magical.kuku.lu Open in urlscan Pro
2606:4700:20::ac43:499a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://magical.kuku.lu/page.contact.php?type=MailNow
Submission: On October 30 via api (October 30th 2024, 8:22:57 am UTC) from PH — Scanned from US

Summary HTTP 38 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 38 HTTP transactions. The main IP is 2606:4700:20::ac43:499a, located in United States and belongs to CLOUDFLARENET, US. The main domain is magical.kuku.lu.
TLS certificate: Issued by WE1 on October 25th 2024. Valid for: 3 months.

This is the only time magical.kuku.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:20:... 2606:4700:20::ac43:499a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:fcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:808::200a	15169 (GOOGLE) (GOOGLE)
6	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
9	142.250.64.110 142.250.64.110	15169 (GOOGLE) (GOOGLE)
1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.80.36 142.250.80.36	15169 (GOOGLE) (GOOGLE)
38	13

9 2606:4700:20::ac43:499a (United States)

ASN13335 (CLOUDFLARENET, US)

magical.kuku.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.kuku.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:fcb (United States)

ASN13335 (CLOUDFLARENET, US)

live.erinn.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.64.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.36 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	73 KB
9	kuku.lu magical.kuku.lu d.kuku.lu	75 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	223 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	54 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	101 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412	30 KB
1	erinn.biz live.erinn.biz	515 B
38	10

	Domain	Requested by
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	magical.kuku.lu	magical.kuku.lu
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	magical.kuku.lu pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	cdn.jsdelivr.net	magical.kuku.lu
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	magical.kuku.lu
1	d.kuku.lu	magical.kuku.lu
1	ajax.googleapis.com	magical.kuku.lu
1	live.erinn.biz	magical.kuku.lu
38	13

This site contains links to these domains. Also see Links.

Domain
m.kuku.lu
draw.kuku.lu
live.erinn.biz
d.kuku.lu
c.kuku.lu
s.kuku.lu
v.kuku.lu
ddns.kuku.lu
i.kuku.lu
status.aquapal.net
aquapal.net

Subject Issuer	Validity	Valid
kuku.lu WE1	`2024-10-25` - `2025-01-23`	3 months	crt.sh
erinn.biz WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://magical.kuku.lu/page.contact.php?type=MailNow
Frame ID: B77FE3FB0337C9FF237D610F857A5079
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241024/r20190131/zrt_lookup_fy2021.html
Frame ID: 97579CA13CEE3AA61CA733E93AE74447
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&abgtt=6&lmt=1730276573&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=38~33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730276572825&bpp=4&bdt=1837&idt=266&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3284691550300&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95344189%2C95345281%2C31088518%2C31088249%2C95345789&oid=2&pvsid=3952952045851160&tmod=376963059&uas=0&nvt=1&fsapi=1&fc=1920&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=283
Frame ID: FE501A4FA7953DE4457A1ADFD66974A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=3123457437&adk=50182891&adf=2936346396&pi=t.ma~as.3123457437&w=1200&abgtt=6&fwrn=1&fwrnh=100&lmt=1730276573&rafmt=1&format=1200x280&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730276572829&bpp=2&bdt=1841&idt=299&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3284691550300&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95344189%2C95345281%2C31088518%2C31088249%2C95345789&oid=2&pvsid=3952952045851160&tmod=376963059&uas=0&nvt=1&fc=1920&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=308
Frame ID: 0BD6EDEC7E5BAE5122E5557EC6D92069
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 9A741063880CBEC03B38728FBB95D4AF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2593AAAFBB5E254D4C71800E7611D3CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inquiry | MagicalKukusama

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

38
Requests

97 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

13
IPs

1
Countries

577 kB
Transfer

1704 kB
Size

9
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://m.kuku.lu/
Title: InstAddr

Search URL Search Domain Scan URL

URL: https://draw.kuku.lu/
Title: MagicalDraw

Search URL Search Domain Scan URL

URL: https://live.erinn.biz/
Title: kukuluLIVE

Search URL Search Domain Scan URL

URL: https://d.kuku.lu/
Title: FileNow

Search URL Search Domain Scan URL

URL: https://c.kuku.lu/
Title: Chat

Search URL Search Domain Scan URL

URL: https://s.kuku.lu/
Title: ScreenNow

Search URL Search Domain Scan URL

URL: https://v.kuku.lu/
Title: VideoNow

Search URL Search Domain Scan URL

URL: https://ddns.kuku.lu/
Title: DDNS

Search URL Search Domain Scan URL

URL: https://i.kuku.lu/
Title: ImgConvert

Search URL Search Domain Scan URL

URL: https://status.aquapal.net/
Title: Status

Search URL Search Domain Scan URL

URL: https://aquapal.net/

Search URL Search Domain Scan URL

URL: https://aquapal.net/rule.php
Title: Click here for privacy policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request page.contact.php Show response
magical.kuku.lu/ 36 KB
11 KB 641ms
558ms Document
text/html 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc8e8a20bf6eee4ed2689dfcea2c379c3d076be7ef30ce2c099848b11988f51f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8da9fff53b7c3dcc-MIA
content-encoding: gzip
content-length: 11113
content-type: text/html; charset=UTF-8
date: Wed, 30 Oct 2024 08:22:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InlOp56ZW2jtqwq9WtQaEqwx0IHzRt8ZL1i8myugYoJyQ2xlGf9J%2FouWYS7astLkg4qs4z92%2Fr1JEXMye1W2QZvoqSNUt2ZUvVy3s5H2dJSbvXLRErU7VBUFwERNvN5GsV%2FZaML7aq2mgo6Tig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 _useruuid.js.php Show response
live.erinn.biz/ 0
515 B 1784ms
1695ms Script
text/html 2606:4700:20::681a:fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.erinn.biz/_useruuid.js.php

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

strict-transport-security: max-age=2678400;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAYc4O4Fr6lY4r2y0YtXMt6QkN4Eu%2Ffgk4yCauH5C9I5q7VjRNPncqE8U5ooHjd9Lhx9a%2BjOyM0eWC5XS9MTvcWHy%2FE1fOr3wXoINPxvgW4yVEcMfRA5suREzCRBzWLPKnx1F6qxwYVdfYFA"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da9fff95b3274ac-MIA
content-length: 0
date: Wed, 30 Oct 2024 08:22:52 GMT
content-type: text/html; charset=UTF-8
vary: User-Agent
server: cloudflare

GET
H2 200 kukulufinger2.js Show response
magical.kuku.lu/ 50 KB
14 KB 1045ms
1043ms Script
application/javascript 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magical.kuku.lu/kukulufinger2.js
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced25773fd184ed548988c73fee3e86d7d0454eba1f54c41061c851e3d56a793

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow

Response headers

cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
etag: W/"c8fd-589b41e3d3680"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ygGKHZATKn9%2Bbm6oD3W3FHjxhmAFjrNe%2Ftqgq66wZ%2BwE4AJfEUB7vlAABCb2TP77QcQq58UKmX46AMZ%2Bo3GroMUINTna2FVe6OdtjCl1y%2FW5bOpZ63VZjX3IuWQbSMpQ1dSbEAWyPmPq0vo1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da9fff8cca23dcc-MIA
date: Wed, 30 Oct 2024 08:22:52 GMT
content-type: application/javascript
last-modified: Sat, 25 May 2019 10:52:58 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
30 KB 105ms
31ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://magical.kuku.lu
Referer: https://magical.kuku.lu/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
age: 2438452
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 30 Oct 2024 08:22:51 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230122-FRA, cache-mia-kmia1760046-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
x-jsd-version: 5.2.3

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 197ms
61ms Script
text/javascript 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: gzip
age: 296225
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 26 Oct 2025 22:05:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 22:05:46 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30306
x-xss-protection: 0
server: sffe

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 79 KB
24 KB 115ms
42ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://magical.kuku.lu
Referer: https://magical.kuku.lu/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
age: 1299086
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 30 Oct 2024 08:22:51 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230056-FRA, cache-mia-kmia1760046-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24659
x-jsd-version: 5.2.3

GET
H2 200 top2016c.png
magical.kuku.lu/img/ 13 KB
13 KB 537ms
536ms Image
image/png 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/top2016c.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc4db66a8eeb8a8c300d033b90734f876aa1aa0972f27f02e188537e70d6aaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow

Response headers

cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
etag: "541d-528e8f6852d40"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44B5gD23fVMFli8%2FFX9Vp7FqkRk1jvgAopVWnmOvKa7lSPz6Ppsudh2e0VKxSO1OVkDyNXu%2Bl1%2F7caRt1yBOaIPFLDFpcB1QnrHyW%2FH7%2FKNYDz8wvO%2BJHsKx45EOyDldcRM3gzLG3QzkpU7yXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da9fff8cca43dcc-MIA
accept-ranges: bytes
cf-polished: origSize=21533, status=vary_header_present
content-length: 12974
date: Wed, 30 Oct 2024 08:22:51 GMT
content-type: image/png
last-modified: Sat, 09 Jan 2016 16:11:57 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 filenow_upload-s3.js.php Show response
d.kuku.lu/ 18 KB
5 KB 552ms
536ms Script
text/html 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.kuku.lu/filenow_upload-s3.js.php
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77fa33dc4bad72865ab58527174bdb10a4bdedccc3632d7e8cb9cc20d492133

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pg58EZ1N1bkjn0QKNK1R0%2BAMEGZZumc2j5OP3caSu%2Ba29%2FTwinj4tgsP9AsTvTaDoYRHNzOv9eBdP6EqR%2F3GTAQOzTTjzLEEnowjx6N9DZsHIQUiBYl1%2FNYNrZW5cu7KWAAKZdYtzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da9fff8ecab3dcc-MIA
date: Wed, 30 Oct 2024 08:22:51 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 214ms
88ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6235967741013519

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

cbfe6ecde84998319a46aef72d4cc0f6c218c42464c9d95ddf2dc47c45791dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://magical.kuku.lu
Referer: https://magical.kuku.lu/

Response headers

content-encoding: br
etag: 2721832393156987295
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 08:22:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 30 Oct 2024 08:22:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53613
x-xss-protection: 0
server: cafe

GET
H2 200 foot2016kuku.png
magical.kuku.lu/img/ 12 KB
12 KB 546ms
545ms Image
image/png 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/foot2016kuku.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14fa575973cdc25cd5c0eb26e9d56b484cf96c76bb6446f58449c74f549a5720

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow

Response headers

cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
etag: "3240-528e8e00c9d00"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFjmW3Ht1GW5kb7W%2FjM5idu4FuUkqNOVfw7Rw2gZgIdE9A%2F28xS%2BP62FETUOaQlNFQMtNy3v0VpfF2acK6%2FY1oc8aLYEh3KrdYuHnocMe604ENFrCvSzguc%2B2D9lryG%2FTa3t407rTcM8%2FwNGQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da9fffc2dcc3dcc-MIA
accept-ranges: bytes
cf-polished: origSize=12864, status=vary_header_present
content-length: 12127
date: Wed, 30 Oct 2024 08:22:52 GMT
content-type: image/png
last-modified: Sat, 09 Jan 2016 16:05:40 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 aquapal.png
magical.kuku.lu/img/ 940 B
1 KB 546ms
546ms Image
image/png 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/aquapal.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 269365aca27783cf0296dbfa1109f2121bce15d18a966860b99c2c4c3930cc1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow

Response headers

cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
etag: "6f7-4b84fe8d457c0"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9eODXnoSb3d%2FEN7rj8735Y8KtnETutK79Bp6P2Mf7k64ijvzrUcNlQ58N5YJv5zYkwQUBrpeY8DnFSPKMGwODPl%2BnRYndJDG9L%2BfQfxiscxClyMBv00iK8yowbev3gdqd0r8%2FI6MtdHXo6Dsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da9fffdce573dcc-MIA
accept-ranges: bytes
cf-polished: origSize=1783, status=vary_header_present
content-length: 940
date: Wed, 30 Oct 2024 08:22:52 GMT
content-type: image/png
last-modified: Mon, 06 Feb 2012 18:34:15 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
101 KB 240ms
102ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QLSXLE74DJ

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae3267309a239244aebad92a37bd0534d95e1c3ee7c034eaf03cad63b1d188af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 08:22:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102688
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bac8810a47ad52ace415f936c526aabfaba33480ec212b68ccdde147016c0b80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 top2016b.png
magical.kuku.lu/img/ 579 B
1016 B 549ms
548ms Image
image/png 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/top2016b.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62fd92a9be66d0fe17dcc801957bdf270f0c1350429d55facff15c04f5ba4c46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow

Response headers

cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
etag: "280-528e8ffd18c40"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1v3n7dCeDgBzjSTvQpAlRyav1cypj7kHJpThJ9Q7vw%2BqAZlrLk%2FPb1cuKnilXjDNJFhEE5AlHc7HgmPxuJq719l7v9UQN1I6V%2FRMQypnC4VvLqUI3%2F%2F2v7omik2lpmvFhxym4yPFN2NG8W1mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8daa0004188f3dcc-MIA
accept-ranges: bytes
cf-polished: origSize=640, status=vary_header_present
content-length: 579
date: Wed, 30 Oct 2024 08:22:53 GMT
content-type: image/png
last-modified: Sat, 09 Jan 2016 16:14:33 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 foot2016.png
magical.kuku.lu/img/ 961 B
1 KB 531ms
531ms Image
image/png 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/foot2016.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f23e78de5775ed501f1ba48c9fa111f01424ed5f378d3795102e120e6dd34400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow

Response headers

cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
etag: "533-528e8d0f823c0"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHAhmf5FBuKyWdl%2BkG8FDFZ0UtyepTeaCJfKokPcZ9ipB97y6LGi53y%2B9nOg8BRDCc0IIKi7mzWGaaJ4Avaz0aoYfzGBVy0cmG0IBKp1v9FbWk%2B3PAxKAXqS5d59sjQYbf6t6TgHhBjItR%2FmYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8daa000418913dcc-MIA
accept-ranges: bytes
cf-polished: origSize=1331, status=vary_header_present
content-length: 961
date: Wed, 30 Oct 2024 08:22:53 GMT
content-type: image/png
last-modified: Sat, 09 Jan 2016 16:01:27 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/ 435 KB
145 KB 118ms
117ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088518

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6235967741013519

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

d04673b10b0de03cb902b9e1e059c757178d88c2f6c3792cb24f43475a8c88e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: br
etag: 18022460423366010186
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 08:22:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 30 Oct 2024 08:22:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148267
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 214ms
77ms Fetch
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QLSXLE74DJ&gtm=45je4as0v879594741za200&_p=1730276572795&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1739883498.1730276573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730276573&sct=1&seg=0&dl=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&dt=Inquiry%20%7C%20MagicalKukusama&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2708
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLSXLE74DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://magical.kuku.lu
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:53 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241024/r20190131/ Frame 9757 0
0 175ms
60ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241024/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088518

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 07:49:52 GMT
etag: 13108003645644964576
expires: Wed, 13 Nov 2024 07:49:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame FE50 0
0 249ms
142ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&abgtt=6&lmt=1730276573&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=38~33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730276572825&bpp=4&bdt=1837&idt=266&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3284691550300&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95344189%2C95345281%2C31088518%2C31088249%2C95345789&oid=2&pvsid=3952952045851160&tmod=376963059&uas=0&nvt=1&fsapi=1&fc=1920&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088518

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 648
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 08:22:53 GMT
expires: Wed, 30 Oct 2024 08:22:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0BD6 0
0 518ms
439ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=3123457437&adk=50182891&adf=2936346396&pi=t.ma~as.3123457437&w=1200&abgtt=6&fwrn=1&fwrnh=100&lmt=1730276573&rafmt=1&format=1200x280&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730276572829&bpp=2&bdt=1841&idt=299&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3284691550300&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088482%2C95344189%2C95345281%2C31088518%2C31088249%2C95345789&oid=2&pvsid=3952952045851160&tmod=376963059&uas=0&nvt=1&fc=1920&brdim=320%2C320%2C320%2C320%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088518

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 08:22:53 GMT
expires: Wed, 30 Oct 2024 08:22:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-6235967741013519 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 248ms
95ms Script
application/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6235967741013519?href=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba07f0e19c7f5b64daf772223c9c770f2030fb3d491bd6052b399593b3d9d5fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DbiGG_STm3vPhJ9B1vjebA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8d6Pl1iPAnGRxBXWJiC-3XSF9TEQM3y9wsoBxEI8HHdvtu9kEzjwZ_d0JiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjCz0Dw_gCAwDeEElW"
content-security-policy: script-src 'report-sample' 'nonce-DbiGG_STm3vPhJ9B1vjebA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWB3rZ3d7fEIUcyhlJ12bz864l-SAqdajREPhAsIlEBVYBVdyes5ZfJzLEyAUsocF75KjdiuCyiVBt7voa5IF478_ox_E9UZgzlkjNpVVxcm10a3ztl27iYC3Uf87Uu5VOGu-auYA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 204ms
83ms XHR
text/html 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWB3rZ3d7fEIUcyhlJ12bz864l-SAqdajREPhAsIlEBVYBVdyes5ZfJzLEyAUsocF75KjdiuCyiVBt7voa5IF478_ox_E9UZgzlkjNpVVxcm10a3ztl27iYC3Uf87Uu5VOGu-auYA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jwYn0AhJbuc.es5.O/am=DgY/d=1/rs=AJlcJMzT4zrkuC3nu074JqTCA_x3CWuSfQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qdoGFUle_UHc0dBZADhKYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magical.kuku.lu/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuHuzfSebwIlJW7cwK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjCz0D0_gCAwBdyy4K"
content-security-policy: script-src 'report-sample' 'nonce-qdoGFUle_UHc0dBZADhKYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magical.kuku.lu
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXOBBUIX6Lcv_UKGibQvCGXrvulA7USSDk6dLnrHm1ziiunQqT2lbQclBq6ACZdP9U65OXWuYZkJRpKRNGsAGeMeVlmboVx4zP0IuTYWhk1jUfd7kXU5P81QifSUZzPwJ1Oae6XxQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
91ms Script
application/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXOBBUIX6Lcv_UKGibQvCGXrvulA7USSDk6dLnrHm1ziiunQqT2lbQclBq6ACZdP9U65OXWuYZkJRpKRNGsAGeMeVlmboVx4zP0IuTYWhk1jUfd7kXU5P81QifSUZzPwJ1Oae6XxQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMjc2NTczLDc4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tYWdpY2FsLmt1a3UubHUvcGFnZS5jb250YWN0LnBocCIsbnVsbCxbWzgsImp3WW4wQWhKYnVjIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4ODI0N10sOCwyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cb3abbb09c771a3a458be0532d69bea4a8cb287bc0e68523fabe5ac25a3eeee

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7eh2ded00GCV1TIsQfYNZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNCQYjh56zbTRSA-73SH6ToQS3x9yaQBxE7pM1iDgLj15jnWqUCc9O88axEQu2tdZPUHYkOFS6yOIFx0idUTiFV7LrGaAvH9dZdYnwPx3o-XWI8CcZHEFdYmIL7ddIX1MRAzfL3CygHEQjwcd2-272QT2NH-todZSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQwMhCz8AwvsAAAFCfTiA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7eh2ded00GCV1TIsQfYNZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxWVkksu8TDMNlqeIS4yiWqiEwWFsj7EtMYdVLg4eI3QC6_Kl_DltXq7lErQkhkjAYBK39pPTx5ZVl_hRvPz4f-rlq3y4asHaOPSIjRHJfcbqPvAx-NYCG9oaKzkHdBG3tF_MuEt0g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 94ms
93ms Script
application/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWVkksu8TDMNlqeIS4yiWqiEwWFsj7EtMYdVLg4eI3QC6_Kl_DltXq7lErQkhkjAYBK39pPTx5ZVl_hRvPz4f-rlq3y4asHaOPSIjRHJfcbqPvAx-NYCG9oaKzkHdBG3tF_MuEt0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMjc2NTczLDg3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbWFnaWNhbC5rdWt1Lmx1L3BhZ2UuY29udGFjdC5waHAiLG51bGwsW1s4LCJqd1luMEFoSmJ1YyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDddLDgsMl0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecebdb6b505225fa23ca77f5492b0a490f551d985714b80e283728c7fd3eea9a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Flnj0AwIn-SNzoZbNzetng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8d6Pl1iPAnGRxBXWJiC-3XSF9TEQM3y9wsoBxEI8HHdvtu9kE5hw--9uZiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjCz0Dw_gCAwDsB0l8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Flnj0AwIn-SNzoZbNzetng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 169ms
92ms XHR
application/json 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241024&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088518

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

0f86cde294d386c4464b2bc4945f5c2c3b0d4e849404258fa30baf544af19779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12994
date: Wed, 30 Oct 2024 08:22:54 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 favicon.ico
magical.kuku.lu/ 15 KB
15 KB 556ms
556ms Other
image/xicon 2606:4700:20::ac43:499a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magical.kuku.lu/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:499a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d64288e5aa4e8e529cd74e45cc429b0ab6d739dc2bc7d122bbefb8ca91873e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow

Response headers

cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "3aee-4cfd8098d8dc0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34Jo3%2FyM7yEvfMoQUeNDxoc5nQD8JncLd1x1YZkBZzrjM57DqLjvnaOQokWEKCFjJYVKNhxgogS7Uf6eSGVG0fAaNFQ6gW7gPzV0L3AUOq6U%2FnYW6GuOMQxu92llQ0wiRXc%2FkbHpwyj%2BHflyMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8daa000b7b403dcc-MIA
accept-ranges: bytes
content-length: 15086
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: image/xicon
last-modified: Sun, 02 Dec 2012 05:38:07 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 218ms
78ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js?bust=31088518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 08:22:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 9A74 0
0 184ms
60ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 08:19:00 GMT
expires: Wed, 30 Oct 2024 09:09:00 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 2593 0
0 203ms
84ms Document
text/html 142.250.80.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PhPrKlpXO688QKXBTwDjZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PhPrKlpXO688QKXBTwDjZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 08:22:54 GMT
expires: Wed, 30 Oct 2024 08:22:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pushdown._juiceadv. Show response
fundingchoicesmessages.google.com/f/AGSKWxUdHIUBQbwDirmdNaC_1XW6m3Y4njzs9Yh07Qkcknqm47W_0x9Ub0H-ooZg1g_kglFSIqYaFkQ_O9DXe8be0ePKABiV-DJ9TkZeD5bstaJ0djl4AQOSycSpa5ZfOOUwYMsNJahOxpFeNJknJglOR-IjIv64F... 54 B
109 B 87ms
87ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUdHIUBQbwDirmdNaC_1XW6m3Y4njzs9Yh07Qkcknqm47W_0x9Ub0H-ooZg1g_kglFSIqYaFkQ_O9DXe8be0ePKABiV-DJ9TkZeD5bstaJ0djl4AQOSycSpa5ZfOOUwYMsNJahOxpFeNJknJglOR-IjIv64FQrqM67zrFtZhk-inB4gXYsOOYYntkOr/_-Banner-Advert-/adgallery2._adv/leaderboard_/ad/js/pushdown._juiceadv.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jwYn0AhJbuc.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMy2-9ojPi3d2Ap81je3_x-RFIkVtQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

10ff46be4cf019c8b45797131003a7c0d0ba09e449c89101b8e1cc6f75db145d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tf0xjANd9ckfgHyWUHleNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8d6Pl1iPAnGRxBXWJiC-3XSF9TEQM3y9wsoBxEI8HPdutu9kE7jwYe5qJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjCz0Dw_gCAwDfO0lU"
content-security-policy: script-src 'report-sample' 'nonce-tf0xjANd9ckfgHyWUHleNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 72 KB
26 KB 61ms
60ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

2883f9729eb9330f5b407079fd4a23feeff625db8212e9c422779acf1f2cbb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: br
etag: 7514640061492178580
age: 2979
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 08:33:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 30 Oct 2024 07:33:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26759
x-xss-protection: 0
server: cafe

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWB3rZ3d7fEIUcyhlJ12bz864l-SAqdajREPhAsIlEBVYBVdyes5ZfJzLEyAUsocF75KjdiuCyiVBt7voa5IF478_ox_E9UZgzlkjNpVVxcm10a3ztl27iYC3Uf87Uu5VOGu-auYA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fZN7m9Ob05_k8rOROO4Elw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magical.kuku.lu/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuHezfSebwIyZj1YyKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjCz0D0_gCAwBXyC37"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fZN7m9Ob05_k8rOROO4Elw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magical.kuku.lu
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWB3rZ3d7fEIUcyhlJ12bz864l-SAqdajREPhAsIlEBVYBVdyes5ZfJzLEyAUsocF75KjdiuCyiVBt7voa5IF478_ox_E9UZgzlkjNpVVxcm10a3ztl27iYC3Uf87Uu5VOGu-auYA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k1Ic1vvYtIS22eBAAyAhCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magical.kuku.lu/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuHezfSebwIYjL04zKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjCz0D0_gCAwB37C5p"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k1Ic1vvYtIS22eBAAyAhCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magical.kuku.lu
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWB3rZ3d7fEIUcyhlJ12bz864l-SAqdajREPhAsIlEBVYBVdyes5ZfJzLEyAUsocF75KjdiuCyiVBt7voa5IF478_ox_E9UZgzlkjNpVVxcm10a3ztl27iYC3Uf87Uu5VOGu-auYA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CCouZk7jgK9N7PyTnwNgZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magical.kuku.lu/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuHezfSebwISlZ68wKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjCz0D0_gCAwBhWy4a"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CCouZk7jgK9N7PyTnwNgZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magical.kuku.lu
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWB3rZ3d7fEIUcyhlJ12bz864l-SAqdajREPhAsIlEBVYBVdyes5ZfJzLEyAUsocF75KjdiuCyiVBt7voa5IF478_ox_E9UZgzlkjNpVVxcm10a3ztl27iYC3Uf87Uu5VOGu-auYA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HR67cl-HHTx2xXtUlgCQHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magical.kuku.lu/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuHezfSebwIGLm68xKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjCz0D0_gCAwB66S5q"
content-security-policy: script-src 'report-sample' 'nonce-HR67cl-HHTx2xXtUlgCQHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magical.kuku.lu
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUAWvtnEsJh8j6km7p90SrvB86L8bSGoW_-j42GPhI22XPavniM26ipZlA1zSpaLm0cBf_LCnud5Fz97TV3RsZHaCCzKy73-SyESCQ1k7VTWpER3vFIpHra1Gz0xbydeNbHOarAVQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 94ms
93ms Script
application/javascript 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUAWvtnEsJh8j6km7p90SrvB86L8bSGoW_-j42GPhI22XPavniM26ipZlA1zSpaLm0cBf_LCnud5Fz97TV3RsZHaCCzKy73-SyESCQ1k7VTWpER3vFIpHra1Gz0xbydeNbHOarAVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMjc2NTc0LDY3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tYWdpY2FsLmt1a3UubHUvcGFnZS5jb250YWN0LnBocCIsbnVsbCxbWzgsImp3WW4wQWhKYnVjIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4ODI0N10sOCwyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

5dc1c5177747a1fdf37f5b691d447a2056d19942c5d9a216929861276a30e308

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PjcyOnQ2shIp2CFQATlJ7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magical.kuku.lu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1pBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8d6Pl1iPAnGRxBXWJiC-3XSF9TEQM3y9wsoBxEI8HPdutu9kE5hwdfUtJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjCz0Dw_gCAwDdM0k8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PjcyOnQ2shIp2CFQATlJ7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWiud2Z55KcnRVhR3-r0OsVT9up6KKkyQduJuDT4N_4p0vvcQUnImUvSUTl2oNW8ruSRgPEpW8-sw33Uw_luIVkprUuKZUP42l0IfF2-QEqB5-Xrk8DJh7sVv8JsD9TElhsW4GVsg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 85ms
84ms XHR
text/html 142.250.64.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWiud2Z55KcnRVhR3-r0OsVT9up6KKkyQduJuDT4N_4p0vvcQUnImUvSUTl2oNW8ruSRgPEpW8-sw33Uw_luIVkprUuKZUP42l0IfF2-QEqB5-Xrk8DJh7sVv8JsD9TElhsW4GVsg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VdDBkLEDQv2DKOqEbbnAQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magical.kuku.lu/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuHezfSebQMfMjS3MSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjE0MDIQs_ANL7AAABCfi2m"
content-security-policy: script-src 'report-sample' 'nonce-VdDBkLEDQv2DKOqEbbnAQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magical.kuku.lu
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWB3rZ3d7fEIUcyhlJ12bz864l-SAqdajREPhAsIlEBVYBVdyes5ZfJzLEyAUsocF75KjdiuCyiVBt7voa5IF478_ox_E9UZgzlkjNpVVxcm10a3ztl27iYC3Uf87Uu5VOGu-auYA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h-cYRYr7jIiY_d4fweQOQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magical.kuku.lu/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 08:22:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoExO5aF1n9gXjvx0usR4GY4esVVg4gFuLhuHezfSebQMPW163MSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjE0MDIQs_ANL7AAABVyC3u"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h-cYRYr7jIiY_d4fweQOQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magical.kuku.lu
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241024&jk=3952952045851160&bg=!ICOlI2zNAAZ-RxQpXkc7ADQBe5WfOA2fdJSsrLEWozAvMfAvGstKJNB-q_ashmEGHSZvsP8REnI-ZSAP6OxZKaoPwFx3AgAAAEVSAAAAA2gBB34ANlIJcPvxNAOONJ9mHS9LJy3mVGXJgevw3CoSM1O6_dYmy95Is1wjOit3A2L7uQMcVFCzg3YTSpkCqxj4qhQka6PIOKi-yFQd8jraYKXXy842LseAWfMgPCxmVZMcOeYy5RI0_pyuCTF3Xx2KdiH2-V3KD1uJZjpqQf8sCpfeRG90733GovO4zawVYvpGdwBJHXS2pxz-pBjtmf0XjITM_kc5botCBa7GgJ-9LlVO3qy6CHMrMtMCplzg8UoSNE32ydqwvVPt_bjtyHOtA7Au9lBSbx70aX7-bsw9WA4a7ing-zTmIu9oqgkSMJHyjHBz6TE7jtndNJ5bOK-LKl0F0qe35Z05o0miUNYl0eWvR-qMAbnKuvJvITKJjU9Dhnd7ROMzfgECU14jGYMfXe3LU534eG6dY4-ODWSqLHpJ1aB9Ad5YMhD1Nsos1tUzq-zcNvNKFHY4d0bCCBV7OjESu2c0BaXFemKj9Y992u42JkfC_49ODYYQFqvVhC_3q1E7Dv5WTlwLCpQ6r8u6ejyUhqmSz7QVGG783chHGepXai8Bi0VtYMa1b3Bt94guehURYGvFNdbMwtOZ8CRgblg8s3iMMtr4FeLRdQT_NfgZ5o8jTlRKygExPKggGdPertyd3cDTz5IYva2O_ytdU0uL1xXF4FvFa8qZDfyk37prLIVSPlV1mzJJNbRf6ADugCzXLaWN2a9DzaHc6vQt2NX4SnDt4ga7UgE8r2JUWzT_HrQnkfzPkxmdHMaiEn_omYuP2jc96pghXapomnwW4Q3QCcfzXBHBiNrc6BkyDaPQDg6O1UKfi30kQymXTofH1vS-IW_6E12LmCBFv7Q4hl8hrgOZFS-1as06CQh2ObU4bDxCOo0dfY7xVtZylBbPMG8v9dTnBCsutafS7F6fhbJlGvpMf-cYx5YF3E0lB7PRkZtb8647Ajr4S9gPKiJXMPbEgiJQqjik4im0e96CgesQrVThRvgA

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kuku.lu/	1970-01-21 10:13:56	Name: cookie_uid Value: 3c39ecc188ad3d55e6edd38d1c8c0412
.kuku.lu/	1970-01-21 10:13:56	Name: ffucs Value: KDE2YykoMTYwMHgxMjAwKShJbnRlbCBJbmMufkludGVsIElyaXMgT3BlbkdMIEVuZ2luZSkoMTZjKSgxNjAweDEyMDApKEludGVsIEluYy5%2BSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lKQ%3D%3D
.kuku.lu/	1970-01-21 10:13:56	Name: _ga_QLSXLE74DJ Value: GS1.1.1730276573.1.0.1730276573.0.0.0
.kuku.lu/	1970-01-21 10:13:56	Name: _ga Value: GA1.1.1739883498.1730276573
.doubleclick.net/	1970-01-21 00:37:57	Name: test_cookie Value: CheckForPermission
.kuku.lu/	1970-01-21 09:59:32	Name: __gads Value: ID=89ea8110c14d3e57:T=1730276573:RT=1730276573:S=ALNI_MY4yla-4FPlT6oBM0e2A24iHGOgRw
.kuku.lu/	1970-01-21 09:59:32	Name: __gpi Value: UID=00000f443d10f2e9:T=1730276573:RT=1730276573:S=ALNI_MYOo4wr1fVlLa_TBFKZ90vtPjlW9Q
.kuku.lu/	1970-01-21 04:57:08	Name: __eoi Value: ID=3bd010eccdbee6f3:T=1730276573:RT=1730276573:S=AA-Afjb4zZmpfZn0ZAyja5Jf8J-Q
.kuku.lu/	1970-01-21 09:23:32	Name: FCNEC Value: %5B%5B%22AKsRol8nsm9FVJ0-Vf35z3ZzKw-jWVVs_GCWfQoAbG8AtrCOY4NLx2ePIEsZKJs2Udxpg02GXr1wFbHP7JN7cgL7N3DRrB6oO9Op3a2BWTq5Jf7MNI0zwg2uKKjLKTODBRtX2UwCLdhgS57N-9W-HQ9ypb2eJnKSeg%3D%3D%22%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://magical.kuku.lu/page.contact.php?type=MailNow(Line 7) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://magical.kuku.lu/page.contact.php?type=MailNow Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D0074240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://magical.kuku.lu/page.contact.php?type=MailNow Message: [GroupMarkerNotSet(crbug.com/242999)!:A040F10074240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
d.kuku.lu
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
live.erinn.biz
magical.kuku.lu
pagead2.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
142.250.64.110
142.250.80.36
142.251.40.194
142.251.40.226
2606:4700:20::681a:fcb
2606:4700:20::ac43:499a
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::200a
2607:f8b0:4006:816::2008
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::200e
2a04:4e42:600::485
0f86cde294d386c4464b2bc4945f5c2c3b0d4e849404258fa30baf544af19779
10ff46be4cf019c8b45797131003a7c0d0ba09e449c89101b8e1cc6f75db145d
14fa575973cdc25cd5c0eb26e9d56b484cf96c76bb6446f58449c74f549a5720
269365aca27783cf0296dbfa1109f2121bce15d18a966860b99c2c4c3930cc1b
2883f9729eb9330f5b407079fd4a23feeff625db8212e9c422779acf1f2cbb0d
2cb3abbb09c771a3a458be0532d69bea4a8cb287bc0e68523fabe5ac25a3eeee
5dc1c5177747a1fdf37f5b691d447a2056d19942c5d9a216929861276a30e308
5fc4db66a8eeb8a8c300d033b90734f876aa1aa0972f27f02e188537e70d6aaf
62fd92a9be66d0fe17dcc801957bdf270f0c1350429d55facff15c04f5ba4c46
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
ae3267309a239244aebad92a37bd0534d95e1c3ee7c034eaf03cad63b1d188af
ba07f0e19c7f5b64daf772223c9c770f2030fb3d491bd6052b399593b3d9d5fb
bac8810a47ad52ace415f936c526aabfaba33480ec212b68ccdde147016c0b80
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c5d64288e5aa4e8e529cd74e45cc429b0ab6d739dc2bc7d122bbefb8ca91873e
c77fa33dc4bad72865ab58527174bdb10a4bdedccc3632d7e8cb9cc20d492133
cbfe6ecde84998319a46aef72d4cc0f6c218c42464c9d95ddf2dc47c45791dd8
ced25773fd184ed548988c73fee3e86d7d0454eba1f54c41061c851e3d56a793
d04673b10b0de03cb902b9e1e059c757178d88c2f6c3792cb24f43475a8c88e4
dc8e8a20bf6eee4ed2689dfcea2c379c3d076be7ef30ce2c099848b11988f51f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecebdb6b505225fa23ca77f5492b0a490f551d985714b80e283728c7fd3eea9a
f23e78de5775ed501f1ba48c9fa111f01424ed5f378d3795102e120e6dd34400
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

magical.kuku.lu Open in urlscan Pro 2606:4700:20::ac43:499a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

67 %IPv6

10 Domains

13 Subdomains

13 IPs

1 Countries

577 kBTransfer

1704 kBSize

9 Cookies

12 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

magical.kuku.lu Open in urlscan Pro
2606:4700:20::ac43:499a Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

13
IPs

1
Countries

577 kB
Transfer

1704 kB
Size

9
Cookies

38 HTTP transactions
1 data transactions