magical.kuku.lu Open in urlscan Pro
2606:4700:20::ac43:4b13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://magical.kuku.lu/
Effective URL:
https://magical.kuku.lu/
Submission: On January 08 via api (January 8th 2024, 3:12:27 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 80 HTTP transactions. The main IP is 2606:4700:20::ac43:4b13, located in United States and belongs to CLOUDFLARENET, US. The main domain is magical.kuku.lu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 3rd 2023. Valid for: a year.

This is the only time magical.kuku.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:6a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:20:... 2606:4700:20::ac43:4b13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	104.26.15.232 104.26.15.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
80	14

1 2606:4700:20::681a:6a1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

magical.kuku.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:4b13 (United States)

ASN13335 (CLOUDFLARENET, US)

magical.kuku.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.15.232 (None, )

ASN13335 (CLOUDFLARENET, US)

live.erinn.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kukulu.erinn.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	460 KB
14	kuku.lu 1 redirects magical.kuku.lu	175 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	134 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	175 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708 fonts.googleapis.com — Cisco Umbrella Rank: 115	34 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	194 KB
3	erinn.biz live.erinn.biz kukulu.erinn.biz	3 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	85 KB
80	11

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	magical.kuku.lu pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	magical.kuku.lu	1 redirects magical.kuku.lu
10	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.googleadservices.com	magical.kuku.lu
6	fonts.gstatic.com	fonts.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	kukulu.erinn.biz	magical.kuku.lu
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	magical.kuku.lu
1	live.erinn.biz	magical.kuku.lu
1	www.googletagmanager.com	magical.kuku.lu
80	15

This site contains links to these domains. Also see Links.

Domain
m.kuku.lu
draw.kuku.lu
live.erinn.biz
d.kuku.lu
s.kuku.lu
v.kuku.lu
ddns.kuku.lu
i.kuku.lu
c.kuku.lu
status.aquapal.net
mc.erinn.biz
aquapal.net
twitter.com
chrome.google.com
chromewebstore.google.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
kuku.lu Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
erinn.biz E1	`2023-12-07` - `2024-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://magical.kuku.lu/
Frame ID: CD5E36C08375EF16C536D45ABE05B035
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: A8D73DBAFA565362352BA9ABA1ABDB62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=600&slotname=8165143813&adk=443657611&adf=1079952830&pi=t.ma~as.8165143813&w=160&lmt=1704726742&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742509&bpp=147&bdt=1351&idt=381&shv=r20240103&mjsv=m202401030101&ptt=5&saldr=sd&abxe=1&correlator=2211027227421&frm=20&pv=2&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=321&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725%2C31080217&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=390
Frame ID: 0685C5FC8C95857172C6B47E2FFB3534
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=9176414207&adk=2480053544&adf=3524711151&pi=t.ma~as.9176414207&w=336&lmt=1704726742&format=336x280&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742656&bpp=1&bdt=1497&idt=246&shv=r20240103&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8165143813&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=497&ady=749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=248
Frame ID: 43CFE96FF4ADC71E61B9DD56AC7B188B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=551497501&adf=2936346396&pi=t.ma~as.3123457437&w=728&lmt=1704726742&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742613&bpp=44&bdt=1455&idt=292&shv=r20240103&mjsv=m202401030101&ptt=5&saldr=sd&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4696&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=293
Frame ID: 4D1E6E7D6C79A31DB7D716CF3B7C7405
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&lmt=1704726742&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742665&bpp=1&bdt=1507&idt=243&shv=r20240103&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813%2C3123457437&nras=1&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=249
Frame ID: BB3C08B04BB3D85FBFEFF63F73EF7A7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CCD193F81E234CA90D31A49772ACF23C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 97DDDD59D99573F29884EBB4FE8768AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 559FF45ABDBF9CA35DB5831D553E7AF9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 926FD5CE7BD648D31ACDFEF9903451CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 471B3FCAAF68651204863C9A2BD18DF7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CB868FC9C4EC1DDF711C8447DDB02DBD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News | MagicalKukusama

Page URL History Show full URLs

http://magical.kuku.lu/ HTTP 301
https://magical.kuku.lu/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

96 %
HTTPS

86 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

1261 kB
Transfer

3051 kB
Size

8
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://m.kuku.lu/
Title: InstAddr

Search URL Search Domain Scan URL

URL: https://draw.kuku.lu/
Title: MagicalDraw

Search URL Search Domain Scan URL

URL: https://live.erinn.biz/
Title: kukuluLIVE

Search URL Search Domain Scan URL

URL: https://d.kuku.lu/
Title: FileNow

Search URL Search Domain Scan URL

URL: https://s.kuku.lu/
Title: ScreenNow

Search URL Search Domain Scan URL

URL: https://v.kuku.lu/
Title: VideoNow

Search URL Search Domain Scan URL

URL: https://ddns.kuku.lu/
Title: DDNS

Search URL Search Domain Scan URL

URL: https://i.kuku.lu/
Title: ImgConvert

Search URL Search Domain Scan URL

URL: https://c.kuku.lu/
Title: Chat

Search URL Search Domain Scan URL

URL: https://status.aquapal.net/
Title: Status

Search URL Search Domain Scan URL

URL: https://mc.erinn.biz/

Search URL Search Domain Scan URL

URL: https://aquapal.net/

Search URL Search Domain Scan URL

URL: https://s.kuku.lu/2288kd68d

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90MagicalDraw%3A+Improved+whisper+chat+feature%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3723

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90kukuluLIVE%3A+Regarding+the+change+in+the+calculation+method+of+time+shift+storage+period%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3722

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90kukuluLIVE%3A+Added+%26quot%3Bautomatic+end+of+distribution+when+falling+asleep%26quot%3B+function+to+Coffret%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3721

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90MagicalDraw%3A+Added+sub-owner+function%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3720

Search URL Search Domain Scan URL

URL: https://s.kuku.lu/kc4me6oh

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/glfpmojodbbeelkfoiioalimbhjegbkf
Title: https://chrome.google.com/webstore/detail/glfpmojodbbeelkfoiioalimbhjegbkf

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90DeliveryTracking%3A+Syncing+is+now+possible+across+multiple+devices%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3719

Search URL Search Domain Scan URL

URL: https://s.kuku.lu/51f60c5c7

Search URL Search Domain Scan URL

URL: https://chromewebstore.google.com/detail/ddns-now/gncchnpliieikedkbgapmfkjbgbikdoe
Title: https://chromewebstore.google.com/detail/ddns-now/gncchnpliieikedkbgapmfkjbgbikdoe

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90DDNSNow%3A+We+have+released+a+browser+extension%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3718

Search URL Search Domain Scan URL

URL: https://s.kuku.lu/3fngeke2b

Search URL Search Domain Scan URL

URL: https://ddns.kuku.lu/setupinfo.php
Title: https://ddns.kuku.lu/setupinfo.php

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90DDNSNow%3A+Now+supports+subdomains%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3717

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90DDNSNow%3A+Compatible+with+ACME+DNS-01+challenge%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3716

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/jp/app/kukululive-encoder/id818652205?mt=8
Title: https://itunes.apple.com/jp/app/kukululive-encoder/id818652205?mt=8

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90kukuluLIVE%3A+Announcement+of+version+upgrade+of+smartphone+app+%E2%80%9CkukuluLIVE+Encoder+2+%28iOS+version%29%E2%80%9D%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3715

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=air.kukulive.fencoder.mobile
Title: https://play.google.com/store/apps/details?id=air.kukulive.fencoder.mobile

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ftwitter.com%2Fabout%2Fresources%2Fbuttons&text=%E3%80%90kukuluLIVE%3A+Notice+of+version+upgrade+of+smartphone+app+%26quot%3BkukuluLIVE+Encoder+2+%28Android+version%29%26quot%3B%E3%80%91&tw_p=tweetbutton&url=https%3A%2F%2Fmagical.kuku.lu%2F%3F3714

Search URL Search Domain Scan URL

URL: http://aquapal.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://magical.kuku.lu/ HTTP 301
https://magical.kuku.lu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 54

https://googleads.g.doubleclick.net/pagead/adview?ai=CxZ2b1xCcZetV-avY4w_vg7agB7eN5JZ1t7DXnoAS0Znn_-VAEAEgkZCUF2CVgoCAsAegAZ_AiYQDyAEJqQKhrz331FqyPqgDAcgDywSqBM4BT9Dy0C6B9QOV77uY58L86sBeaomgWTEx-Rbl0Zb7zG5FIGvSL4zgR4aeeq3kfZxIiX047AGgZjWos7Crt8ZCtbb87po_7GG0iwViPZx4Lbp0JH3Kpu8fOoZfhZUpcqRwqddvvUy5fdqghCzMIAmUPHHGBDjlh9qRCmJwoj1N_5xT9oOW2fxZZEPbwTQkt6gt4spBqc6KOvtHYNqUzM4q9uJAhLgNfvBcQLS7fnjBfEdStcK-hnZvdfYQwpkfYny3gr_0gb2bWGIKsZjql3TABP2v5uazBIgFzeTF9UygBi6AB-TqqBqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDdkArSCB8IgOGAcBABGB8yAusCOgKAQEi9_cE6WIrTzv-JzoMDmgkfaHR0cHM6Ly93d3cubWF0aGVzLmRlL2hheXN0b3JlL4AKAcgLAaIMDCoKCgisurECu7uxAtgTA4gUAtAVAYAXAbIXHAoaCAASFHB1Yi02MjM1OTY3NzQxMDEzNTE5GAA&sigh=AytkqnLrrsw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_8ovUSRf6IK_MhHDjRvYGhdprq8xoCQWpoLreZxYKcuNAEhrACdm01OM2OcnPRjgdKNL5cJqCebNWsCPKq8DHL6skFntGVQrnVBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214621369677149250740%22,%22debug_reporting%22:true,%22destination%22:%22https://mathes.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22813850655%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224589223612090488753%22}&andc=true

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=CBXPK1xCcZbV3-cDY4w-_1ZuwB5nf7NlvmN_mjqUM78q9mdoPEAEgkZCUF2CVgoCAsAegAa6YiqICyAEBqQIX2amYD1qyPqgDAcgDywSqBPsBT9BtCMTOfSEKINlD4yy5cpd48n5doGhoOHIWlgpClpRtbZz9iYFSs8iuF00A_Wuu5YPvmWP3Tb1vklDl4f8xVG5uC6W3FSNMes27YHFI8J004CiHFrnDrEJePQxkhWoUxckPID4VgWhPSPxD-SkI6PXwUFISzg4-SHIFNTnBFMhsaXgLV23pPE1Y5qvDGdQnWCBwpcQHUg8wfqM8BBP-SIfj9QVy7rBe5tzc9DBfVFe3Rhnu3fGeeY1-LAUOpf_r67QzjGR1BApLXL57i7x6MV1CfqfrojbAOw-jpv1QN9LPSHt50i2Pmt5kLK5Uug-Vo0HWEBxSxZQjvJPABJ6BxOv_AogFrb3q-SeSBQQIBBgBkgUECAUYBIAHuuf13QGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCE1QXSCB8IgOGAcBABGB8yAusCOgKAQEi9_cE6WKvfzv-JzoMDmgkgaHR0cHM6Ly94Y3JhZnQubmV0L3JlZ2lzdHJhdGlvbi-ACgHICwGiDAgqBgoErLqxAtgTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi02MjM1OTY3NzQxMDEzNTE5GAA&sigh=gNr63cR36YU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_nFscRhfJqhUwAjGMikq3-eEloLy6a5uRDmCd2pUwSAsBD5HS1oypUC__I8LYUSXIA5kAK8BfQxp3YK_5ItZ8gQtaMyhyerEp9BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212187467368907744583%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224107320970404577857%22}&andc=true

Request Chain 75

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvakd1xCcZdBPueafzw_TioWwCtmQuJd1pZTDuqcSz8iivcABEAEgkZCUF2CVgoCAsAegAbKoz8YDyAEJqQITD9A53FuyPqgDAcgDy4SAgASqBMwBT9DBWpc_pvZWUOIihylmgdPMmccPeYKBknkCYtYFdAMZguYHw_nbBhTm5t630kVF5wOty5dL0e_8sgRfMVMAeUKIM01dmzN--S6z2MQUlClLgFU-ZYh28FhVqWuk-GNQjv_59P9eadkCr7MMuUC7BcdWJwSchBAleMGN8_cOg7_-sBitELBti4AueYBzRPDiLmMAsAXD-Z-r4lFNpUE0Q56SKTJH1_mQK0h49nEvF591BXri9nRjvPC1irF-LvdM0_MY2XtZxZ26_M4xwASYu_yIzASIBcv97_dNkgUECAQYAZIFBAgFGASgBi6AB7bXsDmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCszTnSCB8IgOGAcBABGB8yAusCOgKAQEi9_cE6WO7Kzv-JzoMDmgn3AWh0dHBzOi8vd3d3LnBsYW4uZGUva2xlaW5lci1iZXRyYWctbWl0LXdpcmt1bmctaGV1dGUuaHRtbD9zYz1JREQyNDMwMSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX3NvdXJjZT1nb29nbGUmdXRtX2NhbXBhaWduPWdvb2dsZV9tb3RpdjQmdXRtX3Rlcm09cm9uX2dkbl9uZW9fdWViZXJsZWd0ZV9vZWtvbm9tZW5fcmVzcG9uc2l2ZWFkJnV0bV9jb250ZW50PWZ5MjRfcCZfcG1jbGlkPWJfMTkxMjYyNDRfd3BfNDU5OTY3OF9rXzYyMzgyNTeACgHICwGiDAwqCgoIrLqxAru7sQK4E-QD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTYyMzU5Njc3NDEwMTM1MTkYAA&sigh=42ALr41J2xY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_4kny_xJUZkGQu15rCEV_b6lhKAc5qdfMN2U_z6zyKALIHbLPHkyWyrGiYjweg1yIydp16sIn0Tb-BwuVByX2EnjDK-VDkYAwURgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210575337172821269062%22,%22debug_reporting%22:true,%22destination%22:%22https://plan.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22953406514%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22270303657181278657%22}&andc=true

80 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
magical.kuku.lu/
Redirect Chain

http://magical.kuku.lu/
https://magical.kuku.lu/

64 KB
14 KB

564ms
537ms

Document
text/html

2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b707a6987bd359a20be8b40735e6072ab08b8e9e9956c1ed685f270dadc5cd57

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 842560d0ef95372f-FRA
content-encoding: gzip
content-length: 13612
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 15:12:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blEBxPNAtHGZDIfxSd5dYnBcW0ZakhtLSx3HY1nesM7CiSAG25mbsCOfRjdUakyftghPxDhK43f5FkLGjXrMkfYS8bqGVzy8fiQUtupAWSPMwot3sj9zNhWmwlgk643Z%2Frb1eHHdi6D9FBH1Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 842560d08ac73666-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 08 Jan 2024 15:12:20 GMT
Expires: Mon, 08 Jan 2024 16:12:20 GMT
Location: https://magical.kuku.lu/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcWcpUVNwR7UZikE8uC%2FTlc4Mu2A2aFut9V1QUqEZKB1%2FB0gpXf9Jc%2BcAo81NiO2%2FiFADkSZ%2FVOP8XlocyTlYJ0aOStZIVlwFy46UySO9m7mpqAK%2BYqACYcW8TAtid1%2BzmbHQHR7VIoJKjyF4A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 122ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QLSXLE74DJ

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dd8486b79efa70e5ed59b9dca7ad534bab858970f8851ba14ec44e7dd11ce6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86305
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 15:12:21 GMT

GET
H2 200 _useruuid.js.php Show response
live.erinn.biz/ 0
457 B 1342ms
1269ms Script
text/html 104.26.15.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.erinn.biz/_useruuid.js.php

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
strict-transport-security: max-age=2678400;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bou7Xw4Tgc98WFSJcibJYzRehsYxwJ17xOwYTjKJ1Sd6TXia0vh7b1R0XMOuoxu50EAXH64yD3CS7tb2bWdthOVnm4m18cAQyuUvFDv4rv5QdiPtvsO9EhIfa3F%2Bp%2B8U"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 842560d4cdadbbd9-FRA
content-length: 0

GET
H2 200 kukulufinger2.js Show response
magical.kuku.lu/ 50 KB
14 KB 998ms
997ms Script
application/javascript 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magical.kuku.lu/kukulufinger2.js
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced25773fd184ed548988c73fee3e86d7d0454eba1f54c41061c851e3d56a793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 25 May 2019 10:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c8fd-589b41e3d3680"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mwx%2B3PtlXM9RWxmnqr2qFf1AbyBAPPA9Y155V8q62gHcpNXDNgZNPYieQI5cxCg6RgHKgjOfstNWa1MPwy2Y1LhS%2BoW0cZzrTg4EuJUWm4zsOOWK%2BEC5NIwzOrnr4qwEcutrb5wrxZe%2B6%2F9u3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 842560d45a5c372f-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 93ms
28ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 08:14:25 GMT

GET
H2 200 top2016c.png
magical.kuku.lu/img/ 21 KB
21 KB 777ms
777ms Image
image/png 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/top2016c.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0909b8572147d95df77c37bfad36232331237be765ad7d1eaf9a5c880778765d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:21 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Jan 2016 16:11:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "541d-528e8f6852d40"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4bhmfOvHF0T9vwoEYNZxEBsSiK66yJteOSRyy%2BltMM%2BadTl%2F2V%2ByMLsZxfsUsmmEcqKrho8ZSJCcvnYLanmUDns1aHc4H2ML%2F3Lnm3FxY4073EohL1Yi5OjMOdB%2FmtZtYyI0CNr9m3NZSckrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 842560d45a5e372f-FRA
content-length: 21533

GET
H2 200 ar.png
magical.kuku.lu/img/ 166 B
490 B 517ms
517ms Image
image/png 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/ar.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdb58bd6a9970162272082b5853fd106b5478d2faf7e36ca577b80b09327f556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Oct 2012 20:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a6-4cba66f2be540"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBXksBNEEJaH1ZARvwNDceWcUAf4YCoJl2MutRvTsEwVdOTRrRKqA4k%2BUksNbJeomZSHkqcDGc69XmUHj5rBbCOKFXT1fht0cq5uXavL8EAxSbHWIdalNUbaOC6M2iRe2zJu%2FKUUDYP3zIuRxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 842560dc8a39372f-FRA
content-length: 166

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
10 KB 159ms
94ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45e85cfec6b5c4683c14be7d37b8137cf58f3942f2cb77d00d59a9338a88e2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10290
x-xss-protection: 0
server: cafe
etag: 17777138667654456350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:21 GMT

GET
H2 200 gamennow_proxy.php
magical.kuku.lu/ 41 KB
41 KB 528ms
528ms Image
image/jpeg 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/gamennow_proxy.php?q=2288kd68d&edgecache=1
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7b8aeefb9e21141d9b66337c65f247439d5e801ac398e320ff1d1fe31a062c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daWUwuC6P0FTvaqTSyUV7D3rlpWMWKGXMihbQpzbEmGJaKZLpm60h8mXUFT1EDVL%2BXzCQziXgosmhez1Ed9T2Us6LN4axTIMwzPwMAaIevfI3Id39D7dnfNj5Qdfh69hhszY9dp1LLiBQLTAYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 842560d55b3f372f-FRA

GET
H2 200 t.gif
kukulu.erinn.biz/img/ 986 B
1 KB 535ms
523ms Image
image/gif 104.26.15.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kukulu.erinn.biz/img/t.gif
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jun 2019 17:36:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3da-58b4c14e6d200"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FV%2BuZRYXYiUKqDOmwuh1E1xppd8NicuIyiFml7uDNSI89H1aYGcnRF2G0qmFqUEOFJjw%2Bd8i2haDYkO%2FRTXRJRgWU1F9KQfynIm%2FrhZ7efBnPZXKv0jWH7k%2BD96KyWR75U8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 842560d94a3fbbd9-FRA
content-length: 986

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b542b24f8cab663b7104d5305883daafd776ddd9d570ab4df23abefad97d07ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51092
x-xss-protection: 0
server: cafe
etag: 8571294829051467775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:22 GMT

GET
H2 200 gamennow_proxy.php
magical.kuku.lu/ 26 KB
27 KB 512ms
512ms Image
image/jpeg 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/gamennow_proxy.php?q=kc4me6oh&edgecache=1
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b32c5f12585cc72d99b51cb08972cbe9dbff1c8a71e1c37da28e117daa50f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocob6liwrsRGsBsaZsA%2BpeewNaW00oO%2FBxKpw8Z8jgpOsVTe7nxuvgiNyfvUyObiYK30OTVT0ngRox9yhQi1aJ0aPpGc0W8yCc4sWaOp10FHI%2FHUSqUqoEsJBlBhj6vWEggfiQWguJwMp4Qbyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 842560dcba62372f-FRA

GET
H2 200 gamennow_proxy.php
magical.kuku.lu/ 20 KB
20 KB 522ms
521ms Image
image/jpeg 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/gamennow_proxy.php?q=51f60c5c7&edgecache=1
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a329888345fdf6ce08dae98e2db61b4de5270c2c1e0dd8afba234beb08784c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCOkEY9b3reAv7DDqUS9JHA2epXSziSsbxe50heiWEq6g3dR0by9rSnMi0qKJdqdt9oOfCElnhp%2FUxtLYNrqGdkAl4MD%2Bz49GaYRmRh%2FhJ%2BsqjW2TEaGcO3uFer95D6BbIMcHs4Hw%2BWJnlfnFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 842560dcba63372f-FRA

GET
H2 200 gamennow_proxy.php
magical.kuku.lu/ 18 KB
19 KB 517ms
516ms Image
image/jpeg 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/gamennow_proxy.php?q=3fngeke2b&edgecache=1
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700fa8a0cb346fa6380309c0a27ad909051f327a9715e3083659fb368bd66990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImvwsLLGFi6Uh5pA4yjCzrJl6M6TxLxP4z4Ioul5TdXsRJCcTFxEPcxzceys0yasHyySEysL5Fa%2BhczyVmEZEy0c0fCV0qk0p7bptZdTcpfn%2BerNNfLQLggU5BSPYSyI6Sq3ZPBl4ooxoPabFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 842560dcba64372f-FRA

GET
H2 200 foot2016kuku.png
magical.kuku.lu/img/ 13 KB
13 KB 512ms
512ms Image
image/png 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/foot2016kuku.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0de61a646e8490453d3645317abbc591d0cc36a70d765042bc6038f1bb0ad89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Jan 2016 16:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3240-528e8e00c9d00"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usoi8ttaKjGfCTikhO6DPevXO9uGbEqDqxKTKq5QcS13CBPXQA7f%2BLUQNbpx5yDzAoi7RGSLJHOX9jTgxREdCZ%2B7xlcVzs6iKMkTrJjCsPWX6vPy5r2aJklabtqmS5cgJ2%2FECyo9utGzYNfrhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 842560dcba65372f-FRA
content-length: 12864

GET
H2 200 aquapal.png
magical.kuku.lu/img/ 2 KB
2 KB 520ms
520ms Image
image/png 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/aquapal.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51888596cfb38d7dc9e2a7dc62917bc68caba9dfc647fdcbfade1827b680a0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2012 18:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6f7-4b84fe8d457c0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qepskgA7rxSy4RLoPzBoQ9ayQdSy0T3qm1Sgns8E%2BtWI%2FPdv7uvqOKosDJsQZw0qyjTLVAboQ0htaWDowMbkxtiKsWbs53Q1KNOlsokCVcM3VRk%2BK2Y91429vXFH%2BDmiYAT%2BWhn81eeIrcprEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 842560dcba66372f-FRA
content-length: 1783

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 82ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QLSXLE74DJ&gtm=45je4130v879594741&_p=1704726741179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=922961706.1704726741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704726741&sct=1&seg=0&dl=https%3A%2F%2Fmagical.kuku.lu%2F&dt=News%20%7C%20MagicalKukusama&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=834
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLSXLE74DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:12:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://magical.kuku.lu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 993 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ecf382cc5f93c51aec49500b6bf622491c3394a041d60bcd2e23b5269e102dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bac8810a47ad52ace415f936c526aabfaba33480ec212b68ccdde147016c0b80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ar.png
magical.kuku.lu/img/ 155 B
514 B 597ms
597ms Image
image/png 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/ar.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d809624fc3a8d2d7a918cb75ce2584c7d45e55366232fc05b1106edbabd781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
cf-polished: origSize=166, status=vary_header_present
content-length: 155
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Oct 2012 20:46:37 GMT
server: cloudflare
etag: "a6-4cba66f2be540"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lr91JAN2SW1K2kviVpPjAQrtwnuKRSCb3dX8qU6uLbhN4BDNA%2BDgscqblkrijJSEKCCsupWWElq9gzHasBGt5UGbPfZ%2B%2FBWTsWnYCi2aLsnAIrwGZx%2F9G%2FenF5w1G%2FVH%2FL32VjFCBttxBaI7IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 842560dcba67372f-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 191ms
191ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c49ff8b872124d28bcbdbbb407721ad11b62059a20a236048caaaba957d17dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51093
x-xss-protection: 0
server: cafe
etag: 9899083006838369309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:22 GMT

GET
H2 200 t.gif
kukulu.erinn.biz/img/ 986 B
1 KB 31ms
30ms Image
image/gif 104.26.15.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kukulu.erinn.biz/img/t.gif
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jun 2019 17:36:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "3da-58b4c14e6d200"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uPPMEHVOPMzA9xVZKVOAv5tVo8pbJUxKly8n6iWnjm2Odmvo1uVBqMgZmDm1y%2BHX7Vil%2Br8txkbPlRb%2B66u7gEiq5CPilUfEjek%2BoBQDnUy5DJ4VKEOT11Jl3gGSI88nzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 842560dcbdabbbd9-FRA
content-length: 986

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
10 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a7475d448ea2b1f17bd917fcb1f69fa6f3c6d47662556bccdf6917bc2fd1414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10275
x-xss-protection: 0
server: cafe
etag: 9232790193114657100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:22 GMT

GET
H2 200 top2016b.png
magical.kuku.lu/img/ 640 B
1018 B 531ms
531ms Image
image/png 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/top2016b.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c1dd0d2acb7e68c4723b9abd3f8ca61497915118f35db3aaa297f398c2aea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Jan 2016 16:14:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "280-528e8ffd18c40"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqXpJdALe4N0Q222OT4mjkuvSNpAXzW%2FtcfbE%2FzxYt9q3HxRIZyIBooZOe5cY0wRa%2FwH3f0QC%2BDa4gnglaSWl0GIAqd9mhGcjt30MnmOjMqe7MFgiNWPB45DhUrvjRxuNQPCrAPYrcjQZqMLCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 842560dcba68372f-FRA
content-length: 640

GET
H2 200 foot2016.png
magical.kuku.lu/img/ 1 KB
2 KB 530ms
530ms Image
image/png 2606:4700:20::ac43:4b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/foot2016.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c04a134b8a5ea10827e722bfb28e2fb2ac12f6b41d1be147843d44ac0741ae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Jan 2016 16:01:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "533-528e8d0f823c0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HgDIdqRcu4Wuq40BveSq4htI811p1p3xrYxMyrSKniG7YdATXebYjCSXsb7XKenxQyG98eDmoD7w4oYnmxuxjYyV7%2FOO%2BTyfRklfM9JSb5uav%2FekI6YPW%2BI5P2w5%2B8TZ%2BXM832KIVI%2FyC4%2F0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 842560dd6b01372f-FRA
content-length: 1331

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 401 KB
136 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_with_ama_fy2021.js?client=pub-6235967741013519&plah=magical.kuku.lu&bust=31080218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3adc4f69bd3cab145de8295bb3f76a10c1c1e2664b7cdc32485c1e18e56434c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139113
x-xss-protection: 0
server: cafe
etag: 2751846160333236445
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame A8D7 9 KB
4 KB 238ms
32ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 00:27:00 GMT
etag: 9219409622527106327
expires: Mon, 22 Jan 2024 00:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0685 139 KB
45 KB 695ms
695ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=600&slotname=8165143813&adk=443657611&adf=1079952830&pi=t.ma~as.8165143813&w=160&lmt=1704726742&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742509&bpp=147&bdt=1351&idt=381&shv=r20240103&mjsv=m202401030101&ptt=5&saldr=sd&abxe=1&correlator=2211027227421&frm=20&pv=2&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=321&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725%2C31080217&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=390

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_with_ama_fy2021.js?client=pub-6235967741013519&plah=magical.kuku.lu&bust=31080218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

724affef375f36017777b326531c431ad93ee8fb0c0c09343f254a49d52ee809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:12:23 GMT
expires: Mon, 08 Jan 2024 15:12:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43CF 123 KB
41 KB 1233ms
1233ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=9176414207&adk=2480053544&adf=3524711151&pi=t.ma~as.9176414207&w=336&lmt=1704726742&format=336x280&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742656&bpp=1&bdt=1497&idt=246&shv=r20240103&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8165143813&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=497&ady=749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=248

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a7d7f8493db5cb10a646601fca929f8f67d26130a347e6a2b4f594ee4afa8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42251
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:12:24 GMT
expires: Mon, 08 Jan 2024 15:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D1E 128 KB
42 KB 626ms
626ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=551497501&adf=2936346396&pi=t.ma~as.3123457437&w=728&lmt=1704726742&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742613&bpp=44&bdt=1455&idt=292&shv=r20240103&mjsv=m202401030101&ptt=5&saldr=sd&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4696&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=293

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fc5790bf23641c53214029c960bcd5b47abd1b89ab82c08793961f3a8045d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42654
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:12:23 GMT
expires: Mon, 08 Jan 2024 15:12:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB3C 2 KB
691 B 216ms
215ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&lmt=1704726742&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742665&bpp=1&bdt=1507&idt=243&shv=r20240103&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813%2C3123457437&nras=1&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=249

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbb287a750c097d0fb8708c8273488db1e8059ff70b05d51c59df99f8fd97e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:12:23 GMT
expires: Mon, 08 Jan 2024 15:12:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4D1E 14 KB
1 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=551497501&adf=2936346396&pi=t.ma~as.3123457437&w=728&lmt=1704726742&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742613&bpp=44&bdt=1455&idt=292&shv=r20240103&mjsv=m202401030101&ptt=5&saldr=sd&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4696&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 15:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 15:06:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 15:12:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4D1E 2 KB
902 B 176ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
DATA 200
OK truncated
/ Frame 4D1E 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 4D1E 23 KB
9 KB 170ms
55ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CCD1 143 B
166 B 17ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=551497501&adf=2936346396&pi=t.ma~as.3123457437&w=728&lmt=1704726742&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742613&bpp=44&bdt=1455&idt=292&shv=r20240103&mjsv=m202401030101&ptt=5&saldr=sd&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4696&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=293
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4D1E 3 KB
1 KB 173ms
59ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4D1E 20 KB
9 KB 140ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D1E 204 KB
64 KB 222ms
109ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:23 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4D1E 37 KB
16 KB 140ms
27ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Apr 2024 13:56:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0685 18 KB
1 KB 38ms
36ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=600&slotname=8165143813&adk=443657611&adf=1079952830&pi=t.ma~as.8165143813&w=160&lmt=1704726742&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742509&bpp=147&bdt=1351&idt=381&shv=r20240103&mjsv=m202401030101&ptt=5&saldr=sd&abxe=1&correlator=2211027227421&frm=20&pv=2&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=321&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725%2C31080217&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 15:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 15:06:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 15:12:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 0685 2 KB
856 B 61ms
60ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 0685 23 KB
9 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 0685 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 0685 20 KB
8 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0685 204 KB
65 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:23 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 0685 37 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Apr 2024 13:56:43 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8384694014036992495/ Frame 0685 8 KB
8 KB 47ms
47ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8384694014036992495/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d897e74e4824807b307132a2a44513be9f6a149b2559711c97131ecb48ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 09:18:44 GMT
date: Tue, 02 Jan 2024 09:18:44 GMT
x-content-type-options: nosniff
age: 539619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7739
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 23:51:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0685 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0685 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CCD1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
31ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:12:23 GMT
expires: Mon, 08 Jan 2024 15:12:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:12:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4D1E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df377f38e699db1d979131554dc1e7d6ac733360ed2e12d8cabe8a241974ed35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0685 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a745095424799c45d2ae2b09554917a817c82b7afc0c191233991f7268aa8f73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0685 16 KB
16 KB 57ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 596058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 17:38:05 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0685 33 KB
33 KB 61ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 558668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0685
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CxZ2b1xCcZetV-avY4w_vg7agB7eN5JZ1t7DXnoAS0Znn_-VAEAEgkZCUF2CVgoCAsAegAZ_AiYQDyAEJqQKhrz331FqyPqgDAcgDywSqBM4BT9Dy0C6B9QOV77uY58L86sBeaomgWTEx-Rb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214621369677149250740%22,%22debug_reporting%22:true,%22destination%22:%22https://mathes.de%22,%22event_report_window%22:%22...

0
0

69ms
43ms

Fetch
text/css

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214621369677149250740%22,%22debug_reporting%22:true,%22destination%22:%22https://mathes.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22813850655%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224589223612090488753%22}&andc=true

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14621369677149250740","debug_reporting":true,"destination":"https://mathes.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["813850655"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"4589223612090488753"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 15:12:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14621369677149250740","debug_reporting":true,"destination":"https://mathes.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["813850655"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"4589223612090488753"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 97DD 51 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 12:51:06 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4D1E 33 KB
33 KB 54ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 558668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 75ms
42ms Preflight
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 15:12:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4D1E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBXPK1xCcZbV3-cDY4w-_1ZuwB5nf7NlvmN_mjqUM78q9mdoPEAEgkZCUF2CVgoCAsAegAa6YiqICyAEBqQIX2amYD1qyPqgDAcgDywSqBPsBT9BtCMTOfSEKINlD4yy5cpd48n5doGhoOHI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212187467368907744583%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%2...

0
0

53ms
53ms

Fetch
text/css

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212187467368907744583%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224107320970404577857%22}&andc=true

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12187467368907744583","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"4107320970404577857"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 15:12:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12187467368907744583","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"4107320970404577857"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 559F 51 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 12:51:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
43ms Preflight
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 15:12:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 43CF 6 KB
706 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=9176414207&adk=2480053544&adf=3524711151&pi=t.ma~as.9176414207&w=336&lmt=1704726742&format=336x280&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704726742656&bpp=1&bdt=1497&idt=246&shv=r20240103&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8165143813&correlator=2211027227421&frm=20&pv=1&ga_vid=922961706.1704726741&ga_sid=1704726743&ga_hid=87344927&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=497&ady=749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31080113%2C31080144%2C31080262%2C31080263%2C44809003%2C31080218%2C44807405%2C95320890%2C21065725&oid=2&pvsid=3003395594474307&tmod=1879098580&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 15:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 14:37:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 15:12:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 43CF 2 KB
860 B 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 43CF 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 43CF 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 43CF 20 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43CF 204 KB
64 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 15:12:24 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 43CF 37 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Apr 2024 13:56:43 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/15515321927411195758/ Frame 43CF 32 KB
32 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15515321927411195758/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3191557768142fa64c3cc018404e659bf1f8dee713b3b753abc30c38136cfb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sun, 05 Jan 2025 12:42:19 GMT
date: Sat, 06 Jan 2024 12:42:19 GMT
x-content-type-options: nosniff
age: 181805
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33051
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 13:08:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 17025078544871151995
tpc.googlesyndication.com/simgad/ Frame 43CF 8 KB
8 KB 23ms
23ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17025078544871151995?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9071fc729ed96392be22e2bb122b0296aa70512094592aed94e126f389754ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sun, 05 Jan 2025 08:39:30 GMT
date: Sat, 06 Jan 2024 08:39:30 GMT
x-content-type-options: nosniff
age: 196374
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7689
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 16:25:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 43CF 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43CF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f2b8739f830ba6bad0ee41fa682088295318f113b6b66e62b5e60bd7f0c65df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 43CF 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options: nosniff
age: 310510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 00:57:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 43CF 15 KB
16 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 253983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 43CF 15 KB
15 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:01:51 GMT
x-content-type-options: nosniff
age: 573033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:01:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 43CF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvakd1xCcZdBPueafzw_TioWwCtmQuJd1pZTDuqcSz8iivcABEAEgkZCUF2CVgoCAsAegAbKoz8YDyAEJqQITD9A53FuyPqgDAcgDy4SAgASqBMwBT9DBWpc_pvZWUOIihylmgdPMmccPeYK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210575337172821269062%22,%22debug_reporting%22:true,%22destination%22:%22https://plan.de%22,%22event_report_window%22:%2225...

0
0

43ms
43ms

Fetch
text/css

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210575337172821269062%22,%22debug_reporting%22:true,%22destination%22:%22https://plan.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22953406514%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22270303657181278657%22}&andc=true

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10575337172821269062","debug_reporting":true,"destination":"https://plan.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["953406514"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"270303657181278657"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 15:12:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 15:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10575337172821269062","debug_reporting":true,"destination":"https://plan.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["953406514"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"270303657181278657"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 82ms
60ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5675b0e17cd7f02618b76dbc8dd23cc7b04cfe146384aacc006cc50051739b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12343
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 926F 51 KB
19 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 12:51:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 45ms
45ms Preflight
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 15:12:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 15:12:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 471B 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:08:44 GMT
expires: Tue, 07 Jan 2025 14:08:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CB86 829 B
996 B 23ms
23ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f7857fa96be52b171ef53893542dea71330bf95c34b950e8e341022d8e47a06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cew1BsXVDfVCAb1H0l2_fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cew1BsXVDfVCAb1H0l2_fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 15:12:24 GMT
expires: Mon, 08 Jan 2024 15:12:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 471B 39 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 12:10:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CB86 0
0 51ms
51ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=3003395594474307&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 471B 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OhNGZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:12:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0685 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFhemFs7v8Eibc3Kk73s4s8KTADeH46ohxqCXxRhcYEJFS3Im-ISlMaHGwdXfIoiI86wC3kem6XzB3Wkfu_RGvvxOcZyhOCMLWB_j4xIAe5LQ4qkACCqlteEiSASmgH5cK5Ay3c4CzpfjkVk6o3T4oTU6TpPe8sTBJ17WQkSsLV8vc5eBW4TQjs9Rc6wPckeQ8eHxZ7_9nuyxHDED5nA9qw5YtUSddnG4iEemXEgHgRIXWb69H6pROkgu1XNyG7zS6zsp68prTtVgsc_XSQOt3zXpIni__8_6uaSk7ZQYdJpiEc_KWl26_-CcQUkde3SudoQeohSfJmfRBDXMOIPpYmZnVVUotl8Irhe8WKdOBBA2IQjN24kduUrEZ1SYQzNLsyKlUsruIEoGWoOPb_GF24WbXuI7aCiafdeLlX3fLrelNdDRWC5Pi4t7kh53827P0oSYMAMvU0QJyCDoUcUAHK4WBufWhVP8UzW2aCED2FRFlkxAaKuT2yOD7vrklgSg6Wx0D5rSuBAcv3T6BhTB8IWCLh_4PK1nD7KyAHT3Z1NA0BPPFrdjyyzvSCD_4Q9gdNGR--8nBuuOBuJ2dNuQRgq0H6aMkqkA6vqUutX3sTvpyKenk3hH6d9gdH042KLCUiDxbNbl_MGZr_BqVq638ASCDfh3VYOaPuVY34POS9slzKGQxGHH7eVo4FvLzB0yDEhdLDI_2n4rNyUVqfi-mW6YdItDZ_3u-JjJl42hDJW7paNbltCOtpo2QZMn-GTRqdfhvssLVwNEyNAYQk8aDZgnD6E7mVtDpAQCYoN4vK-BOrhHZicgt_UJWSLz3KxU1hIzJgBgZX-oGk5iJguVC85EqeO_GuGmDDuu-VK3_LT1IEIYTbLtnn0CRwoT2T84-raGRvY2b4T_lIu_RLefiZkQcDW0Ls5ph8jDJMgcdISv5UAcMZ2oJks_unbrQYhVzqQhS9Dtybvcd4qGnFHc0EjVmoc8d4H2ezc0E7NKQbIJslUECqfExeoWuy_K-6nCHA7IQoQJVdxRlWHyJbkeK5e2-mGN2eripyZMNBA1L785RzdpMTl9BP0KYPSNbyCuFXodB5mlVmIwZ1rUvzkCT6mw2AMLnGay80YtE&sai=AMfl-YSr7dR1c79EPRqwGkvrFBPEAeHHp8yDBgF1c-zPpgovNxKFq-xvLC0GbBcjFo2fXk5L9iuFZcFBGPH0Dik2bXA1Bpts-ngIb-SylkFiQiDO7a7TEjKFZlTgQbLZWfEiBF3SDYuESDsse3Ix9nj3Rl-IkxH9vf0NjqaJlQ&sig=Cg0ArKJSzLRKOIo5MUFREAE&cid=CAQSTgAvHhf_8ovUSRf6IK_MhHDjRvYGhdprq8xoCQWpoLreZxYKcuNAEhrACdm01OM2OcnPRjgdKNL5cJqCebNWsCPKq8DHL6skFntGVQrnVBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=443657611&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704726742900&rpt=911&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=3003395594474307&bg=!Z2SlZCvNAAY3kmNgF5I7ADQBe5WfOEN3BnjyQmIlyKDBqGOYLU37AB4aPHOvk0Z5xd6OWAX6rK9LDTBCMwJXUCImjfmbAgAAADFSAAAAAmgBBwoAV5q3Bs7-jqFd2Ct0DwrGEN0lwCB-YlZd1wa29lE_iUHCOnwqyaiqHWTqXXyxvpoZsH9Y_YLQliRIrEnHsbD8C4gpIYJx-JYSkPnAJ6WR6OoeK1PFglYP-pkCvolttMEpJNmEORK5eEWVHyfqdldBfDuuSM9Q4dq6NgaXr4nRxOPcTtDpKzG19UpItghEQHp8tprXmw9c9n5kXTlnmAmn9Z4wfoTEYluYiZAPZ3TyrOzaRLSn-VFJIf7cPhQVIPGHNcB7JkHCPgYSz2I67Mk98jxovCAeRmgBuZSQBZCHiwVyIxJBbRZrLHtGoxB47V6iIzl7kvdmwl9Ad680LulfG8KKyUCZ2wyOzbDP41S-brwL2ZPdaticv_f-2Cd3AyKEeKHOciuaWYDfOPzdQMyINnCl7nd4t9poIDK-1B4-r_-4OGQZZQkcU9M0S5QbEzDofa3dZdQHCvN0O8-0lKpPuXt-yT2Q9SVAk4AmS6uNCJRKKpYdvgzMIlf5mlYYbbNXLVUJhgZKZy-RP_hRFWWLla-8bpvaD-bFmvejfDP0FWKrodyoNg_lD_kMcWP_6EU0Cw5wxKtMR41cCKQK4JyfIOkK9OQYMLfLONI13NvEW8WTnqdtIllm53q_O9S5y2WdFby7f01gTrwkbY1fyu6QuK8We9rAeZRlYt6yTjJlELJn0CA29aTQuJ1b2c48Z8-LVJaUBexbA0rJG5pUNHPKjXWPEFliReTXyhDGA_RCnVSGOaBJ9uo24LlcyYWZpFsVJGneTIIFJqtxvAnP1MJ6OfHN9BZJ-yijqnA0dJWo6JLbl6nuhA2pnkMOTlVpyUiUhT_KcJcoi2JJhcM1HUxerAVf5xVLMsuwB4SS37-RnTXbpMYQyXsDOUMIb6xwombJhpZhhO0XN6RNvWuD00s7xojcr-RS6W2Ddfr9w1Akf_z5ay1k43VD2PsXiU3YYTGjUgt4GhO1WVzOECAjED_cVjo6XVFcGjevlCGPfspE88PO9ROWLz_XsxT1siqBON5vOScNxC7s-FcHKx6iSVIprl1Fd0zagLcJsw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 43CF 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstj8-V4Lha_1fPljf29D5HLvtokU_gDBtsWvL5xKBib_PPWYVZ5vlI9BHWhXXqfpFGxnhoYw64KvYHeACEHifbfuGdTYzGTDT71Jj8JtQGGHZfYzOFRlV8XpjH7fpZBSPkKianad3erXEqEigToCJbMACoC&sai=AMfl-YSFpQ1Jzqf7ZFnwyAWLOmiwAz_G3OzRW7i6F0WMvdccCCkFjQRn-Cndnt9oCvbKTu16u1T5tAck_g0m77NTa1t2u5YqS97FJU2BYPbG40-vi-lYUUC-EcljOyr6vXJIUqBOn7ulIAcjlACGA21j&sig=Cg0ArKJSzH9P6A3FpsV6EAE&cid=CAQSTgAvHhf_4kny_xJUZkGQu15rCEV_b6lhKAc5qdfMN2U_z6zyKALIHbLPHkyWyrGiYjweg1yIydp16sIn0Tb-BwuVByX2EnjDK-VDkYAwURgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2480053544&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704726742904&rpt=1315&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 15:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kuku.lu/	1970-01-21 03:08:06	Name: _ga_QLSXLE74DJ Value: GS1.1.1704726741.1.0.1704726741.0.0.0
.kuku.lu/	1970-01-21 03:08:06	Name: _ga Value: GA1.1.922961706.1704726741
.kuku.lu/	1970-01-21 02:53:42	Name: __gads Value: ID=69534e7f7f027337:T=1704726742:RT=1704726742:S=ALNI_MYe0aas9t-pvt4ho8ccxk_-vfCnXg
.kuku.lu/	1970-01-21 02:53:42	Name: __gpi Value: UID=00000cf2647e1590:T=1704726742:RT=1704726742:S=ALNI_MYR4zBsmgaENt7HHnkXGLPz4A1exQ
.doubleclick.net/	1970-01-21 02:53:42	Name: IDE Value: AHWqTUkWDwWeTDsDTmvX8IB9azF3KUb6Z8w6oGqMxY3IizUjcTyX_jxaXlo0IqMbKio
.doubleclick.net/	1970-01-20 17:32:10	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 19:41:42	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:32:07	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kukulu.erinn.biz
live.erinn.biz
magical.kuku.lu
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.26.15.232
172.217.23.98
2001:4860:4802:34::36
2606:4700:20::681a:6a1
2606:4700:20::ac43:4b13
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
02d897e74e4824807b307132a2a44513be9f6a149b2559711c97131ecb48ff99
0909b8572147d95df77c37bfad36232331237be765ad7d1eaf9a5c880778765d
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f7857fa96be52b171ef53893542dea71330bf95c34b950e8e341022d8e47a06
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c49ff8b872124d28bcbdbbb407721ad11b62059a20a236048caaaba957d17dd
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a7475d448ea2b1f17bd917fcb1f69fa6f3c6d47662556bccdf6917bc2fd1414
2c04a134b8a5ea10827e722bfb28e2fb2ac12f6b41d1be147843d44ac0741ae6
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3191557768142fa64c3cc018404e659bf1f8dee713b3b753abc30c38136cfb8e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
44d809624fc3a8d2d7a918cb75ce2584c7d45e55366232fc05b1106edbabd781
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45e85cfec6b5c4683c14be7d37b8137cf58f3942f2cb77d00d59a9338a88e2ae
47a7d7f8493db5cb10a646601fca929f8f67d26130a347e6a2b4f594ee4afa8d
4ecf382cc5f93c51aec49500b6bf622491c3394a041d60bcd2e23b5269e102dd
4f2b8739f830ba6bad0ee41fa682088295318f113b6b66e62b5e60bd7f0c65df
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5675b0e17cd7f02618b76dbc8dd23cc7b04cfe146384aacc006cc50051739b35
5dd8486b79efa70e5ed59b9dca7ad534bab858970f8851ba14ec44e7dd11ce6f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6c7b8aeefb9e21141d9b66337c65f247439d5e801ac398e320ff1d1fe31a062c
700fa8a0cb346fa6380309c0a27ad909051f327a9715e3083659fb368bd66990
724affef375f36017777b326531c431ad93ee8fb0c0c09343f254a49d52ee809
7b32c5f12585cc72d99b51cb08972cbe9dbff1c8a71e1c37da28e117daa50f52
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8fc5790bf23641c53214029c960bcd5b47abd1b89ab82c08793961f3a8045d94
99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a329888345fdf6ce08dae98e2db61b4de5270c2c1e0dd8afba234beb08784c1f
a745095424799c45d2ae2b09554917a817c82b7afc0c191233991f7268aa8f73
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3adc4f69bd3cab145de8295bb3f76a10c1c1e2664b7cdc32485c1e18e56434c
b51888596cfb38d7dc9e2a7dc62917bc68caba9dfc647fdcbfade1827b680a0e
b542b24f8cab663b7104d5305883daafd776ddd9d570ab4df23abefad97d07ec
b707a6987bd359a20be8b40735e6072ab08b8e9e9956c1ed685f270dadc5cd57
bac8810a47ad52ace415f936c526aabfaba33480ec212b68ccdde147016c0b80
bbb287a750c097d0fb8708c8273488db1e8059ff70b05d51c59df99f8fd97e66
ced25773fd184ed548988c73fee3e86d7d0454eba1f54c41061c851e3d56a793
ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea
d0de61a646e8490453d3645317abbc591d0cc36a70d765042bc6038f1bb0ad89
d6c1dd0d2acb7e68c4723b9abd3f8ca61497915118f35db3aaa297f398c2aea8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9071fc729ed96392be22e2bb122b0296aa70512094592aed94e126f389754ef
df377f38e699db1d979131554dc1e7d6ac733360ed2e12d8cabe8a241974ed35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fdb58bd6a9970162272082b5853fd106b5478d2faf7e36ca577b80b09327f556

magical.kuku.lu Open in urlscan Pro 2606:4700:20::ac43:4b13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

86 %IPv6

11 Domains

15 Subdomains

14 IPs

3 Countries

1261 kBTransfer

3051 kBSize

8 Cookies

32 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

magical.kuku.lu Open in urlscan Pro
2606:4700:20::ac43:4b13 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

86 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

1261 kB
Transfer

3051 kB
Size

8
Cookies

80 HTTP transactions
9 data transactions