www.kiwiexploits.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kiwiexploits.com/
Effective URL:
https://www.kiwiexploits.com/
Submission: On December 10 via api (December 10th 2023, 9:13:10 pm UTC) from US — Scanned from NL

Summary HTTP 104 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 104 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kiwiexploits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 18th 2023. Valid for: a year.

This is the only time www.kiwiexploits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 32	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 13	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e4:... 2606:4700:e4::ac40:ab13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:bc6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
104	20

32 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.kiwiexploits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:ab13 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bc6e (United States)

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	609 KB
32	kiwiexploits.com 2 redirects www.kiwiexploits.com	484 KB
14	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	144 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	43 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	acscdn.com acscdn.com — Cisco Umbrella Rank: 127549	121 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	158 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 9642	408 B
1	pubtrky.com pubtrky.com	409 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 35155	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	25 KB
104	15

	Domain	Requested by
32	www.kiwiexploits.com	2 redirects www.kiwiexploits.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	pagead2.googlesyndication.com	www.kiwiexploits.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googleadservices.com	www.kiwiexploits.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	www.kiwiexploits.com googleads.g.doubleclick.net
3	acscdn.com	www.kiwiexploits.com acscdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.kiwiexploits.com www.googletagmanager.com
1	www.google.nl	www.kiwiexploits.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pubtrky.com	acscdn.com
1	youradexchange.com	acscdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	www.kiwiexploits.com
104	19

This site contains links to these domains. Also see Links.

Domain
mobirise.in
youradexchange.com
spdmteam.com
aka.ms
mobirise.site

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-18` - `2024-02-17`	a year	crt.sh
acscdn.com GTS CA 1P5	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
pubtrky.com GTS CA 1P5	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.kiwiexploits.com/
Frame ID: 5CEA07F57004357920C4C574921AFF04
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: EB251573A6F82DDB2B544F8E3535098E
Requests: 1 HTTP requests in this frame

Frame: https://www.kiwiexploits.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: AA9C3551B9A62F98D3E263ED81E15A85
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&adk=1812271804&adf=3025194257&lmt=1693189026&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785616&bpp=19&bdt=968&idt=323&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6358347301685&frm=20&pv=2&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=340
Frame ID: 0E3E592B151D19FF59BD9AF33C108B8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1693189026&format=300x250&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785635&bpp=1&bdt=986&idt=325&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=330
Frame ID: 20822CE34A48F35483868B825639A03A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1693189026&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785636&bpp=1&bdt=987&idt=332&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=337
Frame ID: F1645FE6B740549DABBAACF12B6D4B00
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1693189026&format=300x250&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785637&bpp=1&bdt=988&idt=339&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=341
Frame ID: 3075D9F9393764C368834CA77FC2E379
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693189026&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785637&bpp=1&bdt=989&idt=347&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=349
Frame ID: BBBB0ABD5D98CA05312C9352AA275B75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DFCFD9F446223916F321DFBC75692582
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 94C6E23EC047C323ACB27C984271B338
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6FD57DD2D4B4689C7449363F6BC3AF56
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: A9ED0256CB3F2ECD3938FD06EE5EA567
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 4C688932D914859224EEA87186324A24
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4AF89B18E158D2E54A36DBC15156245A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 1491239825981F146D80918D4A00C284
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E920DBAA37650D5DBAA88BD15A2076C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC889B9AD0C50EFEF9FF19AA38D92159
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best Roblox Exploits - Roblox Scripts & Cheats - KiwiExploits

Page URL History Show full URLs

http://www.kiwiexploits.com/ HTTP 301
https://www.kiwiexploits.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

104
Requests

97 %
HTTPS

95 %
IPv6

15
Domains

19
Subdomains

20
IPs

3
Countries

1802 kB
Transfer

5144 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://mobirise.in/
Title: mobirise.com

Search URL Search Domain Scan URL

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

URL: https://spdmteam.com/index?utm_source=Featured&utm_medium=Get+Exploit&utm_campaign=Arceus+X&utm_id=Arceus&utm_term=Mobile+Exploit
Title: Get Exploit

Search URL Search Domain Scan URL

URL: https://aka.ms/vs/16/release/vc_redist.x86.exe
Title: C++ Redistrubutable 2015-2019

Search URL Search Domain Scan URL

URL: https://mobirise.site/f
Title: (function(){var js = "window['__CF$cv$params']={r:'83387d58c8220df4',t:'MTcwMjI0Mjc4NC42MzIwMDA='};_cpo=document.createElement('script');_cpo.nonce='',_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.createElement('script');_0xj.innerHTML = js;_0xi.getElementsByTagName('head')[0].appendChild(_0xj);}}if (document.readyState !== 'loading') {handler();} else if (window.addEventListener) {document.addEventListener('DOMContentLoaded', handler);} else {var prev = document.onreadystatechange || function () {};document.onreadystatechange = function (e) {prev(e);if (docume

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kiwiexploits.com/ HTTP 301
https://www.kiwiexploits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.kiwiexploits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kiwiexploits.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=CZvCf4il2ZZGSApukjuwP5rOrmAf8-6TUdIXbztP_EamP_MIDEAEgwOyYfGCRhKCFjBigAffim7QoyAECqAMByAPJBKoE1wFP0JvmHh8KFt1l-L-tZbOrtoH9uwalouNYg8S-GRiZnCtUYXygOEwzkkb2ma2MVhrl2GyXms_xw3nhbvTc4o7lFtAyoUhwHkZRIZyc4C6-dGtL6FXBQDhyRCI5NkgSOew5m6NIAqa163ag73fuDTiXdK9hsxT8rgwc6Hqq7k1CSO-OdM0g5Bn1xDpoU2lhDylQZn1K4uBVh16HF0pii0BY3qhQcN8ofwG17GlrolYh_Gh5Xg97aYUBOZrxe6ImYsZtWf3kQnrpmxp6mazMq_jEEMU8UObqAcAEpO-65cEEiAWCoq_pTJIFBAgEGAGSBQQIBRgEoAYCgAf3muyTA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJPXCNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjuXUxOSFgwOaCTpodHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvP2NhbXBhaWduPTIwNjIyMDcwMDE4gAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItODU2MjE5NjA4NjM1OTI0MBgA&sigh=4oogxK_VUsk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNf3SMF0WNjEgBKV_opC2BPGdUEttfSVKAnbBPiji4RYhYINXMwdIb9FhocX8atHEur2piwhriGtSZwF5w0J4xrXMEJtQ51MBkORgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224575904263399349926%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216859134334817271057%22}&andc=true

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=C6Qpl4il2ZejWAprMjuwPjMW6gAj8-6TUdPXhztP_EamP_MIDEAEgwOyYfGCRhKCFjBigAffim7QoyAECqAMByAPJBKoE2wFP0PnnVYnmgkz3Ay_FTfvGx1u1og0he4Ube5nCQZzpK-0ZV5awGVWtN_V3rSwQkm0E0bbK66umq5ZJXFMRhU2lm-T3bXnSB55QueVbbV83T5HrflsqhgLBEBQBE_Psropbep7QgZ6To9dqaBUizzfMTXlawoJ3LTvg5nSAXxALIFaSH3BDdLnzBX8il3bGVljjJGrlcBSpJNmZpMLEuQVOjGsSXb4UurO9-HbYEZBJqdbLu-KWsT2kj5PRiX3CZlSefNPI26L1124NZ9OG2WNW7KXky-quyMU5YWTABKTvuuXBBIgFgqKv6UySBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCp2ivSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJ6n1cTkhYMDmgk6aHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lLz9jYW1wYWlnbj0yMDYyMjA3MDAxOIAKAcgLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2BMN0BUBgBcBshccChoIABIUcHViLTg1NjIxOTYwODYzNTkyNDAYALIYBBICgmg&sigh=eOg-12U8ibk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNP2OakPJLlg1hqQONs3jU4gWSpUzrgwWGfbgw70xbldUssapRWLDxfycveT5s-BbY8rla92buzQsMqlGMqH5bceNvQnY7bcBK3o8YAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214649579118236036611%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215312210450673906961%22}&andc=true

104 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kiwiexploits.com/
Redirect Chain

http://www.kiwiexploits.com/
https://www.kiwiexploits.com/

19 KB
5 KB

600ms
534ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c700fa216c49b9ec086829a4af8e48f7e0f4068a002ea2542273dde68801785

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83387d58c8220df4-AMS
content-encoding: br
content-type: text/html
date: Sun, 10 Dec 2023 21:13:04 GMT
last-modified: Mon, 28 Aug 2023 02:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aDqvtTiu%2BxUIVZGX%2B%2BRxuJ1mdlg%2BQuoOto0moQR1mMnqpbe1C%2BYN34b4%2Bd0T4fvIMZ7pk80wR51%2F7rs6kWr6rwoCRl9dUF%2BYdZSlrRbQMFZEiqNv3XY8tv2J36EmGiVJsWK4CFPR3bLtAc64bqAYpcSRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 83387d5828f2b78b-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 10 Dec 2023 21:13:04 GMT
Expires: Sun, 10 Dec 2023 22:13:04 GMT
Location: https://www.kiwiexploits.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvgqMfn9eJOYXcZZADwzY%2B36yhW5LHFt1jTiBmD8HGi%2FlsVBpRSzr9HJZkjBxezSpVzGEOJHuyXWV7ufwGXc6kWx%2FMOLS1671St%2B%2B3HKHUPUGcc9D1ClbRnn3KwLM6ugGQlAs4G19Juu9M0e4X0xOfgexw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 nab.js Show response
www.kiwiexploits.com/ 7 KB
2 KB 548ms
545ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/nab.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2470f44572c91daca6e64da9ae31a2f91fdea031f0b5a028ba63dc8daf8664a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 02:15:16 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdzyT8MAcySjnceAuzRopSK0y8qCGEY1ZIAygTFactrAHwiY1uMDPqaF29PotEw0WFWuaUsHGGis%2Bwxxqzmj%2BGzFWwWGbSGoa2KD3Kv2kIdLZm2U5qIGEKBNHYTtWbs4RCVybcoED8m49aLYl9eTw4EXkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5c2bfd0df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/ 158 KB
25 KB 130ms
42ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kiwiexploits.com/
Origin: https://www.kiwiexploits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 829152
x-jsd-version: 4.6.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220102-FRA, cache-ams21031-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfQXVUj4keX93cukU8IBWtLOTtRR4JvI0tEdZ9ia4gO3f18d1v9MMZHKZlb4NWZnKWZZqM4HB90wLeli35kyKeXA8CRKu0ificAFn0oNtrGt1ARkGmnx9XXQjHrotX41dIc4UOVEq4oRtypwfYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83387d5cbb396667-AMS

GET
H2 200 mobirise2.css
www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/ 9 KB
2 KB 541ms
539ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdcbe8357cc75719dbb1b931f7f8b7690b94480814ee062742b0243a714b80e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh5Q7xKsNDjqsyU9xcR2qMY6eWUjOe5IlzeAIL1eWPVMLOGc5oMa9p%2F2KddvvXx0NmA%2BhgVZFhqRYMtOuTKeUcriklVOlvV7G5iY6mAYiTM%2BgyNZrOQAC1wEOHYaVwR1iWG9TfVKb7pVHOfUuSBmgg0hKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2bf40df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 mobirise-icons.css
www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons/ 7 KB
2 KB 546ms
543ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0cf918213747e59ed554a87d5e821487bc728f2cbb3460d4a2f08735391c44d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdM9k2W3UgsBpjL5hM1ngRkU3N7pwU5RkuA2J8oM6UjCE4b7hQlY2%2FmUwmMKNipNvUkJmOKnXYgZr20Ku40F9LM4KiCaFORLMdlfCImGEfPEQe8Yydb0aSVNSqVMEjxc9Gpo0LMJVJQrWqFbQnc4kVPnOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2bf80df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 tether.min.css
www.kiwiexploits.com/assetsmain/tether/ 237 B
380 B 546ms
544ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/tether/tether.min.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiH3j6kqL47FfQUi%2FhZQT6DKGvRv4ofZggRpSJ1VRQ186cd2fQMe%2BYFtc4ccj0b1V7MZn6CKHLOZgJCaVVU5iO%2BHp8WDv4Z1YsQqmgMdvb4VMfy7feMdlzRsxLarLjoAdNtPcl07XWlyKLKTdZZaFDfxVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2bf90df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
www.kiwiexploits.com/assetsmain/bootstrap/css/ 157 KB
25 KB 721ms
719ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/bootstrap/css/bootstrap.min.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va2f6LvWWbz6j%2FnfD9nvTeLFYnLOlmsImzfjHMy%2FfWJZZLMflnEk0foahCPH9Og6rCaYD7LYoOsWvM2SM6ujoQYQXwHmzCQAbGBT9hrngcg4EZ9laC2elvJOpdzsVmK4OVqHb%2F7ewIS7jDHDM2AeYfET%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2bfa0df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-grid.min.css
www.kiwiexploits.com/assetsmain/bootstrap/css/ 49 KB
7 KB 496ms
494ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/bootstrap/css/bootstrap-grid.min.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c45a5eb97e8ab82131877dc492284c753ffd80dfb15d9737a4fd13ada1c3351

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z54EibGssFAZgXt7mwz%2BI4sewa62wiSjvKJpswWFZI2pD0Bf66YMkVNK8aMBI%2FevpbmRv3l5r0MQCbt%2BKTy9bxkI9aiuv9PoFydm63qv%2Fl%2FYLY1sEMZ%2FguVGbYYqMZfur89akAAo39ehOssDbG9fNTX8OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2bfe0df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-reboot.min.css
www.kiwiexploits.com/assetsmain/bootstrap/css/ 4 KB
2 KB 552ms
550ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/bootstrap/css/bootstrap-reboot.min.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 440645cad3480edeaa059f0ebea205fa6ec59832f5a829141697a0f9f284d39c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN3w5ChXnRoF6z5fm%2FG9bZt5PItWQSSH3A5PYtH6agbjGnwbTfQ25vwtHrDVFKvAjv%2BOtF91dczEI15veB85uhJKhWMtixSVpsu9GvH7EK5ByK6ZR1AR5KWoN9jTYrBohtKGIH8CEBmxd7%2FpTs5lAUdt%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2c010df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.kiwiexploits.com/assetsmain/dropdown/css/ 8 KB
2 KB 547ms
545ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/dropdown/css/style.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lR6RvctZt%2Bt%2FMj3v6y8oCphgZHPGKMMb3Yjov2ualhqDsDWBoh587Btg%2F5aCb1e0WeTQ4j8hcLC3%2BIP1FXonSJp5QaxKCjGrHofQy5MTHUyBzdN6hmiZBtCqWhRv0FuHNPJ2tqP6%2F8fF3hBXZrlyNbeWzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2c020df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.css
www.kiwiexploits.com/assetsmain/socicon/css/ 15 KB
3 KB 541ms
539ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/socicon/css/styles.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccaab61570b7a9ae5fc2c276de50162f84114354e44991aea54db17fcb04b5b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGW2OSunD9WEBNGyzTFx2n9EFbly5%2FXfWVKVelrK9EIFRkmswHB873gmvixRfnnAsQYezbFsUkxitOPNiy%2Fqal%2FrX2w%2FVKdCy1Art6f8cQBJT1pQc%2FwPxPJE%2BRN70HAZFEQi42V%2BVx20PiVSVcqmWvmqTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2c030df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.kiwiexploits.com/assetsmain/theme/css/ 17 KB
4 KB 549ms
548ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/theme/css/style.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afcc90bbc33eb40941c2b45b179afd4eb5f14545e6cf4fc5d9f1d396ffe6a1a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOpoiuYhSaql%2BgrnF%2BVirwCjpLEq5mGfVaj0f91FeBpNX28hCXjgddk1XAWeLS%2BUX0lLUE84a9IhcTCCN15A8hHOi3gggIejGVt4cLqa23vtghCSZoXlPKT8TekV8KkLR3s%2F6pvAd1RmAJ3VMA9NcNcLUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c2c050df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 mbr-additional.css
www.kiwiexploits.com/assetsmain/mobirise/css/ 404 KB
32 KB 766ms
765ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/mobirise/css/mbr-additional.css
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eab9aaaaf7906499964d8a608c0ad0c23c18f3f84209de5c4ecfe982aa3179f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Sep 2022 22:01:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIMf5vIyhTBD8Xtk4hKMlznravsw7N8%2F4BuKRZ%2BFP95HKkzGwbz1MYK%2Fun1%2BL%2B4n4CWkCgRgNJQFLbgrMv4Xk%2BkEf%2Bdg%2Fe462LKQaf8XZkFFwOAVI8R4EEe%2F2XSjIMiW4f4UhEl8ArGrhbL2N4c7Jp2C4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83387d5c5c3b0df4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 suv4.js Show response
acscdn.com/script/ 198 KB
60 KB 107ms
40ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/suv4.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b10e9caa6fb373349ef3b886574f632123288ec262a8855984346878a4cb774

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1774
x-guploader-uploadid: ABPtcPr5HCNSmempYzWFzG69hF64IHwpFZaFVLGoDU4VWUPB2hzE9bk1_hKCHTWu6Ufa1atRoZ1rfuipIQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 14:04:11 GMT
server: cloudflare
etag: W/"46fe731714434788a6b4238f2a29d221"
vary: Accept-Encoding
x-goog-generation: 1701698650971889
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=fPIuDw==, md5=Rv5zFxRDR4imtCOPKinSIQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lScmWY7%2F%2FFSqiEpEwbqRWWNGx8VMihIrQz6hTaWIkUG7jStaYPqfVvdp%2BeUJAgqiiiZEGrdejJsJLq6r3A9KKcVp7yP2WlA2Laf8Gmj9zg%2B1Gz%2BhEDGf6ERtDScPsNuwkf8l9IeSohny"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 202851
cf-ray: 83387d5c9c850dfb-AMS
expires: Sun, 10 Dec 2023 21:28:20 GMT

GET
H2 200 kiwi-1.png
www.kiwiexploits.com/assetsmain/images/ 42 KB
42 KB 894ms
893ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kiwiexploits.com/assetsmain/images/kiwi-1.png
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a958054aba0df8e253b0fd68862459386a7b68630a377fbfee051675e3ab706c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
cf-cache-status: MISS
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPGlo8gR3yjlY2jFzcd8AW3%2BqYO6Ou9D7SkyAPYbZkG%2Bv%2BEdJoyze%2B5VG%2BI%2Bi%2B2l5K04G776UcJsJw692Z%2BGP6N0U90T9FX46GHP5VlZ3exnibcvFZjxK8%2FwnjvPtNwB0a88ZmC1ER%2B8VrGC7H5ouOJPGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83387d5c5c3d0df4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 42756

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 156ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8562196086359240

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e956ec59de412b7b1e8b57dc87f2ba55054f2ba3137c00dc9dbf024c78f2a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Origin: https://www.kiwiexploits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52024
x-xss-protection: 0
server: cafe
etag: 13385405070884436419
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H2 200 arceus.jpg
www.kiwiexploits.com/assetsmain/images/ 105 KB
105 KB 910ms
909ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kiwiexploits.com/assetsmain/images/arceus.jpg
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64946eb4f637d4cbab7290b344592a476f7f62350a4e8d7317df122ef6b4d91e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 31 May 2023 02:24:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JssdzG09imm8XnUblI4QmtVTKt2snEVGUPRQUoFr0L3ig5O1Wd72u0XYrqcqN4xp3Fq4ojE9QNs4nwaerpj03C%2FkVXVDHXFpgmuzg11htd9cKQ6OYlG6a%2FRnygSJ0NaqpvR30UFEJHFXKR7z4Ux9Lm8K3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83387d5c5c3f0df4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 107041

GET
H3 200 kiwix.png
www.kiwiexploits.com/assetsmain/images/ 57 KB
58 KB 499ms
498ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kiwiexploits.com/assetsmain/images/kiwix.png
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d73d0fc262ff9185f70424986f69ed4ddcd8c12bae6718941a71f6fac7dcf0b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Dec 2022 01:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ANjuuW8mbRVAe36pBucSrwa5A7HR2OQBdw9HbDCZU93cvb6yqAoxTZaI%2B%2FvC38NwiSvkEzrbxRAK3RonnveA8QKquHqBbGV30ZmuzL9bcDhaC893pn5vaILdhCqwi4Ki66714wflS8Vo%2FT7YQavn2GQZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83387d5faaa01c7a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 58658

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 178ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00139e25acded0f765aff5dfe0c080b968716aa9694ae6fef382e7c07b390ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52017
x-xss-protection: 0
server: cafe
etag: 9491208071404074392
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 190ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162344816-1

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbc3c216c477f38a75e5fd9fbf7f49fa27031957a93698cca4e2af1ca0ce1a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H3 200 jquery.min.js Show response
www.kiwiexploits.com/assets/web/assets/jquery/ 87 KB
32 KB 64ms
61ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/web/assets/jquery/jquery.min.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5751
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NUyv78Ow1pD1%2BCcdv27gU%2FDNzYtrROkVfB9GTRkkglFbRCbC8zze6ggDSoN9%2BvgPeGLpzJYfEZquq6phEmvv2xGFJzbrpUfpAKRMqKvrcn8PqQYjpjcpCnldA4OK8prWl3g1N9mz3%2FajRswqoDg3jJtAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaa41c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 popper.min.js Show response
www.kiwiexploits.com/assets/popper/ 19 KB
7 KB 90ms
87ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/popper/popper.min.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5751
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZRLjE055BXUl9HIkcc445AtkLwbv%2FqjMY7BNV6MJBWxvUIPElLr3MzbUPfLIhPU6K7qa4tdQRSyeQlh65KpdHeepTyvY0h66sngmKNiWQXRibIE%2Berf%2FDyx4jHMi%2BTyDdmVZN3MR1opzUwi2cdB02ZLRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaa51c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 tether.min.js Show response
www.kiwiexploits.com/assets/tether/ 23 KB
7 KB 39ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/tether/tether.min.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5751
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xhQppUnnX4o4%2F2oiy%2BpalqcXzDcWw3Hsk8keaq%2FhRkbZYOqKcv7Bbuqg0txaG6xlVq9QRRruiJfm1H%2BAitsaT1p%2FUKooFpkQpARqN3cc9jVaD5rLamGM%2B9SBDRi3cJNids1NQJtg9Fd1JKeTEr94KdhfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaa81c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
www.kiwiexploits.com/assets/bootstrap/js/ 59 KB
16 KB 90ms
88ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5751
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3Oncd48%2Ba3764oGUDXP4SpuzgKHJz29PirlvvMFxS5PJxRBWV4qzRDIMAMSCCD%2B7sgysn%2B95dqrccC1VGgFYCXU3C8i%2FTIZQiYBSH8G8DFMA67Y9jwbTBhmkidPDR9UBfWNE5SO4AVz01n0%2BCpzXa3lDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaa91c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 smooth-scroll.js Show response
www.kiwiexploits.com/assets/smoothscroll/ 7 KB
4 KB 37ms
34ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/smoothscroll/smooth-scroll.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867a9a1bad8363a3f8e2a3628ba7595512a7fbff6c4125099756efbe533c660c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5751
cf-polished: origSize=7568
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9n3CQRWgVTND77cvhAdK6TQhDB1dd1u2bhwP9Nu0qQXrCvppGEbSiXDwuz7FhsjiBwtiB%2F9xrJlU6IPJJKFNbgPhWm0aVsE9bKRWpHEl5JIlcFXtj2D4oaDfsrOpaFtv%2BJiSCGtl7gpSorg%2BNWmb0ag%2Bag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaaa1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 nav-dropdown.js Show response
www.kiwiexploits.com/assets/dropdown/js/ 9 KB
3 KB 38ms
36ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/dropdown/js/nav-dropdown.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4bd2f918efeb4ea7a65747e5ca0f9c86cccdb961a6276299ebe3a7a47a3854

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5751
cf-polished: origSize=9027
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRBHx4afPJdMbRe7fQTM5hDRwYOnh4elYSlaQ06u4kaEy2HiDtHj03fxk6OEF88ywwtvpsYjCsHHCIS1nTUoHU8OhvC8HbFCYn%2Bb0gPWSG50%2F4v0hFT8RCNJ8iMenG1oPIpeEWd3yIOjWY857EqFvkgfdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaab1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 navbar-dropdown.js Show response
www.kiwiexploits.com/assets/dropdown/js/ 3 KB
2 KB 91ms
89ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/dropdown/js/navbar-dropdown.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8582b02321950e729b7e88ea63931c9cadfdc5f9d76e18a694b8bbad6debf6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5751
cf-polished: origSize=2646
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unMbhLPLHrIDhZzZhppY0yh6%2BItIuFgbvtUHifyBO%2Bm24eHKKNdPLxaco5ZbAQfwzFkspEGc2hT4a%2FikEFdZ%2BjYhGn8PkLfh2kZ0Y%2FPs%2Fs1AkxoSgs1Ox7LkgYHZ%2FcwSm8CY9yOAJ0YSzLytTwnyHDGtYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaac1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.touch-swipe.min.js Show response
www.kiwiexploits.com/assets/touchswipe/ 20 KB
6 KB 122ms
120ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/touchswipe/jquery.touch-swipe.min.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5751
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppXFpo0bRBTdT%2FRfjQIhvnMbXoaP0RMLwWqjbDPCa1x9UqhX4GnbzSbuC9eckn9D3vYUFNdMQcZZfZiiTvOV3aDoo6Yzk%2BiAbZVGP8o7d7a1TNRmg4POIzjjBLBZZ1A2DMEGZGvP2woyyJgBcjW50Imxrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaad1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 mbr-tabs.js Show response
www.kiwiexploits.com/assets/mbr-tabs/ 2 KB
1 KB 37ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/mbr-tabs/mbr-tabs.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991d47a727ed40a437c6bf202a2f0730ba3bd6c593bf84ee38f9f73e1c2c445c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5750
cf-polished: origSize=1901
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNgs9rcHvUealUmDt4x8dLwMGCt7v1tSPzi3qsG55VDG9R5%2FJdRMO09aT7mZfmLtSqZcPDiFmu4gU5k7ZxhPsDgd0PMwsR6My2rV3Uq5wH9NLKQGLOlFQIJg5M4VULbz%2Ff8Are0RdJDenwRk1LXsFTrQNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaae1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 script.js Show response
www.kiwiexploits.com/assets/theme/js/ 21 KB
8 KB 123ms
121ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assets/theme/js/script.js
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50bc522610e1fc1738cfd395d5adc73e9e1f88872990b65705d92b22fd8936b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5750
cf-polished: origSize=21571
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiNRiylJlydITqeODdHd7UR6RDTMq1ZcpnFY18MGToO9onj0XybvGet6zwhcn%2FQaBwA4PncnT8uTTtHqkXnCMkvVE52qtpeOP3jM7qcfPXEsy0A6ya%2F1OI8pY5q9Hn5y5%2BnS48v4Gly8h7B3ICvjiCn2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83387d5faaaf1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 211ms
129ms Fetch
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/nab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceaafcc0e699856453f1731bf861bdb5f583b9ee49970c7f7fc05b282d34db0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52017
x-xss-protection: 0
server: cafe
etag: 6391329939053653478
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 116ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/assetsmain/mobirise/css/mbr-additional.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbb3beea6dc8d67b0684c9a21085f50dda76874c6b495875882563d83477cb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 21:04:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H2 200 ut.js Show response
acscdn.com/script/ 80 KB
29 KB 35ms
34ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/ut.js?cb=1702242785584
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf7f34e550f5f6bead66bbd8baa61274bf0cf3ae804661c4b441d240212b8010

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2370
x-guploader-uploadid: ABPtcPrn8g7_cZUF5frGYWA2ph9httNFYLCWoG297SjEbwH1KM10zt4UuorgosAseKVPizaAzTgL2w3G-cGp-EK0YgywJ_nS2z6x
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 14:05:37 GMT
server: cloudflare
etag: W/"1edfed807930c1dea818ac18c299154c"
vary: Accept-Encoding
x-goog-hash: crc32c=2nkS8g==, md5=Ht/tgHkwwd6oGKwYwpkVTA==
x-goog-generation: 1701698737164870
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x21jX3jUeyV3erLG4zJZprogwWqELxWPlLQslEs9Te6rZ%2Fb%2BkANXaJTK%2FBLG5MAnlvAWd6Jv%2FSouumkH5xdyv%2BTEOOKX089Ou0cimSPmI1pSiSXpGJidrKHRgejl8a4mekn0Tqv%2Fg6rJ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 82092
cf-ray: 83387d61fa8b0dfb-AMS
expires: Sun, 10 Dec 2023 21:30:46 GMT

GET
H2 200 suv5.js Show response
acscdn.com/script/ 95 KB
32 KB 35ms
35ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/suv5.js
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ab5707f8caa81d4c8ef4d9373254d130c294ed2ee997c807e068b149fdb4e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2943
x-guploader-uploadid: ABPtcPpNHzYRuk6T2So-P7DATmfRtWGjoMP0CSHSQaXEMPKeXqkKV6xXNlU8aU42QkUCdhu5a-QgA_cCugg_6QfWsAEKbw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 14:04:37 GMT
server: cloudflare
etag: W/"fe85f0affad429f5413cd601a475b728"
vary: Accept-Encoding
x-goog-hash: crc32c=4eu5MA==, md5=/oXwr/rUKfVBPNYBpHW3KA==
x-goog-generation: 1701698677261682
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUICq3DwUcBOopSFBq4silHUJd1mYATIhsB9u4ig%2F%2F%2FgK8vIiea%2F5A%2BgNGyhxyyaEQcjW8%2FHGOobrgA%2BVa1l3mHz14QNmSiLawIVlGcQZFG2XkxWQ3iUkYYKgzav2oYo5PIS%2Bacayv%2Bf"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97361
cf-ray: 83387d61fa8c0dfb-AMS
expires: Sun, 10 Dec 2023 20:53:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d844d7d44f93ba140fe2be0eec58283e8c6853b7b8ab73c8f0030c756f9ae170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51720
x-xss-protection: 0
server: cafe
etag: 1554918545730347538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=172800
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8562196086359240&plah=www.kiwiexploits.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8562196086359240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09aad6871f33c065451901ba67a3c27be0d99401d920102e6096ed30f929562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137718
x-xss-protection: 0
server: cafe
etag: 14572334478592140089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/ 26 KB
27 KB 107ms
33ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kiwiexploits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:56:51 GMT
x-content-type-options: nosniff
age: 206174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26620
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 11:56:51 GMT

GET
H3 200 mobirise-icons.ttf
www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons/ 50 KB
25 KB 489ms
488ms Font
font/ttf 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.ttf?spat4u
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7

Request headers

Referer: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons/mobirise-icons.css
Origin: https://www.kiwiexploits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkZU2tpo3lWPQHSNw%2FxmdlhJAzGfPwMvRlStoyM5oq5N1nc9oTcnskZDOD%2B22lUV8%2BRJ02MhSJ5NHjct0DWt%2FrWwsoRH4oZg8DjEAOypSAXlssIqXBF8kn6A2DlzVggDz9yNlGZuADhXHbghFFVVo5eRZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 83387d623da91c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 mobirise2.ttf
www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/ 25 KB
14 KB 517ms
517ms Font
font/ttf 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.ttf?f2bix4
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784

Request headers

Referer: https://www.kiwiexploits.com/assetsmain/web/assets/mobirise-icons2/mobirise2.css
Origin: https://www.kiwiexploits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4WC1Yslxu%2FKCf4CElCm7hrmCrO7O%2F8xwVUHMI65cAJLeCEEiV5ugHdsqQlQJiaSd4RS6d2gXMruwsIw8QL0XxuScutQQQnOqc2hlZcsni2zp401a3zgQ2pW0bxIawDAcBbkz5UUofbFO9gf8uSvSE6%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 83387d623dab1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 socicon.woff2
www.kiwiexploits.com/assetsmain/socicon/fonts/ 63 KB
63 KB 494ms
493ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/assetsmain/socicon/fonts/socicon.woff2
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/assetsmain/socicon/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2

Request headers

Referer: https://www.kiwiexploits.com/assetsmain/socicon/css/styles.css
Origin: https://www.kiwiexploits.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:06 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Nov 2020 23:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2uyKYFWiUpjIr7NtMqSX%2BvDTFsaPC4Gq%2FWIFgxOg76qk9IjlsV%2FeEkFBso9s931A5%2FNB3u%2FHP8Ho65%2FZ64T2NgRV7cNMR3VNRUXmQyjlTb5C3VH5jo5%2FY8xYdRZsViGuWdRmc3O9%2FA%2F3yCdkoXm15SBFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 83387d623dae1c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame EB25 9 KB
4 KB 189ms
60ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8562196086359240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 6365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 19:27:00 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 19:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3CCNYPH0PB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162344816-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8457f711b828aa357b68c6e7cd2afe9cd082a1efb1b970763ca76ad6918d74e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 21:13:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 80ms
26ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162344816-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 19:39:15 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5630
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 21:39:15 GMT

GET
H3

200

main.js Show response
www.kiwiexploits.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame AA9C
Redirect Chain

https://www.kiwiexploits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kiwiexploits.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

31ms
31ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiwiexploits.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

060d83a92ad91c4dfee5a03f99e5ea5916561b4a966bc1f95e12d7a208948570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBeLDG2wwvvlp37RbPh%2BFdP1NDFVzAKQKhLNuQLbG4jGEyIzZfvT6HNIC9acZ6pKx90L0qboqs%2F40XmUlwiz3aMAGM5Yo8SyqQNcHD7ceHmQraRrHCDF3W0HdlKedCA9J%2BYWC6BLo44ogszY6wPyAGel7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83387d62ee711c7a-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 10 Dec 2023 21:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKZTgtiF8kR5XNJxaBPzvY846VCBmVQr1OPgI9H3H2BJAF1pA7iuzdeTsItc%2FnszOS6TQwzqfuzs71wWgjUAVnW0d1CzxV7QDAGz74mp0j3XwnY%2BYdvYEJJ6Xz0avgUyldk8KR75GRbENleRVnbqO3%2FS%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 83387d62be311c7a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 suurl5.php Show response
youradexchange.com/script/ 1 KB
1 KB 247ms
183ms Fetch
application/json 2606:4700:e4::ac40:ab13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=5468015&chmob=%3F0&cbur=0.6860162870641868&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Best%20Roblox%20Exploits%20-%20Roblox%20Scripts%20%26%20Cheats%20-%20KiwiExploits&cbpage=https%3A%2F%2Fwww.kiwiexploits.com%2F&cbref=&cbdescription=Find%20the%20greatest%20Roblox%20Exploits%2C%20Scripts%2C%20%26%20Cheats.%20With%20a%20wide%20variety%20of%20safe%20cheats%20you%20can%20download%2C%20we%27re%20certain%20we%27ll%20give%20you%20a%20good%20experience.&cbkeywords=roblox%20exploits%2C%20roblox%20scripts%2C%20roblox%20cheats%2C%20roblox%20executors%2C%20roblox%20exploiting%2C%20roblox%20exploit%20download%2C%20roblox%20exploit%20download%2C%20roblox%20executor%20download&cbcdn=acscdn.com&ts=1702242785713&srs=a95909d2bdf6fe476e38a725ffdea298&atv=38.4-sw-suv5
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/suv5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ab13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46daa8e3dc21629e90f61f3d59466491ad08e7257f4f94a1e764d78e94e29bab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlapOQoVXk%2B%2BefbIuSbFKesHBkTzBUYD%2FG%2FctTqpUco2aekNMOEAwTaSFk2OXEwhljmHWgbjAuU4VKPdDAg0cVbnfuOXerbIv13Nk2LfzKG0fjWBNMlUYr%2Fny9lGiG3S2Fmmbe%2FtMpHr5RIBi%2B7XZhw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cf-ray: 83387d633e67663d-AMS
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 204 hb.php
pubtrky.com/ut/ 0
409 B 213ms
145ms Ping
text/plain 2606:4700:3032::ac43:bc6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.9952862128952298&v=1
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/ut.js?cb=1702242785584
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bc6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiwiexploits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJPgzGpQs5%2FZnyI5NgjdLAozZ9bqp14z2rj%2BqCaO9VAnKE09419FV0Cy%2Bnvt24JKQgNpYXzM5DVwcibcB1V5gHdxLM1q2G47SNtCWJs3bm%2F5e6mEIfNaeJhWt5zReRURGWuRte9XCKhqVg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83387d635b406702-AMS
alt-svc: h3=":443"; ma=86400

POST
H3 200 83387d58c8220df4 Show response
www.kiwiexploits.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AA9C 0
573 B 46ms
46ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kiwiexploits.com/cdn-cgi/challenge-platform/h/b/jsd/r/83387d58c8220df4
Requested by: Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Dec 2023 21:13:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL7wLpZgLIeJZZY4CeWIlZGDvm%2B9MDKicckWhYOiZvGSNnLUHCCQeSd%2BIUxEa8E2ZmKi2Me4IVOfIamUEZa1pwrV%2FvQiH1%2FHNnDmrrV2BFpdSXcwOkL5YcOEH%2BbVCgkbRf%2BtcsA7UXighA2YWJ3%2FTySUeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83387d63bf481c7a-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 87ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3CCNYPH0PB&gtm=45je3bt0v877345100&_p=1702242785595&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=908722780.1702242786&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702242785&sct=1&seg=0&dl=https%3A%2F%2Fwww.kiwiexploits.com%2F&dt=Best%20Roblox%20Exploits%20-%20Roblox%20Scripts%20%26%20Cheats%20-%20KiwiExploits&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1947
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3CCNYPH0PB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 21:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kiwiexploits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 102ms
33ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3CCNYPH0PB&cid=908722780.1702242786&gtm=45je3bt0v877345100&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3CCNYPH0PB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 21:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kiwiexploits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 207ms
83ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3CCNYPH0PB&cid=908722780.1702242786&gtm=45je3bt0v877345100&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1280832035

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 21:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 30ms
30ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=802377544&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiwiexploits.com%2F&ul=en-us&de=UTF-8&dt=Best%20Roblox%20Exploits%20-%20Roblox%20Scripts%20%26%20Cheats%20-%20KiwiExploits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1665548053&gjid=1182428693&cid=908722780.1702242786&tid=UA-162344816-1&_gid=1194295539.1702242786&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=986669584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kiwiexploits.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 21:13:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kiwiexploits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E3E 195 KB
54 KB 695ms
693ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&adk=1812271804&adf=3025194257&lmt=1693189026&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785616&bpp=19&bdt=968&idt=323&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6358347301685&frm=20&pv=2&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=340

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8562196086359240&plah=www.kiwiexploits.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

975f71d27cf2fa6f17a92b429b9d531ce5d0e8914eefc383692aac6385f0a2a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
expires: Sun, 10 Dec 2023 21:13:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2082 102 KB
38 KB 636ms
636ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1693189026&format=300x250&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785635&bpp=1&bdt=986&idt=325&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1286ccacb738eb0c9fff2c94fe67f7553076cec7300d285e98e546a1aff0db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38883
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
expires: Sun, 10 Dec 2023 21:13:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F164 131 KB
41 KB 554ms
553ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1693189026&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785636&bpp=1&bdt=987&idt=332&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=337

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0f286ceac6fab5e943710b1b3e81b2b61fdf8e5df105fb3cdd77b21b81cf757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41978
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
expires: Sun, 10 Dec 2023 21:13:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3075 728 B
530 B 419ms
418ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=6755976858&adk=813426018&adf=363049643&pi=t.ma~as.6755976858&w=300&lmt=1693189026&format=300x250&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785637&bpp=1&bdt=988&idt=339&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=341

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39603bc0eee638ff58fd67f9290ce831828765090e3dd76b2018ac6be700c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
expires: Sun, 10 Dec 2023 21:13:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBBB 728 B
582 B 220ms
220ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=869763061&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693189026&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785637&bpp=1&bdt=989&idt=347&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C1200x280%2C300x250&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=349

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5753500fbe4df6fb16782316212612096737ba7ef93e15049e3deafe0d6d438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
expires: Sun, 10 Dec 2023 21:13:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 10395337855871828871
tpc.googlesyndication.com/simgad/ Frame F164 8 KB
8 KB 178ms
76ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10395337855871828871?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlFRgGI60KzjpcK9PJGkPRuuKXoPQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1693189026&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785636&bpp=1&bdt=987&idt=332&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccccd5a9a53d06ced27d28e2c901ea1d843011ae279785a1d4b218ddef3c334f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:51:28 GMT
x-content-type-options: nosniff
age: 188498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7989
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 15:24:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 16:51:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame F164 24 KB
9 KB 139ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFCF 143 B
166 B 35ms
34ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=9459101825&adk=3094683467&adf=2653041513&pi=t.ma~as.9459101825&w=1200&fwrn=4&fwrnh=100&lmt=1693189026&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785636&bpp=1&bdt=987&idt=332&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=337
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F164 3 KB
1 KB 118ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F164 67 B
196 B 116ms
41ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:10:08 GMT
x-content-type-options: nosniff
server: cafe
age: 61378
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Mon, 11 Dec 2023 04:10:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F164 20 KB
9 KB 95ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F164 202 KB
64 KB 212ms
123ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:06 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F164 36 KB
15 KB 129ms
66ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
server: cafe
etag: 1899721059218863233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:23:05 GMT

GET
H2 200 2897287356149875560
tpc.googlesyndication.com/simgad/ Frame 2082 8 KB
8 KB 119ms
80ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2897287356149875560?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnbfMKWx71nlOTSq4ewt0Y6y0wlbw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1693189026&format=300x250&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785635&bpp=1&bdt=986&idt=325&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c47e849d37db7255fbf3800ec5056a99d236ec7858e75523df22d06eee38c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:24:33 GMT
x-content-type-options: nosniff
age: 564513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8265
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 15:24:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 08:24:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 2082 24 KB
9 KB 126ms
87ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 94C6 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=971479690&adf=756293844&pi=t.ma~as.1836580918&w=300&lmt=1693189026&format=300x250&url=https%3A%2F%2Fwww.kiwiexploits.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702242785635&bpp=1&bdt=986&idt=325&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6358347301685&frm=20&pv=1&ga_vid=908722780.1702242786&ga_sid=1702242786&ga_hid=802377544&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079919%2C31079921%2C31079928%2C31079980%2C44807405%2C95320870%2C95320884&oid=2&pvsid=3318782445424223&tmod=999550613&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=330
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 2082 3 KB
1 KB 125ms
86ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 2082 20 KB
8 KB 73ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2082 202 KB
64 KB 152ms
89ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:06 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 2082 36 KB
15 KB 132ms
95ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
server: cafe
etag: 1899721059218863233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:23:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFCF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
44ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
expires: Sun, 10 Dec 2023 21:13:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 94C6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
44ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
expires: Sun, 10 Dec 2023 21:13:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

185370b4c7ed037d60128317ac89f41beb45711655f4334d6a8f5eec1d6430d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56002
x-xss-protection: 0
server: cafe
etag: 3999010112344392541
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:06 GMT

GET
DATA 200
OK truncated
/ Frame 2082 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54015ced5d40871ca2d97a2e14ebb01046b4a44519cf615ce7d8bc237e6e04f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F164 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08f75b3bba94db7aabc2550ab5dc1150f477c7908f060171a4122b050aa05298

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 6FD5 9 KB
4 KB 33ms
33ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 6FD5 4 KB
767 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 19:21:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 21:13:06 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6FD5 205 B
296 B 107ms
33ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:28:20 GMT
x-content-type-options: nosniff
age: 200687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 13:28:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6FD5 604 B
1 KB 106ms
32ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:41:25 GMT
x-content-type-options: nosniff
age: 207102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 11:41:25 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6FD5 16 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:00:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6FD5 22 KB
9 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 18:57:47 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2082
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZvCf4il2ZZGSApukjuwP5rOrmAf8-6TUdIXbztP_EamP_MIDEAEgwOyYfGCRhKCFjBigAffim7QoyAECqAMByAPJBKoE1wFP0JvmHh8KFt1l-L-tZbOrtoH9uwalouNYg8S-GRiZnCtUYXy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224575904263399349926%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%...

0
0

140ms
70ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224575904263399349926%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216859134334817271057%22}&andc=true

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4575904263399349926","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"16859134334817271057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 21:13:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 21:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4575904263399349926","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"16859134334817271057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F164
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C6Qpl4il2ZejWAprMjuwPjMW6gAj8-6TUdPXhztP_EamP_MIDEAEgwOyYfGCRhKCFjBigAffim7QoyAECqAMByAPJBKoE2wFP0PnnVYnmgkz3Ay_FTfvGx1u1og0he4Ube5nCQZzpK-0ZV5a...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214649579118236036611%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window...

0
0

139ms
69ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214649579118236036611%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215312210450673906961%22}&andc=true

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14649579118236036611","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"15312210450673906961"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 21:13:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 21:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14649579118236036611","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"15312210450673906961"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame A9ED 50 KB
19 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:21:36 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C68 50 KB
19 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:21:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4AF8 14 KB
1 KB 43ms
43ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 21:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 19:21:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 21:13:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4AF8 2 KB
902 B 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:43:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4AF8 24 KB
9 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4AF8 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4AF8 20 KB
8 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AF8 202 KB
64 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:13:07 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4AF8 37 KB
15 KB 41ms
34ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 154ms
68ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 21:13:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 154ms
67ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 21:13:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AF8 0
20 B 68ms
68ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20231206&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 21:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
83ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64692309a1ec6dfb6c6a5cbe4240ec755aed2f55610b5298a12c783c8a9d89af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12364
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1491 50 KB
19 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: www.kiwiexploits.com
URL: https://www.kiwiexploits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:21:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 21:13:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E92 13 KB
5 KB 36ms
34ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 9844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:29:03 GMT
expires: Mon, 09 Dec 2024 18:29:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DC88 829 B
997 B 45ms
43ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96ce3e1ed75970ad57c523f6a74a612c05b7a41ae553ace57016673e0853425d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o7dxNOSggpyl0CIYUGx9BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-o7dxNOSggpyl0CIYUGx9BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 21:13:07 GMT
expires: Sun, 10 Dec 2023 21:13:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DC88 0
0 68ms
67ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=3318782445424223&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E92 39 KB
15 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E92 0
10 B 33ms
33ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N_Yn5g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:13:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2082 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiQToJ3R2b8Bq0b4XIiniERFn6uvxdcaSm8tlOCFPiH4168fdVq1sWaXGLiWXWXDBgRbGQ_EquTAIRLOgpe9sO9PE_JkOgcBjSXXmfuAsJpgEgCMZjxVEWmRbZ6L77ywZsRSHfYfzHvcNE&sai=AMfl-YQBpJAUaFeSkEEdswTEPuDDzjlVIopKCRN0VUxxlWiEvgQSKRE3Eigo8APdmaDGYFcaQTOY83FSEHknuk-7V53-P8JUpEuljJ_hsz4MRLysH1GcOMHBHkBqHaXlTEj1RdSlV5By0fC7ttg36AScArkUiYy8AinHSbI&sig=Cg0ArKJSzElD-p0HWd8bEAE&cid=CAQSTgDICaaNf3SMF0WNjEgBKV_opC2BPGdUEttfSVKAnbBPiji4RYhYINXMwdIb9FhocX8atHEur2piwhriGtSZwF5w0J4xrXMEJtQ51MBkORgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=971479690&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702242785966&rpt=925&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 21:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=3318782445424223&bg=!dnWldTrNAAY3kmNgF5I7ADQBe5WfOO8me4qAWUrcKeKAkncJP4ZcCSa2mRUpATbC6mUB1UJvxC-NDpjt781T4vxSCqWRAgAAAEFSAAAAAmgBBwoAc5gJQmcX5hMtB0iRL_3jW6AXUS9Eoml-lALzY64n1Pu0Hk3nqEx4n5l_yFw-YV9Ko2xg-mMaX17T1mH42NDXMim-fSDM-YAzJCeFKesX9eCbf29Y2rcPJhzekjd58dMncLfAvhHK4cbep3PDRwx6o5zlggOZAv8q62140jU26POGrDyHOALZ_PrT_gV45ILtCkgQp8ydUyzpWkhR3Sc43Vg8iX6t8UpjrSSC7aWUBFusMIagL4zZpera_MNmtlY66PnodLA4SqWf8-X_oIqxYuy0VvJA55BIGzTnu7--7Sn2rmX1wpQ3OWe3cnQ7Sav-l9Z75kFA7bRQA5Vsdc1DQ6M33o3Kn9hJkqBOcMBvGvsAaotIFvpfNPgn17eN8Ccp1qOvk1_Cv7Ha18meTu_ILcCaaTTb-nkNs6fS7tJP04vyj67m2GfJSpFzjZuMd2gJ6v7jx-h-T55glPPLPGRrbF01RI7XZdxTK_rh5QENK9EJKKuhhkUNf6dqFNooBv2A13iAXzxbNdW8_pNWSfcsON_DZWM6FmbqQ7V70yLQcobEqcK6ivwD7lltWQxKb-fKt7ZqxgDaUO9eW8wfWkwGRc6rZqxoySwT-bfM4NL7N3ZzJh_nEeWrs56vHB1rWppRd3xUNOKflOkaDYLvCuJwv97ifd3iSF3TK6dKFvxWsDVGHMZyvICZLAOe6kTAWjsx5RF-9CC4EQXx90wXVQoqSPwl2aVLYUbuD6efB0m4fExu_BhtCCnhaS9HhLKMehJKmmX5i7cEY30Qe7CVRxbXNahbYdX-3h4n0OwVdDCSECbsGM1FdeXXrEnLewVcxp3_MT4xyonJ7g_yBSp3u--7XURjNR78a5MUpS62bEvqDj_vQiJQ6fxDTcW2aw0rBaxpvbPHsDnR3b8owtW9577IisF4RQ7HCdtXFiaWoe8TQo6WoWlL1fZgbSkp_pIlhMPYcKQduzgi4qvjhh3f-ZC3qPz_QrKnqf2x62Hj-1Rgw2Db0yhOxEi8Uc8HdXQVDPPMzzp8KRh3tjfGo8oz6q4aMUv1g39ceIzM-054cOLARHw2XvIKgnNzrXQZpYZ3jC-tNGzKI-SgxkDyblilY4bZ0JqWNILEwDXBMyA4D5p3E5MHllccrhREv3ogZ7yz71Yv0ptoOAcS6PjSuDtpJ7kKrIe5Afb-Lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kiwiexploits.com/	1970-01-21 02:26:42	Name: _ga Value: GA1.2.908722780.1702242786
.kiwiexploits.com/	1970-01-20 16:52:09	Name: _gid Value: GA1.2.1194295539.1702242786
.kiwiexploits.com/	1970-01-20 16:50:42	Name: _gat_gtag_UA_162344816_1 Value: 1
.kiwiexploits.com/	1970-01-21 01:36:18	Name: cf_clearance Value: c8HTlUXOsBjTStTO4eapJQ8W.Y3nRDNAq_CVL8ctok8-1702242785-0-1-3b0fc4f5.d6e2c65c.4936d565-0.2.1702242785
.kiwiexploits.com/	1970-01-21 02:12:18	Name: __gads Value: ID=00f77c11e6bd9235:T=1702242786:RT=1702242786:S=ALNI_MaOjekC7BbCIMXi2UIVZzNZZt6lHg
.kiwiexploits.com/	1970-01-21 02:12:18	Name: __gpi Value: UID=00000d135eea9438:T=1702242786:RT=1702242786:S=ALNI_MbaEd0xV4ljeNHrbcFK_v7m6N85iw
.doubleclick.net/	1970-01-20 16:50:46	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:12:18	Name: IDE Value: AHWqTUmEE9dFhtLb80ZB0zH4bCBrNtNoxVq10fmEYwxm6AWER0Pww-UddwkBAosXHZo
.kiwiexploits.com/	1970-01-21 02:26:42	Name: _ga_3CCNYPH0PB Value: GS1.1.1702242785.1.0.1702242787.58.0.0
.googleadservices.com/	1970-01-20 19:00:18	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acscdn.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pubtrky.com
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kiwiexploits.com
youradexchange.com
142.250.186.98
2001:4860:4802:32::36
2001:4860:4802:38::178
2606:4700:3032::ac43:bc6e
2606:4700::6810:5614
2606:4700:e4::ac40:ab13
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9d
2a06:98c1:3120::3
2a06:98c1:3121::3
00139e25acded0f765aff5dfe0c080b968716aa9694ae6fef382e7c07b390ea4
060d83a92ad91c4dfee5a03f99e5ea5916561b4a966bc1f95e12d7a208948570
08f75b3bba94db7aabc2550ab5dc1150f477c7908f060171a4122b050aa05298
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0d4bd2f918efeb4ea7a65747e5ca0f9c86cccdb961a6276299ebe3a7a47a3854
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185370b4c7ed037d60128317ac89f41beb45711655f4334d6a8f5eec1d6430d6
1d73d0fc262ff9185f70424986f69ed4ddcd8c12bae6718941a71f6fac7dcf0b
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
25ab5707f8caa81d4c8ef4d9373254d130c294ed2ee997c807e068b149fdb4e8
2c45a5eb97e8ab82131877dc492284c753ffd80dfb15d9737a4fd13ada1c3351
2c700fa216c49b9ec086829a4af8e48f7e0f4068a002ea2542273dde68801785
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35
39603bc0eee638ff58fd67f9290ce831828765090e3dd76b2018ac6be700c00b
3e956ec59de412b7b1e8b57dc87f2ba55054f2ba3137c00dc9dbf024c78f2a54
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
440645cad3480edeaa059f0ebea205fa6ec59832f5a829141697a0f9f284d39c
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
46daa8e3dc21629e90f61f3d59466491ad08e7257f4f94a1e764d78e94e29bab
4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4eab9aaaaf7906499964d8a608c0ad0c23c18f3f84209de5c4ecfe982aa3179f
50bc522610e1fc1738cfd395d5adc73e9e1f88872990b65705d92b22fd8936b0
523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784
54015ced5d40871ca2d97a2e14ebb01046b4a44519cf615ce7d8bc237e6e04f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64692309a1ec6dfb6c6a5cbe4240ec755aed2f55610b5298a12c783c8a9d89af
64946eb4f637d4cbab7290b344592a476f7f62350a4e8d7317df122ef6b4d91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7b10e9caa6fb373349ef3b886574f632123288ec262a8855984346878a4cb774
7c47e849d37db7255fbf3800ec5056a99d236ec7858e75523df22d06eee38c84
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8457f711b828aa357b68c6e7cd2afe9cd082a1efb1b970763ca76ad6918d74e3
867a9a1bad8363a3f8e2a3628ba7595512a7fbff6c4125099756efbe533c660c
8e8582b02321950e729b7e88ea63931c9cadfdc5f9d76e18a694b8bbad6debf6
96ce3e1ed75970ad57c523f6a74a612c05b7a41ae553ace57016673e0853425d
975f71d27cf2fa6f17a92b429b9d531ce5d0e8914eefc383692aac6385f0a2a0
991d47a727ed40a437c6bf202a2f0730ba3bd6c593bf84ee38f9f73e1c2c445c
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1
a2470f44572c91daca6e64da9ae31a2f91fdea031f0b5a028ba63dc8daf8664a
a958054aba0df8e253b0fd68862459386a7b68630a377fbfee051675e3ab706c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afcc90bbc33eb40941c2b45b179afd4eb5f14545e6cf4fc5d9f1d396ffe6a1a0
b0cf918213747e59ed554a87d5e821487bc728f2cbb3460d4a2f08735391c44d
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf7f34e550f5f6bead66bbd8baa61274bf0cf3ae804661c4b441d240212b8010
c09aad6871f33c065451901ba67a3c27be0d99401d920102e6096ed30f929562
c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2
c5753500fbe4df6fb16782316212612096737ba7ef93e15049e3deafe0d6d438
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
cbb3beea6dc8d67b0684c9a21085f50dda76874c6b495875882563d83477cb55
ccaab61570b7a9ae5fc2c276de50162f84114354e44991aea54db17fcb04b5b8
ccccd5a9a53d06ced27d28e2c901ea1d843011ae279785a1d4b218ddef3c334f
cdcbe8357cc75719dbb1b931f7f8b7690b94480814ee062742b0243a714b80e5
ceaafcc0e699856453f1731bf861bdb5f583b9ee49970c7f7fc05b282d34db0f
d0f286ceac6fab5e943710b1b3e81b2b61fdf8e5df105fb3cdd77b21b81cf757
d1286ccacb738eb0c9fff2c94fe67f7553076cec7300d285e98e546a1aff0db8
d844d7d44f93ba140fe2be0eec58283e8c6853b7b8ab73c8f0030c756f9ae170
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
fbc3c216c477f38a75e5fd9fbf7f49fa27031957a93698cca4e2af1ca0ce1a76

www.kiwiexploits.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

97 %HTTPS

95 %IPv6

15 Domains

19 Subdomains

20 IPs

3 Countries

1802 kBTransfer

5144 kBSize

10 Cookies

5 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kiwiexploits.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

97 %
HTTPS

95 %
IPv6

15
Domains

19
Subdomains

20
IPs

3
Countries

1802 kB
Transfer

5144 kB
Size

10
Cookies

104 HTTP transactions
2 data transactions