frame 3205 807 B
1 KB 134ms
41ms Fetch
image/gif 76.223.26.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=e7a879a1-3627-44f0-afee-04f5af201a9c&crid=gxc11u4l&wp=YTBFfAAMKFAKe7z6AAZ4k1uzAQk_iuBFft_p1Q&aid=1&wpc=USD&sfe=1367c57c&puid=&tdid=&pid=vko50on&ag=5fokujr&adv=kywm6zw&sig=1kZjWkfHX1LlukU9FKhXbXX3JonV9cNZBdgBDfkypz5I.&bp=0.11839055148686&cf=2365898&fq=0&td_s=facebook-kiwami.com&rcats=&mcat=&mste=&mfld=3&mssi=None&mfsi=m9bts3o1y5&uhow=101&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=ja&mlang=&svpid=pub-6621753532555432&did=&rcxt=Other&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&npt=1&c=CgdHZXJtYW55GgA4AFABeACAAQCIAQOQAQA.&dur=&durs=UJSBm-&crrelr=&pcm=1&grdc=CAEYASABKAFAAUgC&said=YTBFfAANDjUK4EmKJg%2BdzQ%3D%3D&auct=2&im=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ad9411418cf2cdacd.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:09 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: must-revalidate, no-cache
connection: close
content-type: image/gif

GET
H2

200

generic Show response
match.adsrvr.org/track/cmb/ Frame 3205
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1

70 B
466 B

57ms
57ms

Fetch
image/gif

76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 171

GET
H3-29

200

B26137803.312251865;dc_pre=CIG_44Kt3_ICFRI34AodAgoPgQ;dc_trk_aid=504833006;dc_trk_cid=156914295;ord=838597;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N1549806.422087PLISTAGMBH/ Frame 3205
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1549806.422087PLISTAGMBH/B26137803.312251865;dc_trk_aid=504833006;dc_trk_cid=156914295;ord=838597;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimp/N1549806.422087PLISTAGMBH/B26137803.312251865;dc_pre=CIG_44Kt3_ICFRI34AodAgoPgQ;dc_trk_aid=504833006;dc_trk_cid=156914295;ord=838597;dc_lat=;dc_rdid=;tag_for...

42 B
63 B

75ms
73ms

Fetch
image/gif

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1549806.422087PLISTAGMBH/B26137803.312251865;dc_pre=CIG_44Kt3_ICFRI34AodAgoPgQ;dc_trk_aid=504833006;dc_trk_cid=156914295;ord=838597;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1549806.422087PLISTAGMBH/B26137803.312251865;dc_pre=CIG_44Kt3_ICFRI34AodAgoPgQ;dc_trk_aid=504833006;dc_trk_cid=156914295;ord=838597;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3205 0
0 29ms
20ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C17mUfEUwYdDQMPr57gOT8ZnIApm8ibdcqqSAvM8CwI23ARABIABglQKCARdjYS1wdWItNjYyMTc1MzUzMjU1NTQzMsgBCagDAaoEywFP0JJE5WzDBXREvgfKRQpZHAzpyz7s2utzZtp1rN0A2T8jMmOBHcJgcZkG6RBtONO5GcS1MIe-vFsjGl59Gu_e7zKYzf0i_aKdvJ4_pO-aKYWpg9rUvpltS6iaVyifLu5ntxBwwo1kFRLx3wmtOjoAfKoROnagCHTgdNpVmXcoQof2PzCrL1yHEVsg7BND7hekOtim4DkzpSebIP6aI7yUveXl0UQ7sEEOpcu2wrz2uDva0-9pEy1tG_aJi9O1dlBvaVpjdWukexf10YAGxp-s_bW0isUDoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjYyMTc1MzUzMjU1NTQzMhgA&sigh=_dG_cJZRSow&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Sep 2021 03:31:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A240 143 B
163 B 11ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 Sep 2021 02:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3205 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcc2f78840986070fcea62b055dc8635394ee08c06a578845685f043c0d33249

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0453 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B62
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 02-Sep-2021 04:31:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 07BB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A240
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=960643554&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468606&bpp=2&bdt=1144&idt=163&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C303x287&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=630&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=STNjc42kVD&p=https%3A//facebook-kiwami.com&dtd=167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 02-Sep-2021 04:31:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 02 Sep 2021 03:31:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Sep 2021 03:31:09 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB06 0
0 21ms
20ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmqJwfEUwYb2fMM_e7gP09rWYCJqNoOtkiLzK-YkOv-EeEAEgv8jHHmCVAqABgpDlhwPIAQapAu6r0YGC3bM-qAMBqgTbAU_Q036yTuEMpLDnVrm3oWoQaBS7Ow0cc80jMtxP82pnkaUwswrZT8RYlTBmGrQVRULQ-EGZhyA1McRZg5jnxaHjOuHFelHrem_AsAEOCE76CECI1utKNQ6fBFTqwDICkRXLxWV8Gp76t98hVPRtFkebyjhCtksfGgOuBf96G6K71EOABO0D5XrChuZI6hZWkCXWF0qwsWK-VVt7DIMECwAzHRsUXaiVNgPgJPuyeoBoTwNtcorxX-CVs0L6oLes5gwGleTBXpSA1ksg6bXvbm9V8OBgs1E1Dl1f_8AEy_bRsdoDoAY3gAeuhqfpAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwUQoPmpAdIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi02NjIxNzUzNTMyNTU1NDMyGAA&sigh=8XkPuY6KzKk&vt=1&template_id=492&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621753532555432&output=html&h=287&slotname=2325156180&adk=2229496947&adf=450287001&pi=t.ma~as.2325156180&w=303&lmt=1630553468&rafmt=11&psa=0&format=303x287&url=https%3A%2F%2Ffacebook-kiwami.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630553468604&bpp=2&bdt=1142&idt=155&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4002813999305&frm=20&pv=1&ga_vid=1579931297.1630553469&ga_sid=1630553469&ga_hid=1746461595&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062297&oid=3&pvsid=2420447387241967&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hewG3nsV9J&p=https%3A//facebook-kiwami.com&dtd=160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 02 Sep 2021 03:31:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB06 42 B
64 B 26ms
25ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDW01iecEoLjpfQyxOMpQykwYyQurCEph1ulsbJbvx4vrEE7-YuewLtvPxy0PqGRNGq9wOe8CWxqraOtQI6zRhebyqdUk75ecj7QtzRnvEKRN41xbmKNHYVkNweQ&sai=AMfl-YQ5ovs-uGv2x7k84Gyu5g6phpSaNdmMFE4lQsyEKfBTJQt1DC25eprRkz2fygyPrB1WXO0H_diUgY-L&sig=Cg0ArKJSzEnpKfP02czvEAE&id=lidar2&mcvt=1000&p=429,300,1003,603&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&app=0&itpl=14&adk=2229496947&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630553468765&rpt=684&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Sep 2021 03:31:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3e255d8621cc5ea4e74c1e765aac66c674498f29be6ff0d5d3f623bc7cc6991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Sep 2021 03:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8551
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 03:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 02 Sep 2021 03:31:12 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C789 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 21:59:47 GMT
expires: Thu, 01 Sep 2022 21:59:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5986 783 B
532 B 15ms
15ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4a0c1bade3499dbf004c3127a457a249c62fcd36670ab15accd17a4ac104219

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nLZB+6O6PIeTtb2SxcUFlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://facebook-kiwami.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://facebook-kiwami.com/

Response headers

expires: Thu, 02 Sep 2021 03:31:12 GMT
date: Thu, 02 Sep 2021 03:31:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nLZB+6O6PIeTtb2SxcUFlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame C789 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 18:47:38 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 20ms
19ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=2420447387241967&bg=!srGlsfXNAAZOkH6FTpA7ACkAdvg8WgUV7iM8PF-Y4Gn8wI8XiKRzLryN__QPyUerzS-enbl64zEsfAIAAABSUgAAAA1oAQcKAQ6U7CwDMEF-MDJuU3Hu4RzPtULRlcLjk1vvWcaNFVuhWRHEP4Pe4rwwM_eU46530HqD4KQst0ckzPBRx1wSu5h-PwdShGcDgNDeFTSaJtrJtpMQwn2Je41p7zgc2rbmoUuq7aoah0aJ0hUVxPts1n7oJgGWxU_jGyrvxXGrplvRqEsF1-C9mLy-bCQBILR8Tn8bhpezwuQsgmU2Ob1mm7dfscecLK5KLULNuGRuvg7l7hoBL4B-vOk7uOaepBgAeW7Eq8kfDM0wU--zuRmtje3ITSJnZhQTZLvBewBtuvi_rvnlSipDdHJ7_PgAjid7Th1eJw_d8TGrx4BCZ7B_e4v-YhX93LADzkj0H318xhmZAnHENkzq-LXTmweGLpbjiKJQBSU7zkoJVq_8Vjs0uYC4VupCCi0GNwSl7kFYKD9OktJ3gqVeZN2riXwTstwQK0URRlp9G5Y0d2YWK4jYW5eifV4F2iVAO0VKuDeixNps7dNYtvy9esCEf9gpQhNO5KAJxwWB-IdjNS2eJweStS5wCnx6qBChckdIJ2I3oanuEPbc3-o7ZDG3Ehm-37JXMuoCkNNDWTWfcbdDxZZnhF7J4O2vKQPIq_Vj_yDbJcWkdqJSnllPjdg0lTDmkFCBnY35OrOz_2Lu-KHFPB7s2xEqqtO_ntG21VYq1E1nKjRt9jTcwfbW-OsFZmHbdVEPWBDjajumK0FXyasQeSoTkKji9yhWaQv5kHRjL1UA4b6Fb4U7aL4olryfk9gLNmlZ7kuL5LcGGgesjh4MyHUZ_B79peyil03G-Q16eJ-2Xe9qN6msRsFUJcURY5CZ0EfIMa-O8sgt6QPGjlgSgS1wopWdrWI-bB7I3axtqzX2lo8OBjiOnZc02z5TEAaIezW1w5f7dFftKf8Xs-wazJUUYiEP8OYQSfxtqbD5miCgfH3RY98MleLFivKxdBaJ0MGTiBWtERiq4m9iPWetsk0il7NrKSCVUaEV8GKqfofvdpFG4JVtGP2F4VITS53qRXjowYtM2mH3dsD1mhj4ANcsAOgyU4mhNZWbH96B8HLSHYA8YSA8mInqRxFbTZm2I06tLDSQyDah5aewjMvwYuQWb9iyjdWlMoZQNwURjU2T66McrvOfOh8fmOZe_pMwBR5b_C_6QNkFzixdVFw6FoKDaeil0wQiCaJGmeW0yVHsFq5h-YDA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://facebook-kiwami.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:55:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 20:55:54	Name: test_cookie Value: CheckForPermission
.facebook-kiwami.com/	1970-01-19 20:57:19	Name: _gid Value: GA1.2.2073833063.1630553469
.doubleclick.net/	1970-01-20 06:17:29	Name: IDE Value: AHWqTUkLJSNekC7-Ew1ru8Ea8Pqs00HU9D62CJRQifGBePMN_EAVcq5lkIpIWmljQFQ
.facebook-kiwami.com/	1970-01-20 06:17:29	Name: __gads Value: ID=2d659b95657ba2af-22b8746661ca0003:T=1630553468:RT=1630553468:S=ALNI_Ma3eJb-l25IGa_ar05YQJNF-QL7YA
.facebook-kiwami.com/	1970-01-19 20:55:53	Name: _gat Value: 1
.facebook-kiwami.com/	1970-01-20 14:27:05	Name: _ga Value: GA1.2.1579931297.1630553469

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adsrvr.org
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
de1-bid.adsrvr.org
facebook-kiwami.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
stats.wp.com
tagm.tchibo.se
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
157.112.145.105
172.217.18.102
172.217.18.98
18.66.96.113
192.0.76.3
216.58.212.166
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
76.223.111.131
76.223.26.175
85.14.248.91
00e689f1595c7a46f94297991536079601d2b69f0d3d54afe5b0cb61970e44fc
023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
08bdf159b52666fc97ab30f6fee53621346dc0ea9302dc5edfa3d83eb9e564ee
0bc5ce7005fe75c07bc4b8338d46455f94f6e1156722fff8625847944fb8f7b6
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
11e8da9c7d9d5b0c7d749a72347b1e0e897cdfe721cb4bc503e4594063ed9045
126efbcdc48a9eef57a0de949224a0ba971cd391e759ef1bd79520571b731de1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
2319bf626b545c1409f7cb8ba5496d22ca2438c2206a1b9b6be28ccd98a004ef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35ca3e284c54b48858e8c7c2cd728605f01b700bac501f72e6bc64da80056c70
39e8ee6411ee4d21f517e5b71bcd7b5ac80a4a761ed07696bf56f4860d5f9e54
3a03881d88437511e4ad027306b3fb17de46f7c81a0411faf13b857b09a1d1db
3badbf163f2abd239e28cb6122361cb65d9dc730ea2772533f4d13b437d76f9f
3bb1ec7c061713f44bf35840d4a9b600dbf95056249c5c366a0e182a52abf68d
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
3d0c73d97749dd61bf2a3e295270acfdf38d4eb3a333a622feadc473d4a667e3
42a68f704f17fcbb3f7164daffef75ff1584c8382ab6c9da7ed42d17be53a45a
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4a3259567828beb6ad5248a9b1aef7f95ff0eb9fd58c6524df178a276de82e2d
4abca85f333b293f68833f495298aaca87a1cbd440379d93768ea3cd419c96df
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b221651d354c9f7454903f38cda6521197e1596842f65c49291a71ceeb5b888
4d037b4602153c804b85b95e3ecc924455551e9f9b3130d52e17338596243734
4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c
4e14eea970eec942ce53d969855d6e7ead6c53f73cfd55606f33af042ca410bb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5a69c04798699979eca58aa03f3c93430284f9fdc7ff72bca514355184785811
5b2b1e7e485a1aa72118ae749b410a94e3aee5853dca9e5da49461081858d9b2
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d168ee09cbdc7bc2844cd17a8b0206ce16dc14025672b2714a0df068e192720
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
633d9d31d58556c55223f4656b5ffb29877c2b4bc380b0f355d0a8f15c164387
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82729d2a91f9fd991da671cac1c057741259f9cc8a85b96f91dc26d98f250d86
82c5a353a20ad78944a065dfe1f81d0503521f10d06a761df55e632fb250b962
8397158285a8d2f46833b98e8a1c150bb0231fffcd22ff22c7fab650afc0b922
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c86f7ae44857ebefeb919e1b53e7c28f0322d9d972b406fad9eae39222e7394
8cc7d9e82a91c42266ba98be8d5e8457488b592dd9f589f58f2e9cc643790083
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2b6b2ad63a3bc5d0aa508fb167895565cc4dad4646b6052ed3e55707e728d4
9581d8e4ff9f05a8f26b46ac10d976488c7faf44720f00cd24497d826e7d1b71
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
9b8ba81a9c41755a218f8405fb9ac8cecaff8c2dd04691625bb1beeb27575ad3
9cc6b5e3ec2f0a35a4b83aa1875b46adcd16f96f0f54251ef535834fe319668a
9f88833455142494fd0080b47f654ac4535aab0fb5cbb04abb44ef4d66bdf5b5
9fee3068a1b220e2cbbb03517fdaa499458012ad32fee4a4cf04cd949ae326e9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a38a0701bd69d4d9ee08f38b430227d679ff7c59d62459cee922f552f28727b7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cdbefdf0565256e14c865bc08cf921dacc91dfd9eb78af6cbeb10fffcdebb1
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a87c1c11d9d3af7fe9419153b9a1b231f8879c701b70ec793ef425dad0fa4a63
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1
b6bdf7fcbd3c94d2a42fb986dbdd171e515fd76a6afa0d94536e3de5005efc09
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b830e6cad0210eedde0f8ab525661f70768dda191e73e517b502ef1286402c0b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcc2f78840986070fcea62b055dc8635394ee08c06a578845685f043c0d33249
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bf6d818a189b36e4cae7e9fc0a13c6558f1ae713185fabb24031df0d1a533114
c7237f9bcc52685fce66f75957df9032518c59b09ba0bb077e6d69ec65470194
c8c7c4858536f566e1f4dd585c586dfadb5421cb8b246f03a8bfb680fbabe776
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3c9078a26c1af30c7d0226b65166c628f4e4f0d628270fa6d20f69a5cd10216
d3e255d8621cc5ea4e74c1e765aac66c674498f29be6ff0d5d3f623bc7cc6991
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
dd58f343c8d319ebbb93fc737854378485c81fa7623758f222b8a94a2f31a025
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e2b6f883d3afb02c3b200f0302d9fae01f0919a3a7202933625e24b3cf300e8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a0c1bade3499dbf004c3127a457a249c62fcd36670ab15accd17a4ac104219
e8d02beb10aba77e9255c788b3c2d89d3483eea18e7cded116ca5763fc4d1e60
ea7999a32f1de1d57d22ceba7a9229b7bbdbde8eea4583ce332a43fe63413a81
ebe8dea36ada75445ab05dfdb5b5aa248ad49d85e3d907929843ac47e88c34a4
edd19187af39f75913ba3cfd12676b3e3f12accb62ce6d740bcdcafaffeba651
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f370459f2fc6feedbcca67e0fee404720d5ad0afa1ba7b2585f9834b8978df2c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f496e07103d16733e37931c80067cabde1102e631ddf431642247c50f813c176
f510db5457fd9c445218df9a3ec3c3eb70657710f7ece589c277d0c36ace7c0f
fce4c5386621632428fdff385296f42710c3a3a0403427b204521d3224b8bc10
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

facebook-kiwami.com Open in urlscan Pro 157.112.145.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

133 Requests

100 %HTTPS

68 %IPv6

13 Domains

20 Subdomains

27 IPs

3 Countries

4462 kBTransfer

6130 kBSize

7 Cookies

0 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

facebook-kiwami.com Open in urlscan Pro
157.112.145.105 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

100 %
HTTPS

68 %
IPv6

13
Domains

20
Subdomains

27
IPs

3
Countries

4462 kB
Transfer

6130 kB
Size

7
Cookies

133 HTTP transactions
5 data transactions