Submitted URL: http://kiwiexploits.com/
Effective URL: https://kiwiexploits.com/
Submission: On May 07 via manual from US — Scanned from DE

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 134 HTTP transactions. The main IP is 2a06:98c1:3120::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is kiwiexploits.com.
TLS certificate: Issued by E1 on April 29th 2022. Valid for: 3 months.
This is the only time kiwiexploits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.41.116 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 5 2a00:1450:400... 15169 (GOOGLE)
3 74.121.143.241 30419 (MEDIAMATH...)
4 2a00:1450:400... 15169 (GOOGLE)
2 138.201.63.149 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 4 138.201.63.116 24940 (HETZNER-AS)
2 46.236.13.147 12703 (PULSANT-AS)
1 2 216.58.208.102 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
1 18.66.248.117 16509 (AMAZON-02)
1 37.252.172.250 29990 (ASN-APPNEX)
1 64.135.83.163 13645 (BROADBANDONE)
1 1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 54.76.212.160 16509 (AMAZON-02)
134 30
Apex Domain
Subdomains
Transfer
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 119
tpc.googlesyndication.com — Cisco Umbrella Rank: 171
486 KB
29 kiwiexploits.com
kiwiexploits.com
496 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 59221
147 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 128
www.google.com — Cisco Umbrella Rank: 20
3 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
105 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 29190
hal90004.redintelligence.net — Cisco Umbrella Rank: 310896
65 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 227
183 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
4 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4065
pixel.mathtag.com — Cisco Umbrella Rank: 1783
3 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 17931
api.webgains.io — Cisco Umbrella Rank: 41588
52 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 30544
3 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5351
914 B
2 ahscdn.com
ahscdn.com — Cisco Umbrella Rank: 116617
50 KB
1 yahoo.net
partnerads-test.ysm.yahoo.net — Cisco Umbrella Rank: 188055
1 yahoo.com
partnerads.ysm.yahoo.com — Cisco Umbrella Rank: 714477
253 B
1 inbox.com
as.inbox.com
1 foxnetworks.com
ad.foxnetworks.com — Cisco Umbrella Rank: 835980
1 twitter.com
ads.twitter.com — Cisco Umbrella Rank: 9467
147 B
1 adclixx.net
yahoo.adclixx.net
616 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 940
648 B
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 18163
874 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
41 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 574
25 KB
134 23
Domain Requested by
29 kiwiexploits.com 1 redirects kiwiexploits.com
26 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
kiwiexploits.com
12 pagead2.googlesyndication.com kiwiexploits.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
5 www.google.com 3 redirects kiwiexploits.com
tpc.googlesyndication.com
5 www.googletagservices.com googleads.g.doubleclick.net
5 fonts.googleapis.com kiwiexploits.com
googleads.g.doubleclick.net
hal90004.redintelligence.net
4 hal90004.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90004.redintelligence.net
4 www.gstatic.com googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 adservice.google.com pagead2.googlesyndication.com
5994599.fls.doubleclick.net
2 api.webgains.io analytics.webgains.io
2 5994599.fls.doubleclick.net 1 redirects kiwiexploits.com
2 track.webgains.com kiwiexploits.com
googleads.g.doubleclick.net
2 hal9000.redintelligence.net kiwiexploits.com
hal90004.redintelligence.net
2 adservice.google.de pagead2.googlesyndication.com
2 ahscdn.com kiwiexploits.com
ahscdn.com
1 partnerads-test.ysm.yahoo.net kiwiexploits.com
1 partnerads.ysm.yahoo.com 1 redirects
1 as.inbox.com kiwiexploits.com
1 ad.foxnetworks.com kiwiexploits.com
1 analytics.webgains.io track.webgains.com
1 ads.twitter.com kiwiexploits.com
1 yahoo.adclixx.net kiwiexploits.com
1 pixel.mathtag.com tags.mathtag.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 youradexchange.com ahscdn.com
1 www.googletagmanager.com kiwiexploits.com
1 cdn.jsdelivr.net kiwiexploits.com
134 30

This site contains links to these domains. Also see Links.

Domain
mobirise.in
www.kiwiexploits.com
aka.ms
mobirise.site
youradexchange.com
Subject Issuer Validity Valid
*.kiwiexploits.com
E1
2022-04-29 -
2022-07-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-03 -
2022-07-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-16 -
2022-07-01
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.google.de
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.google.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-18 -
2023-04-25
a year crt.sh
redintelligence.net
R3
2022-03-29 -
2022-06-27
3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA
2021-06-29 -
2022-07-07
a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.webgains.io
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
www.adwave.com
GeoTrust DV SSL CA - G4
2014-09-14 -
2018-10-17
4 years crt.sh

This page contains 20 frames:

Primary Page: https://kiwiexploits.com/
Frame ID: 243E4919AD53B7D5F1330022EC08FBC5
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: 9FE4E0DA66EB1189C117803C446A856F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&adk=1812271804&adf=3025194257&lmt=1651353382&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkiwiexploits.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380032&bpp=2&bdt=448&idt=115&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3909557611913&frm=20&pv=2&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130
Frame ID: 8E0375F759169AE95F3F2841A2AEDA2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Frame ID: D93878BB96514F280B05A8485D7F4305
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Frame ID: 1806210FE751433968F098C8E06D55F9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Frame ID: 61745FCEB8A821A3BD5359C2318895B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Frame ID: C579847F6F4347A608F41489B7E8D0E0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB4A56ABF3A94DA61ADD061E67023AFE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C66SrPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTFAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_XBycsnhwVFsIl4cX6GmEpgE_6CE-OSlGItXo-6oC6-0TA7xr612gAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODU2MjE5NjA4NjM1OTI0MBgA&sigh=e4dehNIN2h0&uach_m=[UACH]&cid=CAQSGwCNIrLMczzihr4dpZ4xN1wJ_uz9KPWhykpDfBgB&tpd=AGWhJmswWwW6rOz5VGXiCAiRnVYr9CvLd915mpQiC2xg0J0b4Z8_WZBmUYkeDUm3LWqfPknlT9XTMSKyB5jv1M21FFATemi8pC3svQTQimbnsjIdiykKdCB-tn0_L7pyrZiVYztk6dTWU1ePMofMLMUu8WGmf8pmTieG3giwbA3s6WU6u-ZYgwP4zFNbKidnMQEs2K_N6uDoK2cf8inH8-z4vQmP0oMp2woyk0D5Nk97rAHNKNfNmaRVkIMHFDasLVcMvSGsF9t7-W82-qhqNNCWkTk0ibpAq1tUHYkubnWMEXYElpTU8yBHCiRCb502hV8pxmmgeuImmbX7wFVQLlX876WcvDv3yGakoib8Y1xvqPuBvzLJE4Ou05OUMc00PjQJo6Db6DkeDxpy0Ti7ZFYwTM9TTOE7EP526cie9Y2Mb1YzXsLmPqmn2EhAykMcT4cLjiD6ZZAK-6pXPbXtDbApxOLixBzb0c3z_uf1Sfk36ECITx61wLR3VKv0UgnaSP4RI3nDHgtWrAHddObEMFEdiQ8E11LOu94QEy2sPBg84ZK9QU9k0HY-_ioJ8l-xo_URsPLRBFWLzktK_rHIuxDByJ1aHPuLglPElb1_vdAtsiYt1VtqHvzyacsu8_WY9exqyJLunBI1BBoAqQtH_pNj-hRzZP0gCp2HoCeG7poLNGlkVIZOgqC688GAWS_r8ePX3zIABS_CbFbYxZmwLF8hLkWwZdVrpkrCreaYOhM6pFDSSfrV-V0H-PmvxwJL96BZ6AYKcBvXUnX7ZwJ46WPgp4VrzLqsMRcTnVdR6o6ZPijbkOB6E22ymXTk-2n7NzdwLnfaWu1GA46dKJsthO3poeNgXvRyLIkw0RPTqhUfZfd1fjW0hqinZxKFRi0yB7k4hFtjSNdFQexe4hDmCjL-LNTc6-TjYzW_oMeR4-9SEPibxBvW_sVjacE51ObMWo1u4XsWYuBKQxgDGDIOJXHIUwZPBOAUOo_uKmMlS7mgFUUgBhSA10EjhxKFQYayLz2MGbcR3OZhR305GRsYSRP02RJE5K7XCRuk8ij0Dwtujr0nruwv0vlN8RC6XffTZ1oOqas
Frame ID: 890D87497963062B38A0DC6596AB7C42
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Frame ID: AB71AC4BA3FC2D800CFA91EC9D57A3BB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 590F00CD84811783E0482D76EBE65E2C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: A662AD8EAFF2B9A50657762967CCC4A9
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: D3A8D3CB4051E2BDA179C9D5BF4EBFF8
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: EE004E9185990F81E2E968E4BEDF591B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: CF64E73D7434D3B7E9E3B2B08E482F6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0F8A6293AB995326F7EB6D1B7CAAFCB6
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842
Frame ID: 71F5B22635B17309B90E50D60C96C387
Requests: 2 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=81465700100408600951399011952004&a=5cfb7362
Frame ID: 235B38917AE1CF33EDD56839938B173A
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8EE5451819EE563758B887F0354813B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4890F80C99065F6A14EEF1FD4CB5600
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

KiwiExploits - Roblox Exploits, Cheats, Hacks Scripts & More!

Page URL History Show full URLs

  1. http://kiwiexploits.com/ HTTP 301
    https://kiwiexploits.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

134
Requests

97 %
HTTPS

57 %
IPv6

23
Domains

30
Subdomains

30
IPs

4
Countries

1661 kB
Transfer

4361 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kiwiexploits.com/ HTTP 301
    https://kiwiexploits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 81
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 103
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 108
  • https://hal90004.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=80d3b37ce7&subid=&uid=5ac0e93e1369fd4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYnZtPAAFWMYKh9DIUAnoTw%26exch_seat%3D20035004448%26mt_aid%3D8590952998017841140%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_cid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%2526client%253Dca-pub-8562196086359240%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8562196086359240%26output%3Dhtml%26h%3D250%26slotname%3D6755976858%26adk%3D813426018%26adf%3D363049643%26pi%3Dt.ma~as.6755976858%26w%3D300%26lmt%3D1651353382%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkiwiexploits.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1651928380049%26bpp%3D2%26bdt%3D465%26idt%3D131%26shv%3Dr20220504%26mjsv%3Dm202205030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%252C1200x280%26nras%3D1%26correlator%3D3909557611913%26frm%3D20%26pv%3D1%26ga_vid%3D550740255.1651928380%26ga_sid%3D1651928380%26ga_hid%3D284216329%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D650%26ady%3D1963%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31065742%252C31067426%252C31067419%26oid%3D2%26pvsid%3D4184386158631581%26pem%3D119%26tmod%3D718649160%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DYYNWaAdNzr%26p%3Dhttps%253A%2F%2Fkiwiexploits.com%26dtd%3D134&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkiwiexploits.com&random=7216775572114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90004.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=80d3b37ce7&subid=&uid=5ac0e93e1369fd4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYnZtPAAFWMYKh9DIUAnoTw%26exch_seat%3D20035004448%26mt_aid%3D8590952998017841140%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_cid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%2526client%253Dca-pub-8562196086359240%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8562196086359240%26output%3Dhtml%26h%3D250%26slotname%3D6755976858%26adk%3D813426018%26adf%3D363049643%26pi%3Dt.ma~as.6755976858%26w%3D300%26lmt%3D1651353382%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkiwiexploits.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1651928380049%26bpp%3D2%26bdt%3D465%26idt%3D131%26shv%3Dr20220504%26mjsv%3Dm202205030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%252C1200x280%26nras%3D1%26correlator%3D3909557611913%26frm%3D20%26pv%3D1%26ga_vid%3D550740255.1651928380%26ga_sid%3D1651928380%26ga_hid%3D284216329%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D650%26ady%3D1963%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31065742%252C31067426%252C31067419%26oid%3D2%26pvsid%3D4184386158631581%26pem%3D119%26tmod%3D718649160%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DYYNWaAdNzr%26p%3Dhttps%253A%2F%2Fkiwiexploits.com%26dtd%3D134&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkiwiexploits.com&random=7216775572114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 110
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842
Request Chain 127
  • https://partnerads.ysm.yahoo.com/ad-large.png HTTP 301
  • https://partnerads-test.ysm.yahoo.net/ad-large.png

134 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kiwiexploits.com/
Redirect Chain
  • http://kiwiexploits.com/
  • https://kiwiexploits.com/
45 KB
16 KB
Document
General
Full URL
https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6fc0c9448488fc8a866c7632f54b0408cd105d4289277a2407427b18aaef0fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
707a22524c269b58-FRA
content-encoding
br
content-type
text/html
date
Sat, 07 May 2022 12:59:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sat, 30 Apr 2022 21:16:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmM%2BWX8iRvjqeEHtgTjHGsXXMh6ufvJ1jZIjfHl7LovVakYwQO95JiK7Xrp4PM1JTHSDJFg2BY2stLIXGMs5T%2BY7DFxJJqRCahVmmlJr3lp7KjUNuk3dK3L%2BY5bFIFzBkdWd9nA9NtDiMTuZREgs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
707a22501fed9957-FRA
Connection
keep-alive
Content-Type
text/html
Date
Sat, 07 May 2022 12:59:39 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BA2Mhr5tFV%2B2hA4p15asrRz9BSJjA5SwfZBYFRXgfAFwiBaCbAUQ6y%2BNUOCwvhLdbWfn%2Fs1ePj%2FAmrxyDhdSFPsSiHzo4sKfJWx614NvAwsPXTCyh8ae%2FSAxRFMSKBtZnSH59BLsKTOVVNXMgNx"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
location
https://kiwiexploits.com/
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/
158 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kiwiexploits.com/
Origin
https://kiwiexploits.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4073879
x-jsd-version
4.6.1
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19177-FRA, cache-hhn4034-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh7IIKAQa5ihG94HXAtdVjh9uAEi5NfpZzvZsuvGwtiCQ8%2FrGmv0%2FJEmHtqUbKORBV7NwXbN0iBE5TKE3fsgr5BHpSA0gG3wvEaUgdJ1HYtLZEze169QYpRs1bUBjQBDWj6gOk1JYEtJ%2B1uXE4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
707a2254dc21694f-FRA
mobirise2.css
kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/
9 KB
2 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdcbe8357cc75719dbb1b931f7f8b7690b94480814ee062742b0243a714b80e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQjI1O%2Bt27Nc%2FGlBSVCvrExADBYbEp9IMIhqUYTl4qDkgMeqKhPx8sM2KbOcyYr%2Bttimidwp93fgYaCqngWSFitUbmVDfYDQ6eXYKAnanR5CR5Hakx3CMznSNK7qdkszIabh90o8r4MZflzIAhS9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b9279b58-FRA
expires
Thu, 12 May 2022 13:20:08 GMT
mobirise-icons.css
kiwiexploits.com/assetsmain/web/assets/mobirise-icons/
7 KB
2 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0cf918213747e59ed554a87d5e821487bc728f2cbb3460d4a2f08735391c44d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZC0ourZBqcCCPq0zsLnWoO8HR6WV4vq87w56NtWIw4uUaQecwDrkjqm9axYE9eu%2Bf2jsXnXd3urLY4XxU3UHSyYY074Y%2FDdqJnXU0suBxZZWqdNbTK1Fxmkzep%2FXj9cWQ7Vs2ywi0aZSf%2BaW%2FiS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b92a9b58-FRA
expires
Fri, 13 May 2022 19:33:03 GMT
tether.min.css
kiwiexploits.com/assetsmain/tether/
237 B
459 B
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/tether/tether.min.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfDeuCEiEpBjKp17YMSwgT%2BA3seZZGY3KmWZFF88lqRclbEj09kFdIyVS7PKnGvs3EF7I6eAwi0z5OvVI%2FJvm88OIN0ZzppoQq0mdjLJm8Fj1nmYJ1lwxs5tx%2BZ%2BN%2BeXot28Erh%2BeMSyW1NYaYdS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b92c9b58-FRA
expires
Fri, 13 May 2022 19:33:03 GMT
bootstrap.min.css
kiwiexploits.com/assetsmain/bootstrap/css/
157 KB
25 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/bootstrap/css/bootstrap.min.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZkshJAw5bMh2SkejLY0bZ2nqjqIMxugddJ8YeXme03n71Z24mxyrwO8PJdqRgEXi4UzQsWNRRo7ciB4exoxz%2FVNy0i3fgRowT6nac5F0b2JenhTbrWfp6Y3%2FqW3UW3Fc7mB98WVB2bG0lT7fkSB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b92d9b58-FRA
expires
Wed, 11 May 2022 05:15:24 GMT
bootstrap-grid.min.css
kiwiexploits.com/assetsmain/bootstrap/css/
49 KB
7 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/bootstrap/css/bootstrap-grid.min.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c45a5eb97e8ab82131877dc492284c753ffd80dfb15d9737a4fd13ada1c3351

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvgNqI4DcKakKRuRXQE%2Bm%2Fi5%2FjWD50jqGPgPDu3q0yXmpAoyA6a26GA%2FTuPnJKDBigwaZhHXVNXMbNSCLavfoqIdKCl1xTNnO2RumTTpIgGM8g%2FzR9QL%2BSSHzu2CcAOC%2FDEklmYrPXXX29Gowz%2FW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b92e9b58-FRA
expires
Thu, 12 May 2022 13:20:08 GMT
bootstrap-reboot.min.css
kiwiexploits.com/assetsmain/bootstrap/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/bootstrap/css/bootstrap-reboot.min.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
440645cad3480edeaa059f0ebea205fa6ec59832f5a829141697a0f9f284d39c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170060
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziywoXHlQuqOhkUnkhVkMiOag9DHicl21nHDwfxnzKKPm1oWHORaqP7mKFG9QqhGfYKGZ5Gy2YDyXusEAdtwp2NRu9yu0ct4RaBPlZQi1zrr6Stj5%2BE7pHMEopMen8iIV2wuN9WttGV%2FM%2Fpq50Ma"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b92f9b58-FRA
expires
Thu, 12 May 2022 13:45:20 GMT
style.css
kiwiexploits.com/assetsmain/dropdown/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/dropdown/css/style.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAMZYGSJd5tOK0R4o3nMkGtyvcflDqSVcsV2XEtA4x2Te%2F%2BsqXJSnom3iPs0j92aIzcKTTGzvvFTQjIEeovX2lTCvAN0XO%2FKtxjQxWP0XRjhZYAhLsVB%2B6jqp3bkjGuAOcfTC3kVqj7iAhHNAKof"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b9309b58-FRA
expires
Fri, 13 May 2022 19:33:03 GMT
styles.css
kiwiexploits.com/assetsmain/socicon/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/socicon/css/styles.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccaab61570b7a9ae5fc2c276de50162f84114354e44991aea54db17fcb04b5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENehALwfkO4pbiuYDVFjn5UluhAk5Ffv45S53fh%2BQ02z6zDztkr1H7d3B%2BqTS%2BkjoJlIIDX1Bx1r4ascfULlYTGfUW4eulJLyTiTSkOab31Iwzh%2BewqIu5%2BqGi0DYJl0qwvAVF7uivFT%2Fdz7CwRn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b9329b58-FRA
expires
Wed, 11 May 2022 05:15:24 GMT
style.css
kiwiexploits.com/assetsmain/theme/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/theme/css/style.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afcc90bbc33eb40941c2b45b179afd4eb5f14545e6cf4fc5d9f1d396ffe6a1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhUOfSe5oZX96Nn4BdbnlnruZV1cKPgztEtY7%2BoSG7e3JFNlS%2F7D61Rk%2Fr9%2BytkpQPMVeX0r05yN5fT%2FutDCv2bymdfOHFhR8L4JmBvru1mZHD%2BiVczEAzyEwW%2Bx%2BrMsFWpckgdflxyyCpSm29Po"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b9339b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 14 May 2022 12:59:40 GMT
mbr-additional.css
kiwiexploits.com/assetsmain/mobirise/css/
448 KB
36 KB
Stylesheet
General
Full URL
https://kiwiexploits.com/assetsmain/mobirise/css/mbr-additional.css
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79813f08f0086728414a947cd1ffa621a64e95f35788f1ab2a256b9a3b03fa0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171570
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 02:04:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2oCuWVNgZMWX0IgYz%2F2UVGuJ%2BMQdSFVmrS%2Fm0hCnVnVWUjDE37tRgXeWEWs783AB6koBpItx7B5RSZO6IlVlvN2XmRefiV0RS2OIneqHHB1X%2F0p51U9Vm2WjOMuJaQxDSVuLUC%2BGQWJSqiZLo8L"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2254b9369b58-FRA
expires
Thu, 12 May 2022 13:20:09 GMT
suv4.js
ahscdn.com/script/
87 KB
31 KB
Script
General
Full URL
https://ahscdn.com/script/suv4.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5f1b6b9c227170bb28f129353ce5b9e48ad5209ea4975367cf96f9e2114c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=Qxmb2Q==, md5=Mc7ojv4O7MGYbKMxGtC+Cg==
date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305
x-guploader-uploadid
ADPycdsjaqiXYsqO9yAvoLIeRl_8lIDr0__MAcFSdF99MlGPiqN9r8M6lO2pTu3VSK0qhcbl3kp2mPegfKF7hSIvdHiFzGdd5-9A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 05 May 2022 13:59:59 GMT
server
cloudflare
etag
W/"31cee88efe0eecc1986ca3311ad0be0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9T4uiakefDojfygI24EjXmleUi3SXxRJ9lGHkUZUU5OScs21QeAg0sa16bkaivOzSHDgnQo4H265%2FTsi0PBE3z7GDAAd35P6ufVipYaFkz9wcyLDfdURsmr2uZnUjreogkvqHBlKz8Wz"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1651759198972891
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
88764
cf-ray
707a2254eacc9bbe-FRA
expires
Sat, 07 May 2022 13:13:51 GMT
kiwi-1.png
kiwiexploits.com/assetsmain/images/
42 KB
42 KB
Image
General
Full URL
https://kiwiexploits.com/assetsmain/images/kiwi-1.png
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a958054aba0df8e253b0fd68862459386a7b68630a377fbfee051675e3ab706c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171570
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42756
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPJ4EEEhhAndFlbnFfZLvVbv9HgxaqakOo%2Fp%2BF62BZbB2GaCwEz7%2FwIgqx01mxviiRIaXKaxIdAMu7M6rvSkcUnqVO%2BkD1kDgtnsIPHMQWA3U%2FLy1HxPZLN0TVEIcV7jbZ1fbiOYElIVGAmzbCDH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
707a2254d96e9b58-FRA
expires
Thu, 12 May 2022 13:20:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8562196086359240
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41f595a1b2041a716b5d07ada5ffe7367b57c2faccfacfdef8ca68f312e5b866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Origin
https://kiwiexploits.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56117
x-xss-protection
0
server
cafe
etag
15161411111306189972
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 07 May 2022 12:59:39 GMT
kiwiv2.jpg
kiwiexploits.com/assetsmain/images/
108 KB
108 KB
Image
General
Full URL
https://kiwiexploits.com/assetsmain/images/kiwiv2.jpg
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2415fd7bef273512914154b21969872cf5137447829a5f450de35b623b47f8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
92065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
110438
last-modified
Sun, 22 Aug 2021 18:54:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2p0cfEFEns9IQLeQz4EMjg93tYeK1w4WTbOa3kZbsb1dcPC7Em4QlChiZIhxTmcnEFfw%2B5dNmfHYNeGH3bR6g11tvOSXsetYXBGK%2FY7%2F9LdK4HHzW8NzmZE7fIm1aQvyzDUDaKA2AFnNtKHfuUwv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
707a2254dc2e5bed-FRA
expires
Fri, 13 May 2022 11:25:15 GMT
kiwi-x-thumbnail.png
kiwiexploits.com/assetsmain/images/
5 KB
6 KB
Image
General
Full URL
https://kiwiexploits.com/assetsmain/images/kiwi-x-thumbnail.png
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46fbe565e5f79231e72e4c7c3f4431ad216d1f6513ff83d6daaa13e48bba8c23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
92065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5253
last-modified
Sun, 29 Nov 2020 23:39:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7hBa7ICzrNR1Nby1RKfCcELw3UCmVUrOgMfs3n71ZYkDQwTt9Oxh7IOTXWz70XF355tLouMi4GiPJykA9WsiRchJzB05AhNW1bc1PyzNazpDEKf5U1ZOT%2FYgFy%2F84kxaFzICooHuVw0MCga3hNd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
707a2254dc325bed-FRA
expires
Fri, 13 May 2022 11:25:15 GMT
furk.png
kiwiexploits.com/assets/images/
50 KB
51 KB
Image
General
Full URL
https://kiwiexploits.com/assets/images/furk.png
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c357fd664564c732b2d818e672bcb5930027dec33b3c1a77352578fe438028b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
92065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51623
last-modified
Mon, 13 Sep 2021 03:58:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lA4uSwZhyoacWuxGR%2BocNwMUcJw0WRawc80Ml225UWIwj0ncl221ddC%2BoPCb%2FWqwkPNX8i2kL%2BEDAnyfcjPJ5aODaBak7dtm3gghg3gPUDgETH%2BDyDwXjDrhLVemLZ58GYP8aPiynQ%2BEzd6tX%2BSq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
707a2254dc335bed-FRA
expires
Fri, 13 May 2022 11:25:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b2af3ae8a31b5afe64b22148341c1831768fffa439d4f52d6e13273c63d1df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56140
x-xss-protection
0
server
cafe
etag
1320567578068805345
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 07 May 2022 12:59:39 GMT
css
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/assetsmain/mobirise/css/mbr-additional.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3feb5d6710e2130bb0a8c15da4a8853d9bcfa3ffe34aac2c12a4743d4a492583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 12:03:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 12:59:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 12:59:39 GMT
js
www.googletagmanager.com/gtag/
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162344816-1
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a83fd1f588d25ac17d21af2f07176f03ecd669f39e9224ebe409571954a10e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41806
x-xss-protection
0
expires
Sat, 07 May 2022 12:59:39 GMT
jquery.min.js
kiwiexploits.com/assets/web/assets/jquery/
87 KB
32 KB
Script
General
Full URL
https://kiwiexploits.com/assets/web/assets/jquery/jquery.min.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2OrAmbFNAQfi0OVEkunziCilzdB3CB%2FkI%2BaryG%2FgpQfqIlG5zydm6rBAMi%2FIkbVDtGipWaogpdodUuEyeFaqLSYvid%2FyYU%2Fy%2BgOkVyEEVCkqeLPeIWumi8y2i1FYV0pHg1Mwb%2F8yRdgWNzOcwr1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d205bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
popper.min.js
kiwiexploits.com/assets/popper/
19 KB
7 KB
Script
General
Full URL
https://kiwiexploits.com/assets/popper/popper.min.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKsOUTXS6Soy%2B4hg%2B91zI2Cl71qbqyjwLkBUMVSt512LL6DwtPZyfd8Tp0A1t%2FlEpppC21KpkiHuYJMdmwISqggO7EKZbNANflw18IQ8XWaDDComTw7TS7NIb%2FgOmKBIfyCuPueaV7zsh0357S5%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d225bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
tether.min.js
kiwiexploits.com/assets/tether/
23 KB
7 KB
Script
General
Full URL
https://kiwiexploits.com/assets/tether/tether.min.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV6zoDNpOGQY2bdC2q2BZoyobZFSwGArmJyaERc5fFEOPI7xxauMU9%2Frgryytv8o%2Fv%2BjX9QHbdMXfBqCgt9ztM%2FyYYiOssCJd0aH7sDEllu68mkDiL67Z%2Bx7PLQ1PQSOeRyUtG43ja331w%2Br0Ham"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d245bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
bootstrap.min.js
kiwiexploits.com/assets/bootstrap/js/
59 KB
16 KB
Script
General
Full URL
https://kiwiexploits.com/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPrrMb8btz%2BagfaRZkkeclBZbHjcINhWLBqVHH09Qvk0DRXXo64rSzB7AiaJ6o0gx%2BwisVJjkx%2BjMnavZVbUO%2Bj2HFpQS1%2FhT0wokE5WQ0qCAT8fkpeS01GaUiI%2Fl%2B2TmPjpAjj9O7ADt8O9S5An"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d255bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
smooth-scroll.js
kiwiexploits.com/assets/smoothscroll/
7 KB
4 KB
Script
General
Full URL
https://kiwiexploits.com/assets/smoothscroll/smooth-scroll.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ccd89551b3cb44b0a7dc2b8439957a38f3c6fd898c02f178f00312df122794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211635
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOyJQuK2QbcwQ0wRVxL4v32%2FBjARbvdfeOlPrTkS0p2YdQO%2F6PO%2BsOZqqOCkbkFV%2BcS9%2Fw82eQpT3BhwS%2BMBQQ8uoJuZKD8%2Flu7ktEUe%2Fn%2F8HsuhIrH9LRXF%2Boa909I95TOndjdVlahxyj8d0u2%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d275bed-FRA
expires
Thu, 12 May 2022 02:12:24 GMT
nav-dropdown.js
kiwiexploits.com/assets/dropdown/js/
9 KB
4 KB
Script
General
Full URL
https://kiwiexploits.com/assets/dropdown/js/nav-dropdown.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85c452eb5ce99420acb144732fe81de89ec8b0e4978d8d8dc19734720a069ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QB7FxCBI9d34H2Vvb0b06FiRjGYApjQc444jh8eVOaavCdr4kmwUQfYY6fdWBKEJr6%2Bi%2Bx%2FWW5WbEf3RtEO3IQ75SYnBjHQhmSxdBDPKvfzMwEfOikpcrWjQCS0KIfEyaCfcu1H%2BpNjVlVB6PzUU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d295bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
navbar-dropdown.js
kiwiexploits.com/assets/dropdown/js/
3 KB
2 KB
Script
General
Full URL
https://kiwiexploits.com/assets/dropdown/js/navbar-dropdown.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
764426bc6ab6571cf3c9c4a2f4b8e49cdf8b94f635198f980332e2967d81fee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0H2MAM%2Fh0mmdTquc%2F8Td4jgFFbaiv8O97VmONSWbzdsZZVSG5bviTR3rlK38SBSolLQjCjB%2FmjtfSFsyFWMqRht4A0nCKgNhrH7B0K72LAD0E54dew3JvY30pdRi0wxRSmXEh5NE8vDzegEPEwJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d2a5bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
jquery.touch-swipe.min.js
kiwiexploits.com/assets/touchswipe/
20 KB
6 KB
Script
General
Full URL
https://kiwiexploits.com/assets/touchswipe/jquery.touch-swipe.min.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3Eo8NpjBNlnuy6y%2FAsJVYyLGIP%2FxGL8nYaHwjEdo8R7WdgGhVk3Ec5QFKW5B5A8DlCCCbILMNprY5vfpJm6xyTMp1FXyrgZIepYcO02vmpgcJuNxdF7RJFKrYlpfd91knYJ7AvJ1qACBkfimWLf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d2b5bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
mbr-tabs.js
kiwiexploits.com/assets/mbr-tabs/
2 KB
1 KB
Script
General
Full URL
https://kiwiexploits.com/assets/mbr-tabs/mbr-tabs.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f226fbb7f2f8018f5ab0bda8b9d9cb9bbd5b27033de8fbaf47dd4317a91260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLXmWpufY8NFzZNBAe7b%2BO%2B%2BZz9f%2B4L3WX93K7FvhhW%2B7aYxD2siRsPio30aOEJlRjzT6oFMmiMgyHOnjLw0PnUh0p0Pphn3e8BdU3SNhrwWFbDBVPWX2jyOnBr10XKhv1zIEj8X1GQUrHl3oBkZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d2c5bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
script.js
kiwiexploits.com/assets/theme/js/
21 KB
8 KB
Script
General
Full URL
https://kiwiexploits.com/assets/theme/js/script.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dadfa92870ab8b2c184e3004e32c63b872abb1350111ae995030ad2fdbe85ae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Apr 2021 15:41:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj9Qn1R7NN1bB3y1zvJ%2BG0Xrsrce3Gf52iXS%2FDrBfEYKAAWiCTz20FAZPSpZTRerH%2BEEqo7dF5i8NildS6Q9UX2D1%2FMux68UJAtCPFjDoUn0PD%2BUDyTWssNb5rZPu42Hd4jsn02xd1BfkGqOohy4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a22555d2d5bed-FRA
expires
Wed, 11 May 2022 13:22:58 GMT
ut.js
ahscdn.com/script/
52 KB
19 KB
Script
General
Full URL
https://ahscdn.com/script/ut.js?cb=1651928379975
Requested by
Host: ahscdn.com
URL: https://ahscdn.com/script/suv4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce085c69909224b56a34cb0c6eb20f6cbe8c88234a0b541c7636dbe45b800407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=1G6REg==, md5=gDLdkp92ciRk5WyuPfN0SA==
date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2087
x-guploader-uploadid
ADPycds6l2JIPy8Nxt-NylDopwYrLbQ0L1VK7bPN8MFREeHKaRzZRU6cz_HMc6vEdj21gJuN4uPoQsVtRuZchHE36eYWKkLczdqr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 07:18:18 GMT
server
cloudflare
etag
W/"8032dd929f76722464e56cae3df37448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xQRCC5vyljuBKYccBTPtt8oAFvhJGHSR1HWMlHxdvWlM0sJVA1HGkwpdEnF%2FwN0mEzKuhSA3czzfOPZSROJTOaOgcaHjVZrJVZ04Rlhpql7exCAXoaJ8wfsu7231Hk0qvhS95tCdveo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1651130297941385
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
52866
cf-ray
707a2256f8109bc2-FRA
expires
Sat, 07 May 2022 12:43:27 GMT
suurl4.php
youradexchange.com/script/
914 B
874 B
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=5468015&cbur=0.14782637956589695&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=KiwiExploits%20-%20Roblox%20Exploits%2C%20Cheats%2C%20Hacks%20Scripts%20%26%20More!&cbpage=https%3A%2F%2Fkiwiexploits.com%2F&cbref=&cbdescription=Here%20you%20can%20find%20the%20best%20and%20highest%20quality%20Free%20Roblox%20Exploits%2C%20Hacks%2C%20Cheats%20%26%20Scripts!&cbkeywords=roblox%20exploits%2C%20roblox%20exploits%202022%2C%20roblox%20exploits%20and%20hacks%20and%20cheats%2C%20roblox%20exploits%20and%20scripts%2C%20roblox%20exploits%20executor%2C%20roblox%20executors%2C%20roblox%20executor%20no%20key%2C%20roblox%20executors%20free%2C%20roblox%20executor%20scripts&cbcdn=ahscdn.com&aggr=0&chmob=%3F0
Requested by
Host: ahscdn.com
URL: https://ahscdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e406ff2da90226001e4e1e5cd49d97ca1f32fd9b80c10ac66f7dad7dae1a9c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json; charset=utf-8
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v13/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v13/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kiwiexploits.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 18:25:29 GMT
x-content-type-options
nosniff
age
326051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26372
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:49:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 18:25:29 GMT
mobirise2.ttf
kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/
25 KB
14 KB
Font
General
Full URL
https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.ttf?f2bix4
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784

Request headers

Referer
https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.css
Origin
https://kiwiexploits.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5meW%2BvxHV7VA2UaFbSrrv0RDwt%2FUXaOmYISCzsaX1ArDKQsV6rDh3vvXrlm3vhpPNvk3hxiSDg7Myq6gUVFfJbOyFLOzg5yIhjmmtuyzV2jqPrHMODRRBkyiRuADmOMIdrKkYv0zviXW23ASVjr"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2257080b5bed-FRA
expires
Fri, 13 May 2022 12:56:48 GMT
mobirise-icons.ttf
kiwiexploits.com/assetsmain/web/assets/mobirise-icons/
50 KB
25 KB
Font
General
Full URL
https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.ttf?spat4u
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7

Request headers

Referer
https://kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.css
Origin
https://kiwiexploits.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuwbAuLqF7YzrHFH25ve9K2%2Fr%2BSQ%2BmmqDnLzNNceAHYe14AGmb80XDk9LHUBSxgOWWMVtEC6DhR4lcZXOulbzfltGV7eNG9EIZKEHBm1%2B9jWHEkUxaL4DlpBSY%2BQLrujp73K5H8wGQBhV3FkG2s6"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
707a2257080c5bed-FRA
expires
Fri, 13 May 2022 12:56:48 GMT
socicon.woff2
kiwiexploits.com/assetsmain/socicon/fonts/
63 KB
64 KB
Font
General
Full URL
https://kiwiexploits.com/assetsmain/socicon/fonts/socicon.woff2
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/assetsmain/socicon/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2

Request headers

Referer
https://kiwiexploits.com/assetsmain/socicon/css/styles.css
Origin
https://kiwiexploits.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64512
last-modified
Sun, 29 Nov 2020 23:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MF9hcNm25GhjhnLx7Cyv2%2FWLnfv6gODUFQ1wd1BGuiDz3tl1nJRQyVHY8IVk3M2ZA0iUFdwcg%2FiehZFYxrfTw9oq6M%2BfwNn2Uw9C5lUEP%2BvMnO8e6usAzb2JE8yf5byHjHKs0ipkr4PiDuzooACT"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
707a2257080e5bed-FRA
expires
Fri, 13 May 2022 12:56:48 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/
308 KB
110 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8562196086359240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61118b5b30a908b47ed7e5abccde29272675b80cb7cc5655a52cc18dfd0f4330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112620
x-xss-protection
0
server
cafe
etag
12260150571008188374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 07 May 2022 12:59:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame 9FE4
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8562196086359240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 May 2022 15:01:53 GMT
etag
1428802124239944296
expires
Fri, 20 May 2022 15:01:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
220 B
648 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kiwiexploits.com&callback=_gfp_s_&client=ca-pub-8562196086359240
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a44ae1d00c17a80b76721322f8fb024fb48cde0c05b6c348add73cc9ec5b7f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kiwiexploits.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kiwiexploits.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8E03
156 KB
43 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&adk=1812271804&adf=3025194257&lmt=1651353382&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkiwiexploits.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380032&bpp=2&bdt=448&idt=115&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3909557611913&frm=20&pv=2&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
708327e19598ddc267d4184e86dbf97b975538c802e804045c3f1dc89e6ffcaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
44168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:40 GMT
expires
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D938
66 KB
21 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c11d61f4a1fc589e8db9f469fcc92d4dcbbbdca6ece68aa1785007fb01094f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
21095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:41 GMT
expires
Sat, 07 May 2022 12:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1806
95 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fb06135e97784c64ab82027042ed54fa7d14a8e2e2a48233bc3e6eeff475bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31415
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:40 GMT
expires
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6174
29 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25105ba9f7446280044e142f07c3b9974b3467889f1af0b0a0213166f4d081c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:40 GMT
expires
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C579
95 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa7dc54a4bfb003dfc89fc44bdbf240ebb6ddee0ddff3329e77de8ef839a8e2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31417
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:40 GMT
expires
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
12183400418307909586
tpc.googlesyndication.com/simgad/ Frame C579
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12183400418307909586?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmoyyYRG4y11IiK7U6DcjocCQo27A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e384647ad70e42ec6d7eea1e8fb840f2923f5c50c3eecd62548a8f915aa4fd18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 12:44:52 GMT
x-content-type-options
nosniff
age
346488
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17036
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 15:12:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 03 May 2023 12:44:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame C579
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame C579
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:55:27 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame C579
67 B
196 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 18:15:01 GMT
x-content-type-options
nosniff
server
cafe
age
67479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 07 May 2022 18:15:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C579
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 12:59:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame C579
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:54:08 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame C579
30 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 08:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12278
x-xss-protection
0
server
cafe
etag
12178443437409350037
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 08:13:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C579
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4htHPG12YoOTEIvTo9kPnLeVsA2spOHdaafXrYPQDqHf9tjaKRABIMDsmHxgldK2gsQHoAGVm7SOA8gBAqgDAcgDyQSqBNEBT9AW22zRRcDBdu8M-T2hw4rYy1RUqQC1jVd0vKNGcoyAPpkLi_rLj9fM2xlPUIvSWefELfjCGUnR5od-zT-osimhZ5zfqbSddy1_Trf_3XiDkEMAk0cd8ZOp-hH-RqL2VstlRhwk6z5P62CZOdIazYSCi2Mhjgpfpg2oMzWIoNAgTd7DCR5ezPlDcagS5zyQXXnSw9FunjGOy3U2hgAng0eYX-Cr_nCYmg17y9IoB0YhAFqK6YzYffwmligebQxLNo80C2Kr4ZLAI_DfmhgwOmTABMvdy4zyA5IFBAgEGAGSBQQIBRgEoAYCgAfT5MtxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQu_0G0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg1NjIxOTYwODYzNTkyNDAYAA&sigh=J6oEHnXjmGg&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 07 May 2022 12:59:40 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame FB4A
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3179
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:06:41 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame FB4A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:59:40 GMT
expires
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:59:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/
146 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/reactive_library_fy2019.js?bust=31067426
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2caed95f6d6801d6e45c9e27de9b21251452b9fbcb2f3a874efc4067f2d7697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52966
x-xss-protection
0
server
cafe
etag
994075262989915558
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 May 2022 12:59:40 GMT
truncated
/ Frame C579
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4a64e81dcf38fd1d48ffadf6f1ba45081a31db78b6d5fc506e1dc780564f6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 890D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C66SrPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTFAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_XBycsnhwVFsIl4cX6GmEpgE_6CE-OSlGItXo-6oC6-0TA7xr612gAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODU2MjE5NjA4NjM1OTI0MBgA&sigh=e4dehNIN2h0&uach_m=[UACH]&cid=CAQSGwCNIrLMczzihr4dpZ4xN1wJ_uz9KPWhykpDfBgB&tpd=AGWhJmswWwW6rOz5VGXiCAiRnVYr9CvLd915mpQiC2xg0J0b4Z8_WZBmUYkeDUm3LWqfPknlT9XTMSKyB5jv1M21FFATemi8pC3svQTQimbnsjIdiykKdCB-tn0_L7pyrZiVYztk6dTWU1ePMofMLMUu8WGmf8pmTieG3giwbA3s6WU6u-ZYgwP4zFNbKidnMQEs2K_N6uDoK2cf8inH8-z4vQmP0oMp2woyk0D5Nk97rAHNKNfNmaRVkIMHFDasLVcMvSGsF9t7-W82-qhqNNCWkTk0ibpAq1tUHYkubnWMEXYElpTU8yBHCiRCb502hV8pxmmgeuImmbX7wFVQLlX876WcvDv3yGakoib8Y1xvqPuBvzLJE4Ou05OUMc00PjQJo6Db6DkeDxpy0Ti7ZFYwTM9TTOE7EP526cie9Y2Mb1YzXsLmPqmn2EhAykMcT4cLjiD6ZZAK-6pXPbXtDbApxOLixBzb0c3z_uf1Sfk36ECITx61wLR3VKv0UgnaSP4RI3nDHgtWrAHddObEMFEdiQ8E11LOu94QEy2sPBg84ZK9QU9k0HY-_ioJ8l-xo_URsPLRBFWLzktK_rHIuxDByJ1aHPuLglPElb1_vdAtsiYt1VtqHvzyacsu8_WY9exqyJLunBI1BBoAqQtH_pNj-hRzZP0gCp2HoCeG7poLNGlkVIZOgqC688GAWS_r8ePX3zIABS_CbFbYxZmwLF8hLkWwZdVrpkrCreaYOhM6pFDSSfrV-V0H-PmvxwJL96BZ6AYKcBvXUnX7ZwJ46WPgp4VrzLqsMRcTnVdR6o6ZPijbkOB6E22ymXTk-2n7NzdwLnfaWu1GA46dKJsthO3poeNgXvRyLIkw0RPTqhUfZfd1fjW0hqinZxKFRi0yB7k4hFtjSNdFQexe4hDmCjL-LNTc6-TjYzW_oMeR4-9SEPibxBvW_sVjacE51ObMWo1u4XsWYuBKQxgDGDIOJXHIUwZPBOAUOo_uKmMlS7mgFUUgBhSA10EjhxKFQYayLz2MGbcR3OZhR305GRsYSRP02RJE5K7XCRuk8ij0Dwtujr0nruwv0vlN8RC6XffTZ1oOqas
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame 890D
2 KB
2 KB
Script
General
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRNeFpUWmpabVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1OTA5NTI5OTgwMTc4NDExNDAvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOdXpNdGpfY1g4SEF5SWh5QlFwdjRIdy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTkwOTUyOTk4MDE3ODQxMTQwL2Ftcy8wLzI2Ny82Mi85OTkvMzIyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY1MTkyODM4MC8xNjUxOTQwOTgwLzQvcHViLTg1NjIxOTYwODYzNTkyNDAv/VLg_6vsOL2dluHK784mibxAb8l0&nodeid=1905&group=cdg&auctionid=8590952998017841140&shardkey=8590952998017841140&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%26client%3Dca-pub-8562196086359240%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
bd711262d8d7097b41297b8cab58b9276ff392df6b784955604fc192afd0a0ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 12:59:41 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1651928380
Last-Modified
Sat, 07 May 2022 12:59:40 GMT
Server
MMBD/3.320.0
x-mm-latency
144 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
pao-router-x78, cdg-bidder-x144
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sat, 07 May 2022 12:59:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 890D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:31:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 890D
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 12:59:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 890D
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:51 GMT
12183400418307909586
tpc.googlesyndication.com/simgad/ Frame 1806
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12183400418307909586?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmoyyYRG4y11IiK7U6DcjocCQo27A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e384647ad70e42ec6d7eea1e8fb840f2923f5c50c3eecd62548a8f915aa4fd18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 12:44:52 GMT
x-content-type-options
nosniff
age
346488
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17036
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 15:12:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 03 May 2023 12:44:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 1806
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 1806
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:31:58 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 1806
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 18:15:01 GMT
x-content-type-options
nosniff
server
cafe
age
67479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 07 May 2022 18:15:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1806
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 12:59:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 1806
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:51 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 1806
30 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 08:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12278
x-xss-protection
0
server
cafe
etag
12178443437409350037
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 08:13:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1806
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKYKsPG12YpjUD72oo9kPv_WXwASspOHdaafXrYPQDqHf9tjaKRABIMDsmHxgldK2gsQHoAGVm7SOA8gBAqgDAcgDyQSqBNEBT9Bts1YXcPSitd7V2F3z0TCHH4BykFAGmY310XAvjulw0EfJedMJIbel8TmDEuQEjZx3tXkVQiWi99cc9KttXx_xZSSQwMYJVHZLlj9gjf1LTrCFEQEF3upmtbx6yEboHFCdomBStPyOPZMibPZFXnSw_kBUnXestPm6gno04Q75mqoDfQjb6MI7iEe1Ey4LyPjU8evm3-m8VP2DgK7W1MEAIH_9F-UFYQHLSGieEtfYCxLDH5d-gO0d4bDhirlFEHr7BvgJ921jrlwQkgPZY-_ABMvdy4zyA5IFBAgEGAGSBQQIBRgEoAYCgAfT5MtxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQuvYU0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg1NjIxOTYwODYzNTkyNDAYAA&sigh=9AdZQKlU1z0&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 07 May 2022 12:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kiwiexploits.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kiwiexploits.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/ Frame AB71
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 May 2022 15:03:43 GMT
etag
1428802124239944296
expires
Fri, 20 May 2022 15:03:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 590F
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3179
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:06:41 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame AB71
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 12:57:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 12:59:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 12:59:41 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB71
205 B
742 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:52:21 GMT
x-content-type-options
nosniff
age
440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 07 May 2023 12:52:21 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB71
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 20:48:25 GMT
x-content-type-options
nosniff
age
58276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 May 2023 20:48:25 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ Frame AB71
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:47:34 GMT
truncated
/ Frame 1806
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c84ea75e9a569a6e90b3386ddde38ecd05cb0964ce60d95f64d1a3d9ee8e975

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame A662
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380075&bpp=2&bdt=491&idt=110&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WN7FN5FdwV&p=https%3A//kiwiexploits.com&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 21:13:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
315981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13649
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 21:13:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 590F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:59:41 GMT
expires
Sat, 07 May 2022 12:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:59:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame D3A8
6 KB
670 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 11:03:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 12:59:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 12:59:41 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D3A8
2 KB
904 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:46:41 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame D3A8
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D3A8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:31:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D3A8
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 12:59:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D3A8
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:51 GMT
8ac99cc5020451d5a2f944f2abe6dceb.js
www.gstatic.com/mysidia/ Frame D3A8
30 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 12:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12291
x-xss-protection
0
last-modified
Mon, 02 May 2022 20:52:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 12:17:25 GMT
NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame EE00
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1651353382&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380046&bpp=2&bdt=462&idt=128&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jt1s1e3Zr8&p=https%3A//kiwiexploits.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 21:13:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
315981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13649
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 21:13:20 GMT
css
fonts.googleapis.com/ Frame D938
12 KB
967 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3007792220b169e1cb8b6c70d859f36f9d04b392636dffebaa4708df16b911c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 11:10:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 12:59:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 12:59:41 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D938
2 KB
904 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:46:41 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame D938
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D938
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:31:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D938
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 12:59:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D938
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 May 2022 12:51:51 GMT
8ac99cc5020451d5a2f944f2abe6dceb.js
www.gstatic.com/mysidia/ Frame D938
30 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 12:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12291
x-xss-protection
0
last-modified
Mon, 02 May 2022 20:52:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 12:17:25 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D938
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIrQvPG12Yr7cD4jZo9kPqc2v0AKg6dXpaeKV0Z_rDpnfydqTDhABIMDsmHxgldK2gsQHoAGLlJCBA8gBAagDAaoE0wFP0G9G-KFlVZBv4QfdrDSOwh92f5wLP5HHdHG1f1C-8JPw3odaP3Qn-HiPcKLT4rzotU1kAzH8Y_k-vGkKy6IToPuiFE9bxjtr5lbmAbLLfvvBt46_knJWfMnSvHRF4iozSGOXrRZRLUnas5P3TwY1X6oGKyHa2a2jCHLA7K5osVLIMA6NmB6FitwEQHAvHjLxWpPpl3-8GxfflJsQf9Y4M5nBBDGxn1SpDkPPwHDpYVjB8NqpEsgxtcBtSseNyhMC2bULFclxlWX8azbu70cY0PDqwATH4fuC2wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH3evvfqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELaDFtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTYyMTk2MDg2MzU5MjQwGAA&sigh=Ab15QdQYiVo&uach_m=[UACH]&template_id=5020
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 07 May 2022 12:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame D938
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame CF64
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 21:13:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
315981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13649
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 21:13:20 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0F8A
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:06:41 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D938
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bff5f0e02b872515250410bee01cc92622b571a65279b505640d37533521e612

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame D938
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 22:12:07 GMT
x-content-type-options
nosniff
age
312454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:12:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0F8A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380035&bpp=1&bdt=451&idt=132&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ed0Heewrjz&p=https%3A//kiwiexploits.com&dtd=137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:59:41 GMT
expires
Sat, 07 May 2022 12:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 12:59:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
xxvlvujily3i
hal9000.redintelligence.net/zone/ Frame 890D
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/xxvlvujily3i?subid=&rnd=8590952998017841140&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYnZtPAAFWMYKh9DIUAnoTw%26exch_seat%3D20035004448%26mt_aid%3D8590952998017841140%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_cid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%2526client%253Dca-pub-8562196086359240%2526adurl%253D%26redirect%3D
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
66f016857d7c1a7c8c174613ace7a9142c0551660fa87eb3cfad759aca71bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 12:59:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3435
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 890D
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=8590952998017841140&node_id=1905&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRNeFpUWmpabVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1OTA5NTI5OTgwMTc4NDExNDAvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOdXpNdGpfY1g4SEF5SWh5QlFwdjRIdy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTkwOTUyOTk4MDE3ODQxMTQwL2Ftcy8wLzI2Ny82Mi85OTkvMzIyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY1MTkyODM4MC8xNjUxOTQwOTgwLzQvcHViLTg1NjIxOTYwODYzNTkyNDAv/VLg_6vsOL2dluHK784mibxAb8l0&nodeid=1905&group=cdg&auctionid=8590952998017841140&shardkey=8590952998017841140&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%26client%3Dca-pub-8562196086359240%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 12:59:41 GMT
Server
MMBD/3.320.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x93, cdg-bidder-x144
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 07 May 2022 12:59:40 GMT
img
pixel.mathtag.com/event/ Frame 890D
43 B
405 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8590952998017841140&v3=651871&v4=4562306&v5=6622325&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRNeFpUWmpabVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1OTA5NTI5OTgwMTc4NDExNDAvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOdXpNdGpfY1g4SEF5SWh5QlFwdjRIdy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTkwOTUyOTk4MDE3ODQxMTQwL2Ftcy8wLzI2Ny82Mi85OTkvMzIyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY1MTkyODM4MC8xNjUxOTQwOTgwLzQvcHViLTg1NjIxOTYwODYzNTkyNDAv/VLg_6vsOL2dluHK784mibxAb8l0&nodeid=1905&group=cdg&auctionid=8590952998017841140&shardkey=8590952998017841140&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%26client%3Dca-pub-8562196086359240%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master cdg-pixel-x14 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 12:59:41 GMT
Server
MT3 4390 fb8620d master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 07 May 2022 12:59:40 GMT
img
tags.mathtag.com/event/ Frame 890D
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8590952998017841140&st=4562306&time=1651928381&nodeid=1905
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRNeFpUWmpabVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1OTA5NTI5OTgwMTc4NDExNDAvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOdXpNdGpfY1g4SEF5SWh5QlFwdjRIdy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTkwOTUyOTk4MDE3ODQxMTQwL2Ftcy8wLzI2Ny82Mi85OTkvMzIyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY1MTkyODM4MC8xNjUxOTQwOTgwLzQvcHViLTg1NjIxOTYwODYzNTkyNDAv/VLg_6vsOL2dluHK784mibxAb8l0&nodeid=1905&group=cdg&auctionid=8590952998017841140&shardkey=8590952998017841140&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%26client%3Dca-pub-8562196086359240%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 12:59:42 GMT
Server
MMBD/3.320.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x81, cdg-bidder-x144
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 07 May 2022 12:59:41 GMT
request.php
hal90004.redintelligence.net/ Frame 890D
Redirect Chain
  • https://hal90004.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=80d3b37ce7&subid=&uid=5ac0e93e1369fd4d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90004.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=80d3b37ce7&subid=&uid=5ac0e93e1369fd4d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
3 KB
2 KB
Script
General
Full URL
https://hal90004.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=80d3b37ce7&subid=&uid=5ac0e93e1369fd4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYnZtPAAFWMYKh9DIUAnoTw%26exch_seat%3D20035004448%26mt_aid%3D8590952998017841140%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_cid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%2526client%253Dca-pub-8562196086359240%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8562196086359240%26output%3Dhtml%26h%3D250%26slotname%3D6755976858%26adk%3D813426018%26adf%3D363049643%26pi%3Dt.ma~as.6755976858%26w%3D300%26lmt%3D1651353382%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkiwiexploits.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1651928380049%26bpp%3D2%26bdt%3D465%26idt%3D131%26shv%3Dr20220504%26mjsv%3Dm202205030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%252C1200x280%26nras%3D1%26correlator%3D3909557611913%26frm%3D20%26pv%3D1%26ga_vid%3D550740255.1651928380%26ga_sid%3D1651928380%26ga_hid%3D284216329%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D650%26ady%3D1963%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31065742%252C31067426%252C31067419%26oid%3D2%26pvsid%3D4184386158631581%26pem%3D119%26tmod%3D718649160%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DYYNWaAdNzr%26p%3Dhttps%253A%2F%2Fkiwiexploits.com%26dtd%3D134&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkiwiexploits.com&random=7216775572114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Protocol
HTTP/1.1
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b17076d3595dad5be366c348b30d0c973ccc597f12b107428a144cb2e1cb7bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 12:59:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
81465700100408600951399011952004
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1091
Expires
Sat, 07 May 2022 13:59:41 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 12:59:41 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=80d3b37ce7&subid=&uid=5ac0e93e1369fd4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYnZtPAAFWMYKh9DIUAnoTw%26exch_seat%3D20035004448%26mt_aid%3D8590952998017841140%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_cid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%2526client%253Dca-pub-8562196086359240%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8562196086359240%26output%3Dhtml%26h%3D250%26slotname%3D6755976858%26adk%3D813426018%26adf%3D363049643%26pi%3Dt.ma~as.6755976858%26w%3D300%26lmt%3D1651353382%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkiwiexploits.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1651928380049%26bpp%3D2%26bdt%3D465%26idt%3D131%26shv%3Dr20220504%26mjsv%3Dm202205030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%252C1200x280%26nras%3D1%26correlator%3D3909557611913%26frm%3D20%26pv%3D1%26ga_vid%3D550740255.1651928380%26ga_sid%3D1651928380%26ga_hid%3D284216329%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D650%26ady%3D1963%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31065742%252C31067426%252C31067419%26oid%3D2%26pvsid%3D4184386158631581%26pem%3D119%26tmod%3D718649160%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DYYNWaAdNzr%26p%3Dhttps%253A%2F%2Fkiwiexploits.com%26dtd%3D134&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkiwiexploits.com&random=7216775572114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 07 May 2022 13:59:41 +0200
link.html
track.webgains.com/ Frame 890D
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=81465700100408600951399011952004&js=1&nw=1
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
2151b1fd75647becd07f5777020056cd8caea82a975a2dcd938e5a4bba51741a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 12:59:42 GMT
Last-Modified
Sat, 07 May 2022 12:59:42 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1249
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842
5994599.fls.doubleclick.net/ Frame 71F5
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842?
391 B
343 B
Document
General
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842?
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.208.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s08-in-f6.1e100.net
Software
cafe /
Resource Hash
8500e51b5f859a8aad7843f03b19e5e2d6563a0730daf96fa47d066eb7cf3743
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
320
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:42 GMT
expires
Sat, 07 May 2022 12:59:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90004.redintelligence.net/ Frame 235B
6 KB
2 KB
Document
General
Full URL
https://hal90004.redintelligence.net/request_content.php?s=81465700100408600951399011952004&a=5cfb7362
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=80d3b37ce7&subid=&uid=5ac0e93e1369fd4d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYnZtPAAFWMYKh9DIUAnoTw%26exch_seat%3D20035004448%26mt_aid%3D8590952998017841140%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_cid%3Dadd36276-6d3d-4301-9314-bd656ac306fc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSi9hPG12Yob_D9Lqo9kPsvW-mA3Ph46bXMCG2YLGAsCNtwEQASAAYJXStoLEB4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMBqgTIAU_QmTkQQ3ECtLFfp_vz3EQEsYkXjHApulhSUma6bsEMZSXmJjsCZaVGOLphmckPSBaBPJGzs6IAzWh05rCz-yeTlvf9sx2e8zY8mXaUrPsTFjod7pmmN64wP_FKjKTVrhdW_najQWwVG8a7E-NmMF12j65k8S-ik8DkS9LUg1s8EAd86O0VhUCjCI0DeuDJy90McKNY-G-9gJTCgSkM_TJwU1tNffVrr_pU9HnmvWgZ66o48sq9-TaX40FSqrGYVKBoE6r7XBKKgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1fhLkqgi37fWS2N9tiJLOmgOnviw%2526client%253Dca-pub-8562196086359240%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8562196086359240%26output%3Dhtml%26h%3D250%26slotname%3D6755976858%26adk%3D813426018%26adf%3D363049643%26pi%3Dt.ma~as.6755976858%26w%3D300%26lmt%3D1651353382%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkiwiexploits.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1651928380049%26bpp%3D2%26bdt%3D465%26idt%3D131%26shv%3Dr20220504%26mjsv%3Dm202205030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%252C1200x280%26nras%3D1%26correlator%3D3909557611913%26frm%3D20%26pv%3D1%26ga_vid%3D550740255.1651928380%26ga_sid%3D1651928380%26ga_hid%3D284216329%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D650%26ady%3D1963%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31065742%252C31067426%252C31067419%26oid%3D2%26pvsid%3D4184386158631581%26pem%3D119%26tmod%3D718649160%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DYYNWaAdNzr%26p%3Dhttps%253A%2F%2Fkiwiexploits.com%26dtd%3D134&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkiwiexploits.com&random=7216775572114&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f7547f8d6d68bfcd4478d32bb1afe7bfb94831eb13af6e0aa6a720934ff021ef

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1901
Content-Type
text/html; charset=utf-8
Date
Sat, 07 May 2022 12:59:41 GMT
Expires
Sat, 07 May 2022 13:59:41 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 890D
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7931b884f7711406966526b49e0e07fcb79bdfa71913bb2b495c4e55ba56c5f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 235B
4 KB
649 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=81465700100408600951399011952004&a=5cfb7362
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 11:03:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 12:59:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 12:59:41 GMT
/
hal9000.redintelligence.net/scale/ Frame 235B
54 KB
54 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-star-wars-marvel-comics-panini-banner-1200x627.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=81465700100408600951399011952004&a=5cfb7362
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
91c775f1397acd5c87fb05d5050853a23dd7fcbe5cac32f231a25a07faaa76f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 12:59:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
54867
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal90004.redintelligence.net/ Frame 235B
0
150 B
Script
General
Full URL
https://hal90004.redintelligence.net/viewability?s=81465700100408600951399011952004&a=8aee7383&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=81465700100408600951399011952004&a=5cfb7362
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=81465700100408600951399011952004&a=5cfb7362
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 12:59:41 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 235B
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90004.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:24:52 GMT
x-content-type-options
nosniff
age
236089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 235B
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90004.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:23:45 GMT
x-content-type-options
nosniff
age
236156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 19:23:45 GMT
dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842
adservice.google.com/ddm/fls/z/ Frame 71F5
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM38meO4zfcCFchBHQkdXBgI4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6235599618340.842?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 12:59:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
serv
yahoo.adclixx.net/
18 B
616 B
Script
General
Full URL
https://yahoo.adclixx.net/serv?s=262
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:10fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56d52735fa3066f59b34f2ac0d61f11af9a68ea9da5540f27915bd400e48fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:42 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Sep 2016 22:34:59 GMT
server
cloudflare
age
6409
etag
"12-53ce3ec0beac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvRIOVadJLdaQ5ajKYj%2BbVytp4TWDk0giwNom8tONXCIYoK4cLDPDgMAOHEI4UoRuFlPqD0onAkxIaDS6jrgNr733N0AgIggJq7kTreMY7DXvAePNsLrdo1lwBJa2z6vDmfRjTJ8b%2F7mUOVIbamJbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
707a2264fe359bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18
favicon.ico
ads.twitter.com/
0
147 B
Image
General
Full URL
https://ads.twitter.com/favicon.ico
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
112
date
Sat, 07 May 2022 12:59:42 GMT
cache-control
no-cache, no-store, max-age=0
server
tsa_o
x-connection-hash
374b1f6f70408f12ddfaf567d5ac5f155b0d45d4f7e1f00c35bc00ca1935b9e8
content-length
0
pvClk.min.js
analytics.webgains.io/ Frame 890D
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=81465700100408600951399011952004&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-117.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
28562
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 07 May 2022 05:03:41 GMT
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
52083
x-amz-cf-id
DPQd12nUfssJVu--ROExOIFEHVS8oXW1QSZ7h675Rqc-HH3_EF91Xg==
link.html
track.webgains.com/ Frame 890D
667 B
1 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=99582&viewref=86163600101911001051022011952008&wglinkid=3432245
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1651353382&psa=0&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651928380049&bpp=2&bdt=465&idt=131&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=3909557611913&frm=20&pv=1&ga_vid=550740255.1651928380&ga_sid=1651928380&ga_hid=284216329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065742%2C31067426%2C31067419&oid=2&pvsid=4184386158631581&pem=119&tmod=718649160&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=YYNWaAdNzr&p=https%3A//kiwiexploits.com&dtd=134
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 12:59:42 GMT
Last-Modified
Sat, 07 May 2022 12:59:42 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
667
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D938
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutCgHmbT_z-HLfQsbgjk-BKnAi2GuzSHw8qnYVKtBNyPDeAfOaGow5QOk8_ALnvSqV_CbPYeXZJfACKx_O_rTqPJbSngYn2xrZgu0YmHBLSEKiNX03MYmDN2se&sai=AMfl-YQNaWA3r2ZQ1_Yf8pv8pdnKg5CA10DgsuWq9uXjQwyr8wqxYJyKpXBgLzA1nWUXpqpc9vMSlWyig1nz&sig=Cg0ArKJSzLD7PZ9mMdvnEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=971479690&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651928380173&rpt=1122&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 12:59:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
720x90.jpg
ad.foxnetworks.com/
0
0
Image
General
Full URL
https://ad.foxnetworks.com/720x90.jpg
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

favicon.ico
www.google.com/adsense/start/images/
2 KB
2 KB
Image
General
Full URL
https://www.google.com/adsense/start/images/favicon.ico
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9896814403e454b574cde1491a99de10fd710958bae77dc6399e79b24e53ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/www_google
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1595
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"uxe-owners-acl/www_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/www_google"}]}
content-type
image/x-icon
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/www_google"
expires
Sat, 07 May 2022 12:59:42 GMT
HhadN0e2s7nz2kAw8.jpg
as.inbox.com/
0
0
Image
General
Full URL
https://as.inbox.com/HhadN0e2s7nz2kAw8.jpg
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
64.135.83.163 Boca Raton, United States, ASN13645 (BROADBANDONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

ad-large.png
partnerads-test.ysm.yahoo.net/
Redirect Chain
  • https://partnerads.ysm.yahoo.com/ad-large.png
  • https://partnerads-test.ysm.yahoo.net/ad-large.png
0
0
Image
General
Full URL
https://partnerads-test.ysm.yahoo.net/ad-large.png
Requested by
Host: kiwiexploits.com
URL: https://kiwiexploits.com/
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date
Sat, 07 May 2022 12:59:42 GMT
x-content-type-options
nosniff
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-language
en
location
https://partnerads-test.ysm.yahoo.net/ad-large.png
cache-control
no-store
content-type
text/html
content-length
332
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 890D
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 07 May 2022 12:59:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 07 May 2022 12:59:43 GMT
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220504&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
093be46817ffd573d708c9d0efa42b6b34ffe6b3bf050c02a6befe5ac2a46d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 12:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10532
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8562196086359240&plah=kiwiexploits.com&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 12:59:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8EE
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:54:48 GMT
expires
Sun, 07 May 2023 12:54:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F489
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
77150c431883782916eb3eef1aa958e0636913b69dddf3c770ca5f96ab7f0142
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U2covmjOziT8BkSuiSQNUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kiwiexploits.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-U2covmjOziT8BkSuiSQNUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 12:59:43 GMT
expires
Sat, 07 May 2022 12:59:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame D8EE
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 21:13:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
315983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13649
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 21:13:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F489
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220504&jk=4184386158631581&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame D8EE
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?-u6IgQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 12:59:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220504&jk=4184386158631581&bg=!trWltfHNAAZX5TVhd-U7ACkAdvg8Wl_xS54vMXrFaXTQqkzUG1AteXKJvmzFU9u5qcn7H9en_SgQPQIAAABBUgAAAAJoAQcKAN7loKjE2U-W8Usrb92Fu1NBW0s0vSx_1J_YDVb29-xd2n-QuvfLVmuGKGtsTMqgDzblub3L4Hu19SygCdvpm4cMAl1JvQc1aZLAzWfkMMRnuCxphKRopCh845K6S18thJ-kZEoMid11zZuvum_jrFHZnu_Nojz1vD-L5Q4AwvetMN1Jfh5XFnS3o1lZMadW4voslUNfyFF5ZgXsLoY05EaCEQt6ZN3Zip9JtKCiiLvOo9a_1gBXegt32QFjJ5sELIVzmnJkkWMoOagvWz5ChrhHzXlyvqQE8dRrhIwhKUGZAp_ELiD7eutVAIPyEABQGMf2fTzLXO6PecI80WYQnLYv4XhLZhPY29nR2uIiLshFNPcM08NIhFg6gCoQvG7rFiDWeNScykDNpRbNJeOBum0ZoEVRAhIufwuyqgEPnTHrhY40V6ynJFWroyZT5D1SuaYoa1mscyQ-XgMVmXzOxIbAUFI8zUwr5e5lIMqJuIw6TRyNZ8AW58HwSqu0rrWdTOnBK1zJS5Ab-uZbpykBQcCwB1zFPhcwSYq0l-9QjcP0GTYUc2jEjI_ZbfukJA1TbLAKTNzvXFi2LcK-iVERlzbgKgEBFIMeiYmjmPVkAKMnSUWfoxpQaA_Wsk7jLdYmnJLIJU7G9YwKhPJrw9pEGuvSXm3EZo_qphSiBAWCHsrcfEv3xUqpqBXUSxfgcr3KvqBr49G9g1j3MNvrsGJIbIF9BOnV_cViULlUEKBzE0f190Ix3thni_4DKBHYxCSgpuTZ8y2RFtJhmc7VR9V_dCEj1sQHi7-H5k-y_5tBGzZffrtwiQ886ANH66q7pmFWB8OMUQwW1Xe2P8KP9NTacwcdRs-blEeLiwcQa3_9ubOvMtX0mfmE4sNhssywxUWXGisZ3TnSF2zPo0ZK9a_nzfdb0qaTERzQyx1xTdv7Ezp9tZFs7Be22TOylyWVnvAYj-GegfBtznrMNKojTN8-OmfSWbvITIJGEmzZMS79gqqk2BI0n9RB8NZlPxDjpXOgywdhKVgulDGt2WPY474sYTxnRPgawzhlBYSqo1IC_4EFD_GKiQ-D6JQDfj5qPRHq5cP7XboXfal9X4dkFyYYQW9kkpG-ZXTHbf45dTW2HbfPOg1LuvNdy3i8Ga-CHFBoVdyqgStYDbJMKijZ8sAgLvlMXiTh4bWQf7s0Lgt61LzGzw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kiwiexploits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _0x57e0 function| yoIdvBbXkug string| vyvoCYFNlXFd string| laYmXiGeYc string| uqfsWSDUyG object| _0x233e number| NOeIpOhE number| x number| c2 number| c1 object| Wk9y8gBf3sHqD function| oLpVlhnHbado object| regeneratorRuntime function| s2ss57ff boolean| s2ss57 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint function| gtag function| $ function| jQuery function| Popper function| Tether object| bootstrap function| SmoothScroll object| google_tag_manager object| dataLayer object| $jscomp function| updateId boolean| isBuilder boolean| initTabsPlugin boolean| initSwitchArrowPlugin boolean| utm57 string| utsid-send function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag number| nH7eXzOsG object| mXfcsZrQe string| c string| d object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.kiwiexploits.com/ Name: __gads
Value: ID=99c8a7cb82df5ed1-22cf7c1f8ecd0077:T=1651928380:RT=1651928380:S=ALNI_MZy7cegbQENx9vfNWGCGEZRRpnZcw
.doubleclick.net/ Name: IDE
Value: AHWqTUk6RzkOemWBiMmQakqngJ7Kamzou7wjusfbBfmuMNN7Zhip6QNErhwzaiuz03s
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mathtag.com/ Name: uuid
Value: add36276-6d3d-4301-9314-bd656ac306fc
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 052f3d2148d8bae2

4 Console Messages

Source Level URL
Text
network error URL: https://ads.twitter.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad.foxnetworks.com/720x90.jpg
Message:
Failed to load resource: the server responded with a status of 400 (CNAME not recognized)
network error URL: https://partnerads-test.ysm.yahoo.net/ad-large.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://as.inbox.com/HhadN0e2s7nz2kAw8.jpg
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.foxnetworks.com
ads.twitter.com
adservice.google.com
adservice.google.de
ahscdn.com
analytics.webgains.io
api.webgains.io
as.inbox.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90004.redintelligence.net
kiwiexploits.com
pagead2.googlesyndication.com
partner.googleadservices.com
partnerads-test.ysm.yahoo.net
partnerads.ysm.yahoo.com
pixel.mathtag.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yahoo.adclixx.net
youradexchange.com
104.244.42.131
138.201.63.116
138.201.63.149
142.250.184.194
18.66.248.117
2.18.233.201
216.58.208.102
2606:4700:3036::6815:10fb
2606:4700::6810:5514
2a00:1288:80:807::1
2a00:1288:80:807::2
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a06:98c1:3120::a
2a06:98c1:3121::a
35.190.41.116
37.252.172.250
46.236.13.147
54.76.212.160
64.135.83.163
74.121.143.241
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
093be46817ffd573d708c9d0efa42b6b34ffe6b3bf050c02a6befe5ac2a46d0d
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0f9896814403e454b574cde1491a99de10fd710958bae77dc6399e79b24e53ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e5f1b6b9c227170bb28f129353ce5b9e48ad5209ea4975367cf96f9e2114c18
2151b1fd75647becd07f5777020056cd8caea82a975a2dcd938e5a4bba51741a
2415fd7bef273512914154b21969872cf5137447829a5f450de35b623b47f8be
25105ba9f7446280044e142f07c3b9974b3467889f1af0b0a0213166f4d081c8
2c45a5eb97e8ab82131877dc492284c753ffd80dfb15d9737a4fd13ada1c3351
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
3007792220b169e1cb8b6c70d859f36f9d04b392636dffebaa4708df16b911c1
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3c357fd664564c732b2d818e672bcb5930027dec33b3c1a77352578fe438028b
3c84ea75e9a569a6e90b3386ddde38ecd05cb0964ce60d95f64d1a3d9ee8e975
3feb5d6710e2130bb0a8c15da4a8853d9bcfa3ffe34aac2c12a4743d4a492583
41f595a1b2041a716b5d07ada5ffe7367b57c2faccfacfdef8ca68f312e5b866
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
440645cad3480edeaa059f0ebea205fa6ec59832f5a829141697a0f9f284d39c
46fbe565e5f79231e72e4c7c3f4431ad216d1f6513ff83d6daaa13e48bba8c23
4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7
4c11d61f4a1fc589e8db9f469fcc92d4dcbbbdca6ece68aa1785007fb01094f9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61118b5b30a908b47ed7e5abccde29272675b80cb7cc5655a52cc18dfd0f4330
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66f016857d7c1a7c8c174613ace7a9142c0551660fa87eb3cfad759aca71bdf4
6b2af3ae8a31b5afe64b22148341c1831768fffa439d4f52d6e13273c63d1df3
708327e19598ddc267d4184e86dbf97b975538c802e804045c3f1dc89e6ffcaa
764426bc6ab6571cf3c9c4a2f4b8e49cdf8b94f635198f980332e2967d81fee9
77150c431883782916eb3eef1aa958e0636913b69dddf3c770ca5f96ab7f0142
7931b884f7711406966526b49e0e07fcb79bdfa71913bb2b495c4e55ba56c5f4
79813f08f0086728414a947cd1ffa621a64e95f35788f1ab2a256b9a3b03fa0f
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7fb06135e97784c64ab82027042ed54fa7d14a8e2e2a48233bc3e6eeff475bb3
8500e51b5f859a8aad7843f03b19e5e2d6563a0730daf96fa47d066eb7cf3743
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
91c775f1397acd5c87fb05d5050853a23dd7fcbe5cac32f231a25a07faaa76f1
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1
a2caed95f6d6801d6e45c9e27de9b21251452b9fbcb2f3a874efc4067f2d7697
a44ae1d00c17a80b76721322f8fb024fb48cde0c05b6c348add73cc9ec5b7f67
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a83fd1f588d25ac17d21af2f07176f03ecd669f39e9224ebe409571954a10e85
a85c452eb5ce99420acb144732fe81de89ec8b0e4978d8d8dc19734720a069ac
a958054aba0df8e253b0fd68862459386a7b68630a377fbfee051675e3ab706c
aa7dc54a4bfb003dfc89fc44bdbf240ebb6ddee0ddff3329e77de8ef839a8e2b
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
afcc90bbc33eb40941c2b45b179afd4eb5f14545e6cf4fc5d9f1d396ffe6a1a0
b0ccd89551b3cb44b0a7dc2b8439957a38f3c6fd898c02f178f00312df122794
b0cf918213747e59ed554a87d5e821487bc728f2cbb3460d4a2f08735391c44d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17076d3595dad5be366c348b30d0c973ccc597f12b107428a144cb2e1cb7bf0
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
b8f226fbb7f2f8018f5ab0bda8b9d9cb9bbd5b27033de8fbaf47dd4317a91260
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd711262d8d7097b41297b8cab58b9276ff392df6b784955604fc192afd0a0ac
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bff5f0e02b872515250410bee01cc92622b571a65279b505640d37533521e612
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
ccaab61570b7a9ae5fc2c276de50162f84114354e44991aea54db17fcb04b5b8
cdcbe8357cc75719dbb1b931f7f8b7690b94480814ee062742b0243a714b80e5
ce085c69909224b56a34cb0c6eb20f6cbe8c88234a0b541c7636dbe45b800407
dadfa92870ab8b2c184e3004e32c63b872abb1350111ae995030ad2fdbe85ae0
e384647ad70e42ec6d7eea1e8fb840f2923f5c50c3eecd62548a8f915aa4fd18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406ff2da90226001e4e1e5cd49d97ca1f32fd9b80c10ac66f7dad7dae1a9c6e
e56d52735fa3066f59b34f2ac0d61f11af9a68ea9da5540f27915bd400e48fad
e6fc0c9448488fc8a866c7632f54b0408cd105d4289277a2407427b18aaef0fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f5f9fabf5def6c14f22f8bb87dbea8bab02c4a336f7c184ead31aaddca428197
f7547f8d6d68bfcd4478d32bb1afe7bfb94831eb13af6e0aa6a720934ff021ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc4a64e81dcf38fd1d48ffadf6f1ba45081a31db78b6d5fc506e1dc780564f6c