kiwiexploits.com Open in urlscan Pro
172.67.191.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/48wdzPj
Effective URL:
https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Submission: On October 03 via manual (October 3rd 2023, 1:06:48 am UTC) from CA — Scanned from CA

Summary HTTP 100 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 17 domains to perform 100 HTTP transactions. The main IP is 172.67.191.177, located in United States and belongs to CLOUDFLARENET, US. The main domain is kiwiexploits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 18th 2023. Valid for: a year.

This is the only time kiwiexploits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 33	172.67.191.177 172.67.191.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
2	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
3	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
2	104.21.63.99 104.21.63.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
1 13	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
2	142.251.111.139 142.251.111.139	15169 (GOOGLE) (GOOGLE)
1	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	172.64.169.35 172.64.169.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
1	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
14	142.251.167.132 142.251.167.132	15169 (GOOGLE) (GOOGLE)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
6	34.149.135.28 34.149.135.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	104.26.2.190 104.26.2.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	18

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 172.67.191.177 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kiwiexploits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.63.99 (None, )

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.253.122.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.169.35 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.167.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.135.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.135.149.34.bc.googleusercontent.com

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.2.190 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	kiwiexploits.com 1 redirects kiwiexploits.com	469 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	413 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	232 KB
6	rtbrain.app cdn.rtbrain.app — Cisco Umbrella Rank: 10923	957 KB
6	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 44951	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	235 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	605 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	75 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	acscdn.com acscdn.com — Cisco Umbrella Rank: 50346	91 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	139 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 8716	408 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 270	254 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 9606	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6347	338 B
0	8proof.com Failed 8proof.com Failed
100	17

	Domain	Requested by
33	kiwiexploits.com	1 redirects kiwiexploits.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com kiwiexploits.com googleads.g.doubleclick.net
7	pagead2.googlesyndication.com	kiwiexploits.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	cdn.rtbrain.app	googleads.g.doubleclick.net
6	g.bidbrain.app	kiwiexploits.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	kiwiexploits.com googleads.g.doubleclick.net
2	www.googleadservices.com	kiwiexploits.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	acscdn.com	kiwiexploits.com acscdn.com
2	www.googletagmanager.com	kiwiexploits.com www.googletagmanager.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.google.ca	kiwiexploits.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	youradexchange.com	acscdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bit.ly	1 redirects
0	8proof.com Failed	googleads.g.doubleclick.net
100	21

This site contains links to these domains. Also see Links.

Domain
mobirise.in
www.kiwiexploits.com
link-to.net
mobirise.site

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-18` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
acscdn.com GTS CA 1P5	`2023-09-04` - `2023-12-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-08-19` - `2023-11-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.bidbrain.app R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2022-11-18` - `2023-11-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Frame ID: 8184DB50D66FCC60FB71EE86FE8553A1
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Frame ID: B9DF18B542CBFD9D25843401FF229B62
Requests: 1 HTTP requests in this frame

Frame: https://kiwiexploits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: E7A5A5D341917E3E85018D210AB1CE57
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&adk=1812271804&adf=3025194257&lmt=1693214286&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203469&bpp=6&bdt=222&idt=172&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3724044099205&frm=20&pv=2&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: 404A1E7EEC0A42FD4078CB972BE927DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212
Frame ID: E62A1C7FB065C534347543891AF5519A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=90&slotname=9459101825&adk=1837950576&adf=1117302172&pi=t.ma~as.9459101825&w=728&lmt=1693214286&format=728x90&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203476&bpp=1&bdt=228&idt=218&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=448&ady=959&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mMs3cs0T8K&p=https%3A//kiwiexploits.com&dtd=223
Frame ID: 8C5B119980E4E90EE34BB4E84F9E12AC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=3623503060&adf=2821323308&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=1&bdt=229&idt=348&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Y8qUGjCxSC&p=https%3A//kiwiexploits.com&dtd=352
Frame ID: 1A813D0220378E05B45312EC5413DA34
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=2653041513&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693214286&rafmt=1&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=2&bdt=229&idt=355&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=lsfNb8iYSP&p=https%3A//kiwiexploits.com&dtd=358
Frame ID: 5CEA3A424DB793E443EA4CF28A45FED3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: EB8A999BAA2B7F6C45B93456E5C9E408
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js
Frame ID: 91A0DB7D86F600E623BAD39029E04098
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Frame ID: 77531CE7C01B0E5ADE5366ECB824E814
Requests: 1 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=631293173149&ctd=110095&crid=1423&ap=ZRtpIwALWmQITx3MAAo1mI5m2aqVPqnCoDvsPw
Frame ID: 363AE02DF11FFD888C9E6E21CE027049
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kiwi X Download

Page URL History Show full URLs

https://bit.ly/48wdzPj HTTP 301
https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

96 %
HTTPS

0 %
IPv6

17
Domains

21
Subdomains

18
IPs

2
Countries

2640 kB
Transfer

5358 kB
Size

13
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://mobirise.in/
Title: mobirise.com

Search URL Search Domain Scan URL

URL: https://www.kiwiexploits.com/index.html#content17-12
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.kiwiexploits.com/keysystem
Title: Get Key

Search URL Search Domain Scan URL

URL: https://www.kiwiexploits.com/exploits.html
Title: Exploits

Search URL Search Domain Scan URL

URL: https://www.kiwiexploits.com/scripts.html
Title: Scripts

Search URL Search Domain Scan URL

URL: https://www.kiwiexploits.com/discord.html
Title: Discord

Search URL Search Domain Scan URL

URL: https://link-to.net/17242/KiwixKiwiExploitsPage
Title: Download

Search URL Search Domain Scan URL

URL: https://www.kiwiexploits.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.kiwiexploits.com/terms-of-service.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://mobirise.site/f
Title: (function(){var js = "window['__CF$cv$params']={r:'810148baeaf9a23a',t:'MTY5NjI5NTIwMy4yMzgwMDA='};_cpo=document.createElement('script');_cpo.nonce='',_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.createElement('script');_0xj.innerHTML = js;_0xi.getElementsByTagName('head')[0].appendChild(_0xj);}}if (document.readyState !== 'loading') {handler();} else if (window.addEventListener) {document.addEventListener('DOMContentLoaded', handler);} else {var prev = document.onreadystatechange || function () {};document.onreadystatechange = function (e) {prev(e);if (docume

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/48wdzPj HTTP 301
https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://kiwiexploits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://kiwiexploits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=CGy6OI2kbZbmVNcCKvPIPgpWg0A_LldTbcta-8fi9Ebq8jPG-ARABIMDsmHxg_aCZgegDoAGa1bThAsgBAagDAcgDywSqBP4BT9DnAt5zz7BJvNOhsPXrvHEww_cArNpv6mzqWYVzt8lOsMiVSaZ8XnSdsPx9ihZhh0e4Xhnm2k4DjaeN_FUFtlANOVrcNOi_7jlFDbX7agtHKBtfltm3dNFhoxKSwehtgy6TnHESmBEgmMyo4R59x4t-w07ZNICNEtl2jirXATKq56fnvZ3ddoEGamXU7sbKeM9AeTCoTE6ecxDwADJ82WSWrnK7uSo81QXRDi7-NP-niz0BAFK7ddJrlmtYfBoG07c17reDC08AAxad2i7LgkkNn23v_GVdYb2RrTm7GvYc1wGmSFhyzOo_zRXy87njGDrsSNojil-BIKDqKwHABNDY6uixBIgFy4zTwUuSBQQIBBgBkgUECAUYBKAGLoAHzqrLngGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCjyg_SCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJM2h0dHBzOi8vd3d3LnBhc3N3b3JkbWFuYWdlcmNvbXBhcmlzb24uY29tL2Rvd25sb2FkMoAKAcgLAdoMEAoKEIDz4YqSuurfcRICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODU2MjE5NjA4NjM1OTI0MBgA&sigh=awgiOuXLWlE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNRxfbGExmY5rEx3PN-KIEtblzl3hqos-GixhaxoOuOe_i3_AqVJfuPy8H1z23ighShl3n4sC4HFrxGG_WVmMu_c7tnA8PiTQYAQ&template_id=5021&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a613267d25c6d920000000000000000%22,%222%22:%220x3352d28842d010c50000000000000000%22,%223%22:%220x58d8d5ea271ae24b0000000000000000%22,%224%22:%220x87d6fbb48f98f8ba0000000000000000%22,%225%22:%220xfc0fabb92adf01a0000000000000000%22},%22debug_key%22:%22111035684465374426%22,%22debug_reporting%22:true,%22destination%22:%22https://passwordmanagercomparison.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22741157530%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221739329176825463313%22}&andc=true

100 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request kiwi-x-download Show response
kiwiexploits.com/
Redirect Chain

https://bit.ly/48wdzPj
https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

15 KB
4 KB

1279ms
232ms

Document
text/html

172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87ea3a4d5d02c1150752a96bf6a9286726447b23f8721138da966d43f60915f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 810148baeaf9a23a-YYZ
content-encoding: br
content-type: text/html
date: Tue, 03 Oct 2023 01:06:43 GMT
last-modified: Mon, 28 Aug 2023 02:18:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nf%2BAiZ2DEqX3Ck6%2BpXCK33pmLJf3p0%2Bw6p%2FwyW9zT81quC7wIDEo0qxMVWRJ%2FGCkyb6Fna3iLBGN7b5jXAproscbC2WYubDr09sJa9E3jJFd1y5crtldUEGnXeMuAkioAlu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 194
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 01:06:41 GMT
location: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 nab.js Show response
kiwiexploits.com/ 7 KB
3 KB 51ms
48ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/nab.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2470f44572c91daca6e64da9ae31a2f91fdea031f0b5a028ba63dc8daf8664a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 02:15:16 GMT
cf-bgj: minify
server: cloudflare
age: 5215
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy%2Br%2BdCcnqG24OMATQgsUj3I1iGSqrQQiD7Dj29C7vFQw0fx2O69V4CBbzFQ0mY005K1FT7gPEXAXmcUmodF%2FSzkfvps9YwEGF4dnKEKsKFM4rOqT8j7AKLSUMGF1bVvuNZ3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bc6cd5a23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 138ms
62ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

fda11aeede5eae3284d670c3ed43ed57c6112e8103d49a0035bd4e2e8cbc7734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50730
x-xss-protection: 0
server: cafe
etag: 11663441371078313884
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 122ms
48ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162344816-1

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c983d316b302907296d9a13e7155cd7e367a30dad5eb319ab2dcd892f4d944fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Oct 2023 01:06:43 GMT

GET
H2 200 mobirise2.css
kiwiexploits.com/assetsother/web/assets/mobirise-icons2/ 7 KB
2 KB 36ms
33ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons2/mobirise2.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7594de13e6bedbcacfbd22a3d04d1ddd876f591e488074a91c71274f9d4e474f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Apr 2023 03:13:36 GMT
server: cloudflare
age: 5215
cf-polished: origSize=8709
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpR4iLDjw7j9Gf0uTQmI0%2FLS87sIRaP1sBabnMpEUO%2Bexx147pOlnFQUQPq8OZavz7yM10%2FQuAZC2edTP0HlAZR2SGFEediEJAqf4mz8W4JBMcXhaYUSVlSSa63xdJj93%2FTv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6cd9a23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 mobirise-icons.css
kiwiexploits.com/assetsother/web/assets/mobirise-icons/ 6 KB
2 KB 50ms
47ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons/mobirise-icons.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6668a39b684c4ff5a5991396af1924f6a81bee0d0663a8fe78654c15f95aba35

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Apr 2023 03:13:36 GMT
server: cloudflare
age: 5215
cf-polished: origSize=7613
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmO%2F0XJ4XMna55W%2BnJzX%2FbDx%2FcAB4C7pwbQbr7fU%2F%2FswA%2BLq58Pc88yLW50Mnl9AqTj8ebmBwFHd%2BlbKyrLVCToPbHP17wQGRdwFnYSRhQbopR8EwdOQj6%2BFdkLYzxjKPf%2Fe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6cdea23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
kiwiexploits.com/assetsother/bootstrap/css/ 152 KB
24 KB 51ms
49ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/bootstrap/css/bootstrap.min.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb200f2c60844c5d34bc235a45ea7cb76b7084e5a85975f555cf5a52ccff1e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5215
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mP7wXwNvFHFW1LgcA5owcmgzC6a0yrqtky4Rq4%2BhbG4pKYg1lwsPcU3UGwPnb8ra%2BQbxYZqF6SjljKjPzJ%2B9dBOWRypy3KGNbhIfGsNbVzt%2BRmGU3IdMKbXkDuvYGoI1WCy4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6ce1a23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-grid.min.css
kiwiexploits.com/assetsother/bootstrap/css/ 50 KB
6 KB 31ms
29ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/bootstrap/css/bootstrap-grid.min.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75d0fed0cd4380843d322f38aa2cb0cee3d128f28d5dc4c354623f6b0ac18a3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5215
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhKrrWkIzNNr8nzkS4qI0J0iJVCKHHkU48i30naSNwU4Vt%2FLhh2amxX2l1ubsNiqBEFUSP3nLrOtrsO1SMqRuEM6uwrRDInjamQgbyOm8I7y4WLrRWUDuGvTCNC2MElacKJ0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6ce3a23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-reboot.min.css
kiwiexploits.com/assetsother/bootstrap/css/ 5 KB
2 KB 36ms
34ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/bootstrap/css/bootstrap-reboot.min.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97f0549ae1b86791420890ae5c5b6ec5af448ef05a4d9f924e824c48a380ac73

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5215
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWBafdKGdbQ06ffYKZzzlaLiav15nxp67BhuxJqlG5Gr032EilCuVRvh%2Bc6JQMp1aPgYFW5afQpYqSwPpWeLc9Y9QpldioNrfQQ16JdKrSMQ9oBZZDPvGUShg5FSpOuMhY1T"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6ce5a23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
kiwiexploits.com/assetsother/dropdown/css/ 6 KB
2 KB 37ms
35ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/dropdown/css/style.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39904069cfb5a2490a4f8f1db27ce5ddd6273b3101f79415e17f5dd0ebe795e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Apr 2023 03:13:36 GMT
server: cloudflare
age: 5215
cf-polished: origSize=7945
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gp5zzNJ06ocKd8DxL8ncd8ufSx7PzUgR90vQeJyHTc%2BZzFjguqfHEuoq9TIFyoVxlFO9x5S4A4P9nMgVAyo1m%2BvdfM3QTSkBDUO1uBnBf2bR6X4ucZ5a2o54V0NjEmJ8GFqr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6ce7a23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.css
kiwiexploits.com/assetsother/socicon/css/ 13 KB
3 KB 37ms
35ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/socicon/css/styles.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0af0cbab6f69a37485a23ab136c804a46d859745417d86c7f59edcbd3db7a07

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Apr 2023 03:13:36 GMT
server: cloudflare
age: 5215
cf-polished: origSize=15529
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfQCMenNEDbiyA%2FMeT1mCWsMZOmuc4kpgqGSJNHPj%2BLj9SVllpZr31xaVolw1m5Xm2%2Fk0ECYAUUgpLSmAWICqRe5v6cE%2Fb3XgNykgo%2BV0xGTQxuk0iMHnlaJpagIwX1kDzrF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6ce8a23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
kiwiexploits.com/assetsother/theme/css/ 12 KB
4 KB 33ms
31ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/theme/css/style.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b97a41128f59adefd1712cc3b9712b297fe273a2c425f8eab4fea3285500423

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
server: cloudflare
age: 5215
cf-polished: origSize=14947
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCPjfam%2FR10KSlU79gBLNRhu4TH1nioU8Q8BuoHG6uVMq4Ibf0rsTpoGSMQYEpuw0LKL8305ksqEU580do%2BJGLTdxGjYd8KSj1MuoXOONDdmorOiRzZAFhbwLr%2Fj9v5ZfO3w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6ceaa23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 119ms
45ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

cbb3beea6dc8d67b0684c9a21085f50dda76874c6b495875882563d83477cb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 00:52:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 01:06:43 GMT

GET
H2 200 mbr-additional.css
kiwiexploits.com/assetsother/mobirise/css/ 54 KB
8 KB 38ms
37ms Stylesheet
text/css 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/mobirise/css/mbr-additional.css
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43b8c21d293808c03cd799b53149592f7420cd1476833dbf57dee9c246606464

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 21:46:38 GMT
server: cloudflare
age: 5215
cf-polished: origSize=64831
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBgWIRSdiRVSj8xHAGUGibIXVKYbkN4b7m5e22JmYca3fqDB0L8DHhVEO9j7HPcWNMy4nDRDbyuuVSK58O3AMlj0RRFoDWvGjhz1ghUP8IjNMg72kL%2BnAilUoKIID99DqwRS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 810148bc6ceba23a-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 suv4.js Show response
acscdn.com/script/ 195 KB
59 KB 87ms
36ms Script
application/javascript 104.21.63.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/suv4.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a23e04453c514140017a0bfae6fef383dc6010b3bf39964a991e4cbbbc1a497

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2656
x-guploader-uploadid: ADPycdswUykOvpA4qa0nMW9fH44aNuWe2u76IyfrWhJy4X-0UUFDD8yOEXxgjF_-4pS_4Z_cou02IrOzasl40qEKm98AtLrSmjim
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Oct 2023 08:54:13 GMT
server: cloudflare
etag: W/"5806f70e8ba40deeaa49d07484ece51a"
vary: Accept-Encoding
x-goog-hash: crc32c=5v2fPg==, md5=WAb3DoukDe6qSdB0hOzlGg==
x-goog-generation: 1696236853540531
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOPym4voBNQm2vnXf%2Fo0D1q6wdIM2ySoY9X7y4%2FhbRJM36h35vKR%2BS2fAphE%2FGjv1UzEmI8i4eRhxudAR9Axk6cB2DMKo8XygIyzevZ5O71oD6ssE9LCwOYirkWg"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 199909
cf-ray: 810148bcbd3f53e3-YYZ
expires: Tue, 03 Oct 2023 01:00:39 GMT

GET
H3 200 kiwi-1.png
kiwiexploits.com/assets/images/ 42 KB
42 KB 93ms
91ms Image
image/png 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kiwiexploits.com/assets/images/kiwi-1.png
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a958054aba0df8e253b0fd68862459386a7b68630a377fbfee051675e3ab706c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrbRItsH3IUP55kRKg9PEqOBjd7ny67uKf%2BQ3SGbnNrmQDSwgIjRw%2Bp2kglR4ynWFWOAA4BkN%2F0iJDc8fRb6s%2FP%2FCqi3Mq%2Fdny4C5jZjYqBIlco348DkWz8EBa%2Fg%2FNt0XCup"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 810148bcebd0a23b-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 42756

GET
H3 200 kiwix-320x180.png
kiwiexploits.com/assetsother/images/ 18 KB
19 KB 94ms
92ms Image
image/png 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kiwiexploits.com/assetsother/images/kiwix-320x180.png
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512241735bfc001ad294f5ca02f85354ffb65b64ffee419a3b6c3c6d084adca9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y24RhL4u5w49uYbyYvdEC%2BzhGFKqII%2BYQxYSbUntC7V4ixhVkiHINhX19WdPrNiaprNDE4PjVnZAoCdCBv21y2w5QK1f3QwogJS9HzIyEYfQmOo4mN4UM4Kroh%2BpwDv4aknt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 810148bcebd1a23b-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 18816

GET
H3 200 1-646x332.png
kiwiexploits.com/assetsother/images/ 39 KB
40 KB 95ms
93ms Image
image/png 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kiwiexploits.com/assetsother/images/1-646x332.png
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b525ed8c0dfe29ace0e743ac8d679fca18a2794531d572ea1381cdb3e98b9652

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvZ5DyQT8S5JhLLPWzBAsMuNyk4KGZ%2FLdTO6Arsw4iku%2FY8Adfoxvz0llneBchbdeBZoJHsUxhhvSCYQOJUxCCSxdi9t3fRMEZCv9LLvxoKZKAOoD3pwJ3hYXMdk%2BP1g5Jbl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 810148bcebd3a23b-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 40178

GET
H3 200 2-646x332.png
kiwiexploits.com/assetsother/images/ 17 KB
18 KB 108ms
107ms Image
image/png 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kiwiexploits.com/assetsother/images/2-646x332.png
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b189949cdb59c67206ab4e6b0e867c9959181b68e3f16cc859f341fccbc145b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZysQyUIPKf%2B5vaVeFLt4DFSwQjk8ut2zncXGJI3txUDwdHRhTi1ivEAtHrkM4I7F3doHeAN6kaiuZSZsZsvh7ik2o6sU8LrcNCjOTqS62lTd5x4u9FtvDA4CL%2BjonsJ43zC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 810148bcebd4a23b-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 17756

GET
H3 200 3-1-646x332.png
kiwiexploits.com/assetsother/images/ 44 KB
45 KB 109ms
107ms Image
image/png 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kiwiexploits.com/assetsother/images/3-1-646x332.png
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61f7c4f094f77ccc9494c4080289821c6533f82d8701924e6c1a2dd6e5831c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rW6Cs9vQSZWKLWRMu7XpzGIuGRlxK7W81vn%2BcQmX7Clh3BQRps6Obt%2FOtPJL%2BEYx4eX%2F8FdtkB%2Bw43OsVYixC0DNro7IDHkT3UWHDqtKAFTP%2Fktt0xT7F4oH8iDb8X6G1BH1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 810148bcebd5a23b-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 45349

GET
H3 200 4-1-646x332.png
kiwiexploits.com/assetsother/images/ 55 KB
56 KB 111ms
109ms Image
image/png 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kiwiexploits.com/assetsother/images/4-1-646x332.png
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb67aa77d24dcf51df68df733eb359165aff5ed43d1e46c6c5a601a2cd109ff6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWzEE8VNQjlFbZ9LbUzIxXRIvJGaT%2BtFunsPr%2FJymDjDB0Dr1wRgYLDBhOCrRjJEcB7qL4kddRXRGeWkzlKj26iypi5iT4ax5Bn5eDH2sAJeR6WoWSvMq7uE47SXAEjXl3PS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 810148bcebd7a23b-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 56667

GET
H3 200 jquery.min.js Show response
kiwiexploits.com/assets/web/assets/jquery/ 87 KB
32 KB 49ms
48ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/web/assets/jquery/jquery.min.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45zybKeyeED6wf%2FA7y9wj6%2B3%2FbYtD0IfpCG8dyTWy1O66JVW%2Bfc090z2a3I%2BiYb5o2rzOAR6a8oTkCKX6F%2F0Z4f7Li9bmq58s5DSmhvUL5EdYdou0ueOk5xMPsRq7PNDi2ra"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcdbaca23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 popper.min.js Show response
kiwiexploits.com/assets/popper/ 19 KB
7 KB 67ms
64ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/popper/popper.min.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEi8E6xIFjAHRCWFIa5YL%2BbBDi6FlHFWgjQJ1CqxeA1QjbGfIx%2BFQjcV%2F%2FzWEWtWPall6cYPafZocV5MWqJG8M1JfNFXoIKIZB5dyG1MB%2FX%2FE9%2FDmbwR%2BMjfRSqPNIMCbA7o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebbca23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 tether.min.js Show response
kiwiexploits.com/assets/tether/ 23 KB
7 KB 33ms
31ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/tether/tether.min.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEbmQ5KJBY%2BYQlpBZHFQyE8x7KkaD5kZ7mORIk4l75I%2F%2BmMjx9vDCb5JlZXHlkMzOicFZfIMAurJ08tjdjNeq760XjSElBNdOjrMQHJI0e1LVBHUpsnXu%2F715qZfsIO2EmGn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebc1a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
kiwiexploits.com/assets/bootstrap/js/ 59 KB
16 KB 68ms
65ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhqdvLMZPcZu%2FlfvsB4aJZiIj0Ho1UnoTVBT4QytTWToeJci4XHG%2B%2BlXTRpS99g08JUSLBRjkGQ1QQxv%2FoDNSYGvMP89RXuY5p1kgC2shMWL8Us15c%2FA5KguYdTLZVa8DTzQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebc2a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 smooth-scroll.js Show response
kiwiexploits.com/assets/smoothscroll/ 7 KB
4 KB 31ms
28ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/smoothscroll/smooth-scroll.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867a9a1bad8363a3f8e2a3628ba7595512a7fbff6c4125099756efbe533c660c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5214
cf-polished: origSize=7568
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyfGk0iR3zqRFpTKH0E6YW0J4ahXtvRD1U%2BULsslN9SPf23eHTyoaTYeokX8MVVC%2Bj%2FqoPQPCvoynpu1A0nSeHI2d%2FXlmbePDCLf9ZEwq8wtcIp7%2BOf11NOgWSGXy9WI8Rb7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebc5a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 nav-dropdown.js Show response
kiwiexploits.com/assets/dropdown/js/ 9 KB
3 KB 69ms
66ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/dropdown/js/nav-dropdown.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4bd2f918efeb4ea7a65747e5ca0f9c86cccdb961a6276299ebe3a7a47a3854

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5214
cf-polished: origSize=9027
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxgsCoLT3fT3UYF4vlofppEgqmAYl94AZeSjmuAFYNwPHFtx69RI9NNERNPPltBpeGkqs9fF9H2oXS5QfHq2cf8x%2BESfhDpQS6aWYOesW%2B4JT%2BfcIyd90cLB6fbjxcl4PcA5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebc7a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 navbar-dropdown.js Show response
kiwiexploits.com/assets/dropdown/js/ 3 KB
2 KB 31ms
29ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/dropdown/js/navbar-dropdown.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8582b02321950e729b7e88ea63931c9cadfdc5f9d76e18a694b8bbad6debf6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5214
cf-polished: origSize=2646
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjzvEJP%2FYC%2Fv8RqNs1q%2B7VyTYISxg%2BpRS4Slj%2FO90hOA0ugAesQz2rGUtW%2FMDHN6nGeSUsKWYvTEx7LuUd5n1cb5OgtjLSL%2B4f%2BflEvGWqRBP7IVakmQL0mdK1wbj%2FJRC0mm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebc9a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.touch-swipe.min.js Show response
kiwiexploits.com/assets/touchswipe/ 20 KB
6 KB 69ms
67ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/touchswipe/jquery.touch-swipe.min.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1jCz1D3%2BtnnjXwQtZ2VuBY90dYjcSI38%2BHli4ZZYHK29OF%2FJ%2FhQwFnW98C7Wqkmag3En%2Bke3DgXtsWWb%2BzhFSWGsjd9gQ%2Fu1kS%2B2Sr12jx6J%2FuaMXMz3pmM1EuMuQ808EKA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebcaa23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 mbr-tabs.js Show response
kiwiexploits.com/assets/mbr-tabs/ 2 KB
1 KB 92ms
90ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/mbr-tabs/mbr-tabs.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991d47a727ed40a437c6bf202a2f0730ba3bd6c593bf84ee38f9f73e1c2c445c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5214
cf-polished: origSize=1901
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oA45uBMJq1oFs4xKhDYXnWVnXJba0euKMi1CXFXUNtK4URlU9K63LYF43kLXiEsnjGwOU6G%2BdGlcakdAXC6qWet6F8ys1F3z4LDJLQAgW%2BWKCWURviq6tDvs7M%2FFMDTu2D2Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebcca23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 script.js Show response
kiwiexploits.com/assets/theme/js/ 21 KB
8 KB 92ms
90ms Script
application/javascript 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assets/theme/js/script.js
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50bc522610e1fc1738cfd395d5adc73e9e1f88872990b65705d92b22fd8936b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Apr 2021 15:41:20 GMT
server: cloudflare
age: 5214
cf-polished: origSize=21571
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HP4bDbebNBbRSVtk7zxNStWQgoqXyIqUF0jKQHx%2FMovAah6K2%2Bkx5TIqvDCyNxqz2SZFrgUdfaFfrDu55fstagVp5Kft%2Bb02i7vEA1kdHv8pfvfKbDCGLznfnSdwgOxcxb5p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 810148bcebcea23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 126ms
56ms Fetch
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/nab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

5eeb5ad4d269ee66592bf157e22b8a71c21e8bf9f7d461e0adf59f9ce7177bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50727
x-xss-protection: 0
server: cafe
etag: 11391236156430367972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:43 GMT

GET
H2 200 suv5.js Show response
acscdn.com/script/ 94 KB
32 KB 33ms
32ms Script
application/javascript 104.21.63.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/suv5.js
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e68b87ecbf710b3d4c00e3c38c32a3d5203274c0d0cf05b98d77f715d6ba2d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1053
x-guploader-uploadid: ADPycduocimIm6BUw_qZUnBEmKK_jyVIDECJqwi-yGsBeBT1OpuS6gW48OuPqmQFiN2OTPhS55BB4Pg7hvDEanHUFikB2Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Oct 2023 08:54:40 GMT
server: cloudflare
etag: W/"721647dfb7f10651826d59e71868fd71"
vary: Accept-Encoding
x-goog-hash: crc32c=GZVCcg==, md5=chZH37fxBlGCbVnnGGj9cQ==
x-goog-generation: 1696236880352288
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj8yeBJMn83Bs8caBm9Pef2R%2FVaJJMI4TUDEfwqstpuHpGCgq%2FAL4rOy6BDmYs0lKIQVH0KCDOgSYp5%2FYkxV%2BzeOx2%2B0ZVIb3AE5kcOWrovkzAodzfQAPVoPzrRA"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96603
cf-ray: 810148bd5e3053e3-YYZ
expires: Tue, 03 Oct 2023 00:52:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 94ms
93ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

b014a3968910d794695dc632b60def58349349139cec4e0151ace29acb0d3a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50736
x-xss-protection: 0
server: cafe
etag: 15642607869616194616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:43 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/ 26 KB
27 KB 107ms
36ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kiwiexploits.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 00:27:08 GMT
x-content-type-options: nosniff
age: 2375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26620
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 00:27:08 GMT

GET
H3 200 mobirise2.ttf
kiwiexploits.com/assetsother/web/assets/mobirise-icons2/ 25 KB
14 KB 30ms
29ms Font
font/ttf 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons2/mobirise2.ttf?f2bix4
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons2/mobirise2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784

Request headers

Referer: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons2/mobirise2.css
Origin: https://kiwiexploits.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8l823oQY4Jx23KFRZAFdy%2FO8LqC7he%2B%2Bw8K2Ezfaz6WT5YMh3W%2F5rOICo4pZwqYVe4Y5AJ3ezd58Xk%2BWiEibWw8xtiD7BjRIUbXdbsd0WPdkdQxH9dGZEL%2BlhChjw0iJT8K"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 810148bd8ca4a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 mobirise-icons.ttf
kiwiexploits.com/assetsother/web/assets/mobirise-icons/ 50 KB
25 KB 31ms
30ms Font
font/ttf 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons/mobirise-icons.ttf?spat4u
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons/mobirise-icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7

Request headers

Referer: https://kiwiexploits.com/assetsother/web/assets/mobirise-icons/mobirise-icons.css
Origin: https://kiwiexploits.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fpfwa5kvcw2AHxK3JLaAyg6zamvyGj%2FUj%2FyC5px6OE%2F4nOqGQ5FkVLu4Ou7OvTxvnLJ%2BlJ0HpX2RHLXK7YzbltDcYTX%2BnM%2FjXFEwwT3Zjn%2BOnXNcTsKvNYYV75DbA9Eephif"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 810148bd8ca6a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 socicon.woff2
kiwiexploits.com/assetsother/socicon/fonts/ 63 KB
63 KB 28ms
27ms Font
font/woff2 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/assetsother/socicon/fonts/socicon.woff2
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/assetsother/socicon/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2

Request headers

Referer: https://kiwiexploits.com/assetsother/socicon/css/styles.css
Origin: https://kiwiexploits.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:13:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5214
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2F4iZIPQ7d5koKEr1RFvFfx4L2U%2FXPGRG%2BzGa2Ox5M9W8NayXQCpBLU9nKAn1SQOSfav0AzMTczuQenfgKhBVo6xgZlNz3JXRwz6wy%2FuSndn7Ks%2Br3hjl8hhd6PYT%2FNMUaIY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 810148bd8caaa23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 378 KB
128 KB 90ms
90ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

85cac433d853ff158d0d1ae2dc0268c67e99050005570bf9f409144ac432139b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131217
x-xss-protection: 0
server: cafe
etag: 6372588270699866827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/ Frame B9DF 10 KB
5 KB 108ms
35ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 9827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:22:56 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 22:22:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

main.js Show response
kiwiexploits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame E7A5
Redirect Chain

https://kiwiexploits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://kiwiexploits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

22ms
22ms

Script
application/javascript

172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiwiexploits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Server

172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9ebae9733dec1bff5602b145a8c750f8b7fdb9c634473ed37fd40c34787729d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQcaN0MR4cLRvbJ1yORiNZlPnoer1IlUkmZwF1pG6DvPZ5csIm1DBWj94uBe3VF0pkuTwC%2Fw4f2prY%2B%2F8g%2FwW8yUTnk1pNP0EWhdmooBzmFsuxUBJMpzym1%2F6VlZEyAff%2Fz0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 810148beae51a23b-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 03 Oct 2023 01:06:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7dK7ua%2Bvzz1cdEl8i2z9GonNjuIcnubN6VtlDUlU6RYAM5%2Bv4zie%2BxXa4qAIoaLYRHmMP4%2Ff2e5OqORvD8vzsAjbhYxCTA33Keb6QXf0BeZOlp0a87p2pzBJqWLhzYrwL1I"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 810148be5db7a23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 56ms
56ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3CCNYPH0PB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162344816-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

03e9ecd338441c4066bb1db80a32f1cfa4a76e7dd8d1aa65f84e7fc0b7b2c80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89956
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Oct 2023 01:06:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 106ms
35ms Script
text/javascript 142.251.111.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162344816-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 23:32:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5679
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 03 Oct 2023 01:32:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
605 B 117ms
45ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kiwiexploits.com&callback=_gfp_s_&client=ca-pub-8562196086359240

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

bc9ccc6892f6d3b7f7620e005ed0b586dd5838b2d3d8cab96292fe7d6bf5b545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 404A 227 KB
64 KB 1537ms
1535ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&adk=1812271804&adf=3025194257&lmt=1693214286&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203469&bpp=6&bdt=222&idt=172&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3724044099205&frm=20&pv=2&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

67bb13a8da492dbd5fe8787450387893d63b159585c49e166882d617735102bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 64957
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 01:06:45 GMT
expires: Tue, 03 Oct 2023 01:06:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E62A 156 KB
54 KB 1252ms
1252ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

b6b256db7f67d8dd5e05ed9e76325575d6ab90f28753e66a1178b98ce462003c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55180
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 01:06:44 GMT
expires: Tue, 03 Oct 2023 01:06:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 suurl5.php Show response
youradexchange.com/script/ 1 KB
1 KB 207ms
133ms Fetch
application/json 172.64.169.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=5468015&chmob=%3F0&cbur=0.8906074323809681&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Kiwi%20X%20Download&cbpage=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ts=1696295203693&srs=6166af8abfc8ed46378bab6ef30dc5c7&atv=37.0-ab
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/suv5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.169.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f769d0828e086db0175add9dd492303dc1d66639f8685242a301f4029376628e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxjBSz1QX4pb8LkF4wSPifsYrR4TGzT0LXDmc0iLknPxzVe4XHGmXA3g00VMhRdumFqXxRi7K1u%2BRAEu9S%2FZMNgYzM%2B4f%2FnQsYWfnYSLHrnRBC7g%2FCRoPJkZCARpUNfgr8vdAms%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cf-ray: 810148bfac24423e-EWR
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C5B 33 KB
13 KB 2232ms
2232ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=90&slotname=9459101825&adk=1837950576&adf=1117302172&pi=t.ma~as.9459101825&w=728&lmt=1693214286&format=728x90&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203476&bpp=1&bdt=228&idt=218&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=448&ady=959&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mMs3cs0T8K&p=https%3A//kiwiexploits.com&dtd=223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

0c85ca49ceb30f030266195f728718506627e7e19757ab279ba37bf777804e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13650
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 01:06:45 GMT
expires: Tue, 03 Oct 2023 01:06:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 810148baeaf9a23a Show response
kiwiexploits.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E7A5 0
545 B 41ms
41ms XHR
text/plain 172.67.191.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kiwiexploits.com/cdn-cgi/challenge-platform/h/g/jsd/r/810148baeaf9a23a
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Oct 2023 01:06:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4gkkeIPZcvt8K%2FS3%2BgrGnanLFz%2Fgw3y0tF00RKdbSjwpY7ubRAtNAWbx%2BsLmUckfQp7xnqBoKnNu4CNb1sLYIYUrhBo6hvVdeArxgCU2jN87w8zVcF58QRVVP0u6gbpyCJ%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 810148bff85da23b-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A81 108 KB
37 KB 605ms
605ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=3623503060&adf=2821323308&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=1&bdt=229&idt=348&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Y8qUGjCxSC&p=https%3A//kiwiexploits.com&dtd=352

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

4d5d0cb026a2e7e8bf050c43699e9e5ede20cf7c9a894695583e6da7f8b6e78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38317
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 01:06:44 GMT
expires: Tue, 03 Oct 2023 01:06:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CEA 156 KB
54 KB 1594ms
1593ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=2653041513&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693214286&rafmt=1&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=2&bdt=229&idt=355&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=lsfNb8iYSP&p=https%3A//kiwiexploits.com&dtd=358

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

8baf95ba5ca093d8d71afd6fda610ce0157541f3f59cff928cc318bfa8cdb2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55256
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 01:06:45 GMT
expires: Tue, 03 Oct 2023 01:06:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 523ms
39ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3CCNYPH0PB&gtm=45je39r0&_p=435122685&_gaz=1&cid=1560604569.1696295204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696295203&sct=1&seg=0&dl=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&dt=Kiwi%20X%20Download&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3CCNYPH0PB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kiwiexploits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 527ms
44ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3CCNYPH0PB&cid=1560604569.1696295204&gtm=45je39r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3CCNYPH0PB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kiwiexploits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 531ms
48ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3CCNYPH0PB&cid=1560604569.1696295204&gtm=45je39r0&aip=1&z=348716122

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 43ms
42ms XHR
text/plain 142.251.111.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=435122685&t=pageview&_s=1&dl=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&ul=en-us&de=UTF-8&dt=Kiwi%20X%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=984622038&gjid=842092699&cid=1560604569.1696295204&tid=UA-162344816-1&_gid=1101272761.1696295204&_r=1&gtm=457e39r0&jsscut=1&z=1104597793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiwiexploits.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kiwiexploits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1A81 14 KB
1 KB 48ms
45ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=3623503060&adf=2821323308&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=1&bdt=229&idt=348&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Y8qUGjCxSC&p=https%3A//kiwiexploits.com&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 01:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 23:59:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 01:06:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1A81 2 KB
973 B 125ms
51ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:27:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 1A81 23 KB
9 KB 109ms
38ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1A81 3 KB
1 KB 123ms
52ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1A81 20 KB
8 KB 106ms
35ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A81 187 KB
59 KB 38ms
38ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:44 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 1A81 36 KB
15 KB 1118ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 05:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 05:48:15 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3621937509346456648/ Frame 1A81 750 B
1 KB 122ms
53ms Image
image/png 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3621937509346456648/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

sffe /

Resource Hash

c71d5996870168a09e5f550ef385ef4732e0d91eb29b90c94559a81ba67a3e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:07:33 GMT
x-content-type-options: nosniff
age: 475151
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 20:37:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 13:07:33 GMT

GET
H2 200 18110821203068058908
tpc.googlesyndication.com/simgad/ Frame 1A81 4 KB
4 KB 122ms
53ms Image
image/png 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18110821203068058908?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

sffe /

Resource Hash

7f7defdc08d731a0a1dca96c795b9ff449bf322a6074173ca221f8128eb576ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 12:33:14 GMT
x-content-type-options: nosniff
age: 477210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4076
x-xss-protection: 0
last-modified: Tue, 23 May 2023 18:47:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 12:33:14 GMT

GET
DATA 200
OK truncated
/ Frame 1A81 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd32713432d920e0baff31f52e600fb6f2a82f35f3317dbe33e31eb1a4836e17

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1A81 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1A81 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ee2e3ca3ae1ef99ae08575b76c817368cecdaaf17823309a0c4864e3cf3413

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E62A 3 KB
1 KB 36ms
35ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E62A 20 KB
8 KB 36ms
36ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E62A 187 KB
59 KB 38ms
38ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:45 GMT

GET
DATA 200
OK truncated
/ Frame E62A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ffa7b9152015ca3a72390d470fa638cd794e0ed9524bf198e914f3fd421d372

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E62A 0
23 B 61ms
60ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDVl1I2kbZaXNLPHqxtYPs6KKsArSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMByAMCqgTvAU_Qa2CE385YKrAd7jZXiQUv7ehGUefa-3ijyrJJQd7fCPlIpmbEdDMaZk9CQNMcFbdp5C_KRWfXT1HZNjyjvndLgWhbt_Bbq0hWGo_iAOTy3zaQltD3WEZfcpUEbZF4ltWFdxzF7zywPdlf-TBT9E6_y_M_muDZDXJ41efWdEz2_N7CrbUE12DoBUy03dqJEq_8yjeqFLA4B9JfTgeCvQND8EpftQp-Fu_BNL_FcXAy_yMbBCW9Rp3gp_-I2vRPRvyD5iib3oFaujgWRH_n-xYv4oPYTUe7atOdSXJayeOoPmoHEdNC5GYGZiBMFxf0gAbZvb335PiO1cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NTYyMTk2MDg2MzU5MjQwGAA&sigh=MqUM8XmVNFA&uach_m=[UACH]&cid=CAQSTADICaaNcinCat8JyzmX8ENz04XbvopLrJqZq038Xxm7WGlCRdMR09k9XaDffRKMxGjLHLJPbJGLie6JfS8HK-fbRZEcyzAbANQAUwMYAQ&cbvp=2&vis=1

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 01:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 01:06:45 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame E62A 0
757 B 107ms
67ms Image
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=1e13c686-6189-11ee-987d-a60c08818a92&d=kiwiexploits.com&cr=ext_ng_dow_sec8&a=imp&p=ZRtpIwALJqUE0bVxAAKRM0KcNXBmOWSkQovgEg&im=KzDxX-tcA7ubrW3xhMSjBiaGwOeOGJ9TCM6lICZo32ApZvsnvAQN_WbKROIQW04hc5cu11kqgJ7eXrbgEgODRdH83RjCDim4Sj_KDIG3CXp55AcT4IKzESfU9E3nkVTBpmS3KDCqsITcPvJgLcP6eSBbUExK8Ao6m-mt-ZKsuZjcnAeQcIhdAEFN_2PozUOXVc4MqkYIytHf6qt0fcbbAbebZ4kUxUL8khCF__MLDbnD2ZW-_aiZcjHiXvpn2YlzL5SjS40uV769KrTGJ_0ENSVuroDGA0GmXthmzri6L28aUffqHCKhZV9jaEbcle8a&cbvp=2
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:45 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame E62A 159 KB
160 KB 324ms
30ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1224
x-guploader-uploadid: ADPycdsuV_3CgNvC0B-5DO_MYbDjsMk3tR09qsW3KiI8EV4-pqmVqpwDJjhFcWyoeeEbJpR50edWXw8CuLD2kffuHLJfyg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t11XFq5dHuegKjwUc3qSQ2BrTU7S1btmB5PWSgv6Jk2lD6CpJt8479w%2FID2BtKeoBItwqht9ZWrTw1l6kkGJLzt8lOXQ05hUfan3mvthD8seaU98FA9aiNXuVdaWoYQBLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 810148c9fdeba238-YYZ
expires: Tue, 03 Oct 2023 01:35:26 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame E62A 159 KB
159 KB 381ms
87ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
x-guploader-uploadid: ADPycdumnHxsMGW7ltOyavCtc7ae4RZRxTEy-364H6AQfsg6VSPtVLSeOnrZaCUwuGvZomUO-96G5hV-q3iTpSLEiQkmq3y9DXFW
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUO5ese9%2BE1XjCGLHEQWGT4%2BzFGB%2FeaKPm4IAG8q0c%2BK9HAbkvuyXKFFBQvrnUOtwL33aTQooLgAocy10bTK7vZD5pKlW2U5Pce0whI5egTM0LgbW0shj3QVt047tiYzhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 810148c9fdf2a238-YYZ
expires: Tue, 03 Oct 2023 01:38:30 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame E62A 0
407 B 64ms
64ms Ping
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:45 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 154 KB
53 KB 60ms
59ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

a99e95721e520d12a2926d777e9e7fda8d1d67d6ed8c4286f3d3b20cea0a8e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://kiwiexploits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53744
x-xss-protection: 0
server: cafe
etag: 17213002070727352029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:45 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame EB8A 10 KB
4 KB 36ms
36ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiwiexploits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 45300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:31:45 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 12:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame EB8A 4 KB
671 B 46ms
46ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 01:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 23:55:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 01:06:45 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame EB8A 15 KB
6 KB 36ms
35ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 21:23:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame EB8A 20 KB
8 KB 35ms
34ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 91A0 3 KB
1 KB 36ms
35ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 91A0 20 KB
8 KB 37ms
35ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91A0 187 KB
59 KB 38ms
37ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 5CEA 3 KB
1 KB 42ms
41ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=2653041513&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693214286&rafmt=1&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=2&bdt=229&idt=355&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=lsfNb8iYSP&p=https%3A//kiwiexploits.com&dtd=358

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 5CEA 20 KB
8 KB 35ms
34ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f132.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CEA 187 KB
59 KB 39ms
37ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:06:45 GMT

GET
DATA 200
OK truncated
/ Frame 5CEA 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65ead9ae03733ed171e567812d435c425e4577ba16ed39ddeb852f36316ac291

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CEA 0
19 B 62ms
62ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBPnJI2kbZazPNYz4xtYPkP234ArSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMByAMCqgT1AU_QSJD3w-FzME4Sh-pe7oH7dKo7XrX4Tc7GllgmjyfZ0CqoiIORq1aWZjUF1oac56-MVd37LBFks05Ab4ENSAvxga4Nf002gdRnr2524Wkg2aYo6cKDHLudJngHWkAOkt6SZZ1rtSBLIpayIU_F7mARb1mfgk1-pto4OOW-mLp1p30lrnPGTYRXeY5Y5P2Ppe2YliwdRk5spMQbYY4d4DXtTtz2_7yCpecDgdejQg7_yR0Q8wxS3rUvmRYSR9qd2awxqJZ7pvAC_Mtmf6Eh2-ZzU1JH4YTIn9_QQkX37069vbAipWgGXrre7FGmJBXETTjsOv9lgAbx6uHry6-Z0TOgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg1NjIxOTYwODYzNTkyNDAYAA&sigh=9OCgPzGkzaI&uach_m=[UACH]&cid=CAQSTADICaaNd1j1sUzDx4BrQ9lX-wixb_GPVmPOFytBByvaM5aD3S1vPg6z_VANY6CYtyc6R1fmV9QmndpcrEX7jVhsgljlyaL9TNUOe7cYAQ&cbvp=2&vis=1

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=2653041513&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693214286&rafmt=1&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=2&bdt=229&idt=355&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=lsfNb8iYSP&p=https%3A//kiwiexploits.com&dtd=358
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 01:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 5CEA 0
275 B 54ms
53ms Image
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=1e2ab257-6189-11ee-8ce9-1aaa00714239&d=kiwiexploits.com&cr=ext_ng_start_sec8&a=imp&p=ZRtpIwANZ6wE0bwMAA3-kNiKQjbZ_JAJJSfWJQ&im=GjlTU2Hgg0xLk_MipBJNs1I3gBt5tRkeZZIbHm3Jpzw473HjOJYvFV6-sxanFNtP0yBH5aVIVXCPioSKZPn-nQIKmNXkp59gKCwoRVMvf5Wj134HxR4LK9KnHpHwb2CK03LjzsTE2KTcX051lH2C7b7p6AdeeLkqVLXoMloymP0D6mXKgWWK5M_LddrOljZg-lPxekKhrGX2xrpBVELQqhEibCnS_sHIgEBTcHbE4XW651keo2qsxRiGgFuUZpf8xlSYGq3CCE5K0svdnqxWz2-IInU3h3fkxv9M3PFqa2kStV4Cjc__3xB4FyZL2-sCNsi8YZQJjO-BXg2VuvdtKtkGs6qsxTSKltkw3phSRAo&cbvp=2
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:45 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame E62A 0
128 B 48ms
48ms Ping
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=250&slotname=1836580918&adk=1046840810&adf=3100213249&pi=t.ma~as.1836580918&w=300&lmt=1693214286&format=300x250&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203475&bpp=1&bdt=227&idt=206&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yUAx1kPKrc&p=https%3A//kiwiexploits.com&dtd=212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:45 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1A81 33 KB
33 KB 35ms
35ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 05:46:43 GMT
x-content-type-options: nosniff
age: 415202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:46:43 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1A81
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGy6OI2kbZbmVNcCKvPIPgpWg0A_LldTbcta-8fi9Ebq8jPG-ARABIMDsmHxg_aCZgegDoAGa1bThAsgBAagDAcgDywSqBP4BT9DnAt5zz7BJvNOhsPXrvHEww_cArNpv6mzqWYVzt8lOsMi...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a613267d25c6d920000000000000000%22,%222%22:%220x3352d28842d010c50000000000000000%22,%223%22:%220x58d8d5...

0
0

51ms
50ms

Fetch
text/css

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a613267d25c6d920000000000000000%22,%222%22:%220x3352d28842d010c50000000000000000%22,%223%22:%220x58d8d5ea271ae24b0000000000000000%22,%224%22:%220x87d6fbb48f98f8ba0000000000000000%22,%225%22:%220xfc0fabb92adf01a0000000000000000%22},%22debug_key%22:%22111035684465374426%22,%22debug_reporting%22:true,%22destination%22:%22https://passwordmanagercomparison.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22741157530%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221739329176825463313%22}&andc=true

Requested by

Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5a613267d25c6d920000000000000000","2":"0x3352d28842d010c50000000000000000","3":"0x58d8d5ea271ae24b0000000000000000","4":"0x87d6fbb48f98f8ba0000000000000000","5":"0xfc0fabb92adf01a0000000000000000"},"debug_key":"111035684465374426","debug_reporting":true,"destination":"https://passwordmanagercomparison.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["741157530"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"1739329176825463313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 01:06:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 01:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5a613267d25c6d920000000000000000","2":"0x3352d28842d010c50000000000000000","3":"0x58d8d5ea271ae24b0000000000000000","4":"0x87d6fbb48f98f8ba0000000000000000","5":"0xfc0fabb92adf01a0000000000000000"},"debug_key":"111035684465374426","debug_reporting":true,"destination":"https://passwordmanagercomparison.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["741157530"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"1739329176825463313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7753 38 KB
14 KB 37ms
37ms Script
text/javascript 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 06:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 412563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 06:30:42 GMT

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 91A0 159 KB
160 KB 31ms
31ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1224
x-guploader-uploadid: ADPycdsuV_3CgNvC0B-5DO_MYbDjsMk3tR09qsW3KiI8EV4-pqmVqpwDJjhFcWyoeeEbJpR50edWXw8CuLD2kffuHLJfyg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6dsBk5OxyZIJhFHg8c2gYxHfZNUTB7GcAJvZkq3IUTlTrDFofHC8VysSlC7389oHqxxkgGYIAkXjaSTol4bHfl5S9bwHDlV9thd6xyQZotXLvNKI54KvmU8TWsXe2NLvA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 810148cb581ea238-YYZ
expires: Tue, 03 Oct 2023 01:35:26 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 91A0 159 KB
159 KB 24ms
24ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
x-guploader-uploadid: ADPycdumnHxsMGW7ltOyavCtc7ae4RZRxTEy-364H6AQfsg6VSPtVLSeOnrZaCUwuGvZomUO-96G5hV-q3iTpSLEiQkmq3y9DXFW
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkNW3Aa7m90PDdcwS8wNl63YuaZs2dwb4aaKN6Fv92fLGePae3CMuF5TxhVyhU%2FshLwFn0aOgvuiTEA0fokn5Mn%2FKG5pAJonYzZbhWsiZwgX3kdphW4nHCWh2MgYOqoHJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 810148cb5820a238-YYZ
expires: Tue, 03 Oct 2023 01:38:30 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 372ms
49ms Preflight
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 01:06:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 91A0 0
20 B 79ms
78ms Ping
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: kiwiexploits.com
URL: https://kiwiexploits.com/kiwi-x-download?utm_source=PrimeExo&utm_medium=YouTube&utm_campaign=Kiwi+X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:45 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 5CEA 159 KB
160 KB 27ms
27ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=2653041513&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693214286&rafmt=1&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=2&bdt=229&idt=355&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=lsfNb8iYSP&p=https%3A//kiwiexploits.com&dtd=358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1224
x-guploader-uploadid: ADPycdsuV_3CgNvC0B-5DO_MYbDjsMk3tR09qsW3KiI8EV4-pqmVqpwDJjhFcWyoeeEbJpR50edWXw8CuLD2kffuHLJfyg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oq33L2yHwrKHa3LQKT0WfqlNp%2Fjd22fR5TSpCi8sxdDaPFbb4jhq8Fziwjm0TgH9U94tmBD1W0U7OyBZOmEd%2FHsf2qnK6p577aMy9ElvNQoh7ktnAnLR21YHMg0Ffi%2BHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 810148cbe915a238-YYZ
expires: Tue, 03 Oct 2023 01:35:26 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 5CEA 159 KB
159 KB 32ms
32ms Font
application/octet-stream 104.26.2.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=2653041513&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693214286&rafmt=1&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=2&bdt=229&idt=355&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=lsfNb8iYSP&p=https%3A//kiwiexploits.com&dtd=358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:06:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
x-guploader-uploadid: ADPycdumnHxsMGW7ltOyavCtc7ae4RZRxTEy-364H6AQfsg6VSPtVLSeOnrZaCUwuGvZomUO-96G5hV-q3iTpSLEiQkmq3y9DXFW
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COJyBqtkzpp%2FC6R7JzjDdZIA3FOB3WhDZjTXePCTutQCVf5XtO1%2BGzfavAcgQUfecmEHWDol2pHFbshIBcxOov%2BHm1u17hV1GlHKMDg1aPj1hGvdMUunRWi8hIk%2Bzonkcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 810148cbf917a238-YYZ
expires: Tue, 03 Oct 2023 01:38:30 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame 5CEA 0
18 B 72ms
71ms Ping
text/plain 34.149.135.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=280&slotname=6823165047&adk=3490555514&adf=2653041513&pi=t.ma~as.6823165047&w=1200&fwrn=4&fwrnh=100&lmt=1693214286&rafmt=1&format=1200x280&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203477&bpp=2&bdt=229&idt=355&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=lsfNb8iYSP&p=https%3A//kiwiexploits.com&dtd=358
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.135.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:45 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET 5111
8proof.com/app/rtbmarkup/ Frame 363A 0
0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C5B 0
19 B 60ms
59ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfHshI2kbZeS0Lcy7vPIPmOuo2AX6j4XmbaCDqMWtDcCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi04NTYyMTk2MDg2MzU5MjQwyAEJqAMByAMCqgTtAU_Qm189Dz2CI-xTyO3fTuiai85yQ0He-Eg0JAStcTVB4bC4z3PrGLXvVaQm-7qgBdpvcsesk5K_lzQF2EThwk32z4jgqbfTz-uKOGke_LoYP-DiHniw6wwhudBdI0SkrUnXOi4DYd_amuQSPyO7oPPXANv0fMGzaOG0GwL_gCquVMUDy3LZFvs4lyWEu42bQj44EJhh6P-Ym0LbBpFBrcnq0gl5duvPE7o7-KmZFO85uaeWtNwr6MUa_UGtjUxs0gq9YW5BbJmfHDzaTBIG9Rrxjnn43obyuoOIAzovtK4yv-El3XQK5MsoeoIcm4AG2MDultXRq8pVoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NTYyMTk2MDg2MzU5MjQwGAA&sigh=1RUT44oRQl0&uach_m=[UACH]&cid=CAQSTADICaaNH1jvgzvtYZfqzMuMCmYCTNfjJudM-1BGJ3uuI1EbTBP3_R9VK0ZdFhXglWB7n8lJWspePt0CgygHU3BgFT8E-_mu2ejU4m8YAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=90&slotname=9459101825&adk=1837950576&adf=1117302172&pi=t.ma~as.9459101825&w=728&lmt=1693214286&format=728x90&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203476&bpp=1&bdt=228&idt=218&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=448&ady=959&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mMs3cs0T8K&p=https%3A//kiwiexploits.com&dtd=223

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8562196086359240&output=html&h=90&slotname=9459101825&adk=1837950576&adf=1117302172&pi=t.ma~as.9459101825&w=728&lmt=1693214286&format=728x90&url=https%3A%2F%2Fkiwiexploits.com%2Fkiwi-x-download%3Futm_source%3DPrimeExo%26utm_medium%3DYouTube%26utm_campaign%3DKiwi%2BX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696295203476&bpp=1&bdt=228&idt=218&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3724044099205&frm=20&pv=1&ga_vid=1560604569.1696295204&ga_sid=1696295204&ga_hid=435122685&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=448&ady=959&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2456228810790933&tmod=892309963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mMs3cs0T8K&p=https%3A//kiwiexploits.com&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 01:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET win
8proof.com/app/ Frame 8C5B 0
0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E62A 42 B
174 B 53ms
53ms Fetch
image/gif 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJVEl_hXBYXhmINSCQfqKR-nlWkqZMsQvHUgSwbQjq5ucxHfrw_vSYPIZHmjrjIkW0n6MdaJWC1iad7TINSUjFUR722ahSAGubSLlw&sig=Cg0ArKJSzHpuJVkZ-dFFEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1046840810&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696295203689&rpt=1424&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 01:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 8proof.com
URL: https://8proof.com/app/rtbmarkup/5111?id=631293173149&ctd=110095&crid=1423&ap=ZRtpIwALWmQITx3MAAo1mI5m2aqVPqnCoDvsPw

Domain: 8proof.com
URL: https://8proof.com/app/win?id=631293173149&ap=ZRtpIwALWmQITx3MAAo1mI5m2aqVPqnCoDvsPw&t=b&cbvp=2

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 19:30:47	Name: _bit Value: n9316F-7bf6162424ae07017c-00y
.kiwiexploits.com/	1970-01-20 23:57:11	Name: cf_clearance Value: DfNqytB5HCaBm0j_wsaTbB6V7szJ0gLTR_1kcm7OztI-1696295203-0-1-5e69379e.ce7187f.48c84e28-0.2.1696295203
.kiwiexploits.com/	1970-01-21 00:47:35	Name: _ga Value: GA1.2.1560604569.1696295204
.kiwiexploits.com/	1970-01-20 15:13:01	Name: _gid Value: GA1.2.1101272761.1696295204
.kiwiexploits.com/	1970-01-20 15:11:35	Name: _gat_gtag_UA_162344816_1 Value: 1
.kiwiexploits.com/	1970-01-21 00:33:11	Name: __gads Value: ID=c7c9f76018217776:T=1696295203:RT=1696295203:S=ALNI_MbwNwUMn2DptnjQZyNs6gdbAWkD6Q
.kiwiexploits.com/	1970-01-21 00:33:11	Name: __gpi Value: UID=00000d9677471034:T=1696295203:RT=1696295203:S=ALNI_MaPopq0BBcesC9zDq8WwrlkRdT2Lg
.doubleclick.net/	1970-01-21 00:47:35	Name: IDE Value: AHWqTUkt64i1zhDeTcTKMadA1nYPgInZ8iSyjIVwxE12Sp-NK17ptGcLNMKQ4CdZXGo
.doubleclick.net/	1970-01-20 15:11:36	Name: test_cookie Value: CheckForPermission
.bidbrain.app/	1970-01-21 00:47:35	Name: uid_cross Value: 1eedd674-6189-11ee-88ad-a6381388d800
.kiwiexploits.com/	1970-01-21 00:47:35	Name: _ga_3CCNYPH0PB Value: GS1.1.1696295203.1.0.1696295205.58.0.0
.bidbrain.app/	1970-01-20 15:11:42	Name: sid_cross Value: 1e19c585-6189-11ee-b4c6-3255be63e688
.googleadservices.com/	1970-01-20 17:21:11	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
acscdn.com
analytics.google.com
bit.ly
cdn.rtbrain.app
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
googleads.g.doubleclick.net
kiwiexploits.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
youradexchange.com
8proof.com
104.21.63.99
104.26.2.190
142.250.31.94
142.251.111.139
142.251.111.94
142.251.167.132
172.253.115.155
172.253.115.95
172.253.122.156
172.253.122.94
172.253.63.154
172.253.63.155
172.253.63.97
172.64.169.35
172.67.191.177
216.239.36.181
34.149.135.28
67.199.248.10
03e9ecd338441c4066bb1db80a32f1cfa4a76e7dd8d1aa65f84e7fc0b7b2c80b
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
0c85ca49ceb30f030266195f728718506627e7e19757ab279ba37bf777804e19
0d4bd2f918efeb4ea7a65747e5ca0f9c86cccdb961a6276299ebe3a7a47a3854
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
43b8c21d293808c03cd799b53149592f7420cd1476833dbf57dee9c246606464
4a23e04453c514140017a0bfae6fef383dc6010b3bf39964a991e4cbbbc1a497
4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7
4d5d0cb026a2e7e8bf050c43699e9e5ede20cf7c9a894695583e6da7f8b6e78a
50bc522610e1fc1738cfd395d5adc73e9e1f88872990b65705d92b22fd8936b0
512241735bfc001ad294f5ca02f85354ffb65b64ffee419a3b6c3c6d084adca9
523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
5eeb5ad4d269ee66592bf157e22b8a71c21e8bf9f7d461e0adf59f9ce7177bb9
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65ead9ae03733ed171e567812d435c425e4577ba16ed39ddeb852f36316ac291
6668a39b684c4ff5a5991396af1924f6a81bee0d0663a8fe78654c15f95aba35
67bb13a8da492dbd5fe8787450387893d63b159585c49e166882d617735102bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7594de13e6bedbcacfbd22a3d04d1ddd876f591e488074a91c71274f9d4e474f
76ee2e3ca3ae1ef99ae08575b76c817368cecdaaf17823309a0c4864e3cf3413
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7f7defdc08d731a0a1dca96c795b9ff449bf322a6074173ca221f8128eb576ab
85cac433d853ff158d0d1ae2dc0268c67e99050005570bf9f409144ac432139b
867a9a1bad8363a3f8e2a3628ba7595512a7fbff6c4125099756efbe533c660c
8b97a41128f59adefd1712cc3b9712b297fe273a2c425f8eab4fea3285500423
8baf95ba5ca093d8d71afd6fda610ce0157541f3f59cff928cc318bfa8cdb2af
8e8582b02321950e729b7e88ea63931c9cadfdc5f9d76e18a694b8bbad6debf6
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
97f0549ae1b86791420890ae5c5b6ec5af448ef05a4d9f924e824c48a380ac73
991d47a727ed40a437c6bf202a2f0730ba3bd6c593bf84ee38f9f73e1c2c445c
9ffa7b9152015ca3a72390d470fa638cd794e0ed9524bf198e914f3fd421d372
a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1
a2470f44572c91daca6e64da9ae31a2f91fdea031f0b5a028ba63dc8daf8664a
a958054aba0df8e253b0fd68862459386a7b68630a377fbfee051675e3ab706c
a99e95721e520d12a2926d777e9e7fda8d1d67d6ed8c4286f3d3b20cea0a8e63
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4
b014a3968910d794695dc632b60def58349349139cec4e0151ace29acb0d3a7b
b189949cdb59c67206ab4e6b0e867c9959181b68e3f16cc859f341fccbc145b7
b39904069cfb5a2490a4f8f1db27ce5ddd6273b3101f79415e17f5dd0ebe795e
b525ed8c0dfe29ace0e743ac8d679fca18a2794531d572ea1381cdb3e98b9652
b6b256db7f67d8dd5e05ed9e76325575d6ab90f28753e66a1178b98ce462003c
bc9ccc6892f6d3b7f7620e005ed0b586dd5838b2d3d8cab96292fe7d6bf5b545
bd32713432d920e0baff31f52e600fb6f2a82f35f3317dbe33e31eb1a4836e17
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c0af0cbab6f69a37485a23ab136c804a46d859745417d86c7f59edcbd3db7a07
c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c71d5996870168a09e5f550ef385ef4732e0d91eb29b90c94559a81ba67a3e0f
c983d316b302907296d9a13e7155cd7e367a30dad5eb319ab2dcd892f4d944fc
cbb3beea6dc8d67b0684c9a21085f50dda76874c6b495875882563d83477cb55
ccb200f2c60844c5d34bc235a45ea7cb76b7084e5a85975f555cf5a52ccff1e4
d1e68b87ecbf710b3d4c00e3c38c32a3d5203274c0d0cf05b98d77f715d6ba2d
d61f7c4f094f77ccc9494c4080289821c6533f82d8701924e6c1a2dd6e5831c2
d87ea3a4d5d02c1150752a96bf6a9286726447b23f8721138da966d43f60915f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ebae9733dec1bff5602b145a8c750f8b7fdb9c634473ed37fd40c34787729d
eb67aa77d24dcf51df68df733eb359165aff5ed43d1e46c6c5a601a2cd109ff6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f75d0fed0cd4380843d322f38aa2cb0cee3d128f28d5dc4c354623f6b0ac18a3
f769d0828e086db0175add9dd492303dc1d66639f8685242a301f4029376628e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fda11aeede5eae3284d670c3ed43ed57c6112e8103d49a0035bd4e2e8cbc7734

kiwiexploits.com Open in urlscan Pro 172.67.191.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

96 %HTTPS

0 %IPv6

17 Domains

21 Subdomains

18 IPs

2 Countries

2640 kBTransfer

5358 kBSize

13 Cookies

10 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kiwiexploits.com Open in urlscan Pro
172.67.191.177 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

96 %
HTTPS

0 %
IPv6

17
Domains

21
Subdomains

18
IPs

2
Countries

2640 kB
Transfer

5358 kB
Size

13
Cookies

100 HTTP transactions
5 data transactions