urlscan.io logo urlscan.io
SecurityTrails logo

ddns.kuku.lu Open in urlscan Pro
172.67.71.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://f5.si/
Effective URL: https://ddns.kuku.lu/
Submission: On January 03 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 11 domains to perform 21 HTTP transactions. The main IP is 172.67.71.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is ddns.kuku.lu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2020. Valid for: a year.
This is the only time ddns.kuku.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 133.130.103.75 7506 (INTERQ GM...)
4 172.67.71.160 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.26.15.232 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 8
1    133.130.103.75 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v133-130-103-75.a02c.g.tyo1.static.cnode.io
f5.si
4    172.67.71.160 (United States)

ASN13335 (CLOUDFLARENET, US)
ddns.kuku.lu
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    104.26.15.232 (United States)

ASN13335 (CLOUDFLARENET, US)
kukulu.erinn.biz
5    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
4 pagead2.googlesyndication.com ddns.kuku.lu
pagead2.googlesyndication.com
4 ddns.kuku.lu ddns.kuku.lu
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 kukulu.erinn.biz ddns.kuku.lu
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com ddns.kuku.lu
1 ajax.googleapis.com ddns.kuku.lu
1 f5.si 1 redirects
21 12
Subject Issuer Validity Valid
kuku.lu
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-16 -
2021-07-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://ddns.kuku.lu/
Frame ID: 2B1C7A9AC5B06C272A1706CC057CC5D9
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 30E93E4EFB524754D23897C029E42DC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6235967741013519&output=html&h=280&slotname=4603585006&adk=3985482676&adf=3817146804&pi=t.ma~as.4603585006&w=600&fwrn=4&fwrnh=100&lmt=1609704497&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fddns.kuku.lu%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609704497185&bpp=15&bdt=176&idt=78&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8678901586360&frm=20&pv=2&ga_vid=250744754.1609704497&ga_sid=1609704497&ga_hid=244347394&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=653804318681881&pem=612&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zsUzXM1drb&p=https%3A//ddns.kuku.lu&dtd=96
Frame ID: 6F52C2E9F455239B3356210338ECBEF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6235967741013519&output=html&adk=1812271804&adf=3025194257&lmt=1609704497&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fddns.kuku.lu%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609704497200&bpp=3&bdt=192&idt=92&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280&nras=1&correlator=8678901586360&frm=20&pv=1&ga_vid=250744754.1609704497&ga_sid=1609704497&ga_hid=244347394&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=653804318681881&pem=612&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: 8203F4835F660B96CF004C6115CDDE84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 37427903783F62F0575245A0E91453AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://f5.si/ HTTP 302
    https://ddns.kuku.lu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

21
Requests

100 %
HTTPS

56 %
IPv6

11
Domains

12
Subdomains

8
IPs

3
Countries

239 kB
Transfer

623 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://f5.si/ HTTP 302
    https://ddns.kuku.lu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ddns.kuku.lu/
Redirect Chain
  • http://f5.si/
  • https://ddns.kuku.lu/
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash
a3b54f462a6ee7b921f4ad79ac7036f89e0f761ad35e280259ccd6694fbf3d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ddns.kuku.lu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:16 GMT
content-type
text/html
content-length
5976
set-cookie
__cfduid=df2aae792f0cc2160dae68f21b6bd0f321609704496; expires=Tue, 02-Feb-21 20:08:16 GMT; path=/; domain=.kuku.lu; HttpOnly; SameSite=Lax
x-powered-by
PHP/5.5.9-1ubuntu4.29
x-xss-protection
1; mode=block
x-frame-options
DENY
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
076b7675300000fa2c559ec000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=duwWz9g0YPL2r0jxrjgLhfPSZgTq89eETrdzJuZmNrCO0YSzuBwh%2BQ3Ej0AthUIfDuBQCH5lZToqsH44Y8XXJsBAYUTC644eT2f9iU4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60bf59cebd2efa2c-AMS

Redirect headers

Date
Sun, 03 Jan 2021 20:08:16 GMT
Server
Apache
X-Powered-By
PHP/5.5.9-1ubuntu4.29
X-XSS-Protection
1; mode=block
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000;
Location
https://ddns.kuku.lu/
Content-Length
0
Connection
close
Content-Type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 23:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507377
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Dec 2021 23:12:00 GMT
t.gif
kukulu.erinn.biz/img/ 		986 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kukulu.erinn.biz/img/t.gif
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2019 17:36:08 GMT
server
cloudflare
etag
"3da-58b4c14e6d200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yRrXtCu5f0eoL9CcowM1pmFeOyvSrBnbv8atL%2B%2Fw38D%2ByHX98Qx5pPCrq8Y51%2Fr6WI4QuNIZUJICO%2BTxqKr8BwMC4lrTIt9SewzsQo9Myufs"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
60bf59d2aa3dd8c5-AMS
content-length
986
cf-request-id
076b7677a70000d8c547af0000000001
a.gif
kukulu.erinn.biz/img/ 		227 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kukulu.erinn.biz/img/a.gif
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da00a735ede6be0ca5e0e7fb3e2624f8383d59918d58b9a45d945f8ceb119c0a

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Jul 2013 02:57:35 GMT
server
cloudflare
etag
"e3-4e0a6bd7b25c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BnSL7y1XGpY6ZcG%2Be9TFDqdTRft2o%2BlHNCTXh%2BJ5L2tFa3Ifes6t9QdfepyeD9fD5LvM5oJf6HvSX4Or0AlCv19w8DWsXDt1gXKZ6hwNsshc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
60bf59d2aa40d8c5-AMS
content-length
227
cf-request-id
076b7677a80000d8c592946000000001
top.png
ddns.kuku.lu/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddns.kuku.lu/img/top.png
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338788bb935704b48ea31676e9ff62de84b7f61531730c32cac8a3252b33354c

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=6793
content-length
3777
cf-request-id
076b7677a30000fa2c53848000000001
last-modified
Mon, 27 Jun 2016 13:10:47 GMT
server
cloudflare
etag
"1a89-536423fa3e3c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BZbrG52Xo%2BP%2F9%2FgOp92B0xs%2FNMAIJ%2FkrpMsM1r8enelz5UJM%2BTcKDp8E2dNO1HI5c7B28H6dEN%2B6njXiS2IdK%2BVVoHF0gHYVSNZuFEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
60bf59d29d09fa2c-AMS
cf-bgj
imgq:100,h2pri
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e95312c4f446a778a4e381be2ab80be0f36fea344760b66ec06e17d1e4c1740f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47114
x-xss-protection
0
server
cafe
etag
10026942970525496094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Jan 2021 20:08:17 GMT
aquapal.png
ddns.kuku.lu/img/ 		967 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddns.kuku.lu/img/aquapal.png
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a694ff2fa675936b314330ca2ffb8738a682c810f402b148e541c05274add1

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1783
content-length
967
cf-request-id
076b7677a30000fa2c7c1f4000000001
last-modified
Mon, 27 Jun 2016 13:10:47 GMT
server
cloudflare
etag
"6f7-536423fa3e3c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QtX5tjSeVynl2sxEkRaZXF8IE0Zu0aAeFLOosuBm%2BoUkDRSTCAheCUcd9EZNAVPLnWyXDgWf9xY6TnO9nAXwLxPT0M2dltscVDHxb0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
60bf59d29d0afa2c-AMS
cf-bgj
imgq:100,h2pri
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1063
date
Sun, 03 Jan 2021 19:50:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 03 Jan 2021 21:50:34 GMT
top_bg.png
ddns.kuku.lu/img/ 		307 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddns.kuku.lu/img/top_bg.png
Requested by
Host: ddns.kuku.lu
URL: https://ddns.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9e248931147fa7949443cf7e73c4aa7a0f5cacadfe6d41367e30f58dce2585

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=425
content-length
307
cf-request-id
076b7677bf0000fa2cd2023000000001
last-modified
Mon, 27 Jun 2016 13:10:47 GMT
server
cloudflare
etag
"1a9-536423fa3e3c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Af6PIReAExl59zRiuU%2FUaA7kAuNA%2BBuktfDe%2BVG%2F9fmuY41hSnqBgUc2e8FD4LgZA%2BvLLm5tH68VEvmXabf2H6Ojmw3gSGb8Jc0bsoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
60bf59d2cd6cfa2c-AMS
cf-bgj
imgq:100,h2pri
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		234 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Jan 2021 20:08:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 30E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddns.kuku.lu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ddns.kuku.lu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 03 Jan 2021 10:01:15 GMT
expires
Sun, 17 Jan 2021 10:01:15 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
36422
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		197 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ddns.kuku.lu&callback=_gfp_s_&client=ca-pub-6235967741013519
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f226.1e100.net
Software
cafe /
Resource Hash
d443235a824af58342f4de2b69bd2baec4a78a008ba8c8af95aefbb20ec86910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ddns.kuku.lu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ddns.kuku.lu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6F52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6235967741013519&output=html&h=280&slotname=4603585006&adk=3985482676&adf=3817146804&pi=t.ma~as.4603585006&w=600&fwrn=4&fwrnh=100&lmt=1609704497&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fddns.kuku.lu%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609704497185&bpp=15&bdt=176&idt=78&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8678901586360&frm=20&pv=2&ga_vid=250744754.1609704497&ga_sid=1609704497&ga_hid=244347394&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=653804318681881&pem=612&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zsUzXM1drb&p=https%3A//ddns.kuku.lu&dtd=96
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6235967741013519&output=html&h=280&slotname=4603585006&adk=3985482676&adf=3817146804&pi=t.ma~as.4603585006&w=600&fwrn=4&fwrnh=100&lmt=1609704497&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fddns.kuku.lu%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609704497185&bpp=15&bdt=176&idt=78&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8678901586360&frm=20&pv=2&ga_vid=250744754.1609704497&ga_sid=1609704497&ga_hid=244347394&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=653804318681881&pem=612&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zsUzXM1drb&p=https%3A//ddns.kuku.lu&dtd=96
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddns.kuku.lu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ddns.kuku.lu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 03 Jan 2021 20:08:17 GMT
server
cafe
content-length
24024
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Jan-2021 20:23:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Jan 2021 20:08:17 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607690616793149"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28334
x-xss-protection
0
expires
Sun, 03 Jan 2021 20:08:17 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8203 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6235967741013519&output=html&adk=1812271804&adf=3025194257&lmt=1609704497&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fddns.kuku.lu%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609704497200&bpp=3&bdt=192&idt=92&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280&nras=1&correlator=8678901586360&frm=20&pv=1&ga_vid=250744754.1609704497&ga_sid=1609704497&ga_hid=244347394&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=653804318681881&pem=612&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6235967741013519&output=html&adk=1812271804&adf=3025194257&lmt=1609704497&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fddns.kuku.lu%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609704497200&bpp=3&bdt=192&idt=92&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280&nras=1&correlator=8678901586360&frm=20&pv=1&ga_vid=250744754.1609704497&ga_sid=1609704497&ga_hid=244347394&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=653804318681881&pem=612&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddns.kuku.lu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ddns.kuku.lu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Jan 2021 20:08:17 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Jan-2021 20:23:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Jan 2021 20:08:17 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
396f43ae4c4996ee7cb1511bfd6b4d7859365c97931d1b8dc861f381c038f256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6453
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 20:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Sun, 03 Jan 2021 20:08:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3742 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ddns.kuku.lu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ddns.kuku.lu/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Sun, 03 Jan 2021 18:54:01 GMT
expires
Mon, 03 Jan 2022 18:54:01 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4456
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=653804318681881&bg=!WFulW3vNAAXKjztBylgvgG2p3m5ZqgIAAABMUgAAAAxoAQcKAb6wJTg30Sv4JEF44MlMJUkPGZXL_Q5ppXRxG8ee--qw5VbXa22yWFfb49voz95E6zJ8vmj1N5Y88PM3XHDe3Co5ItPrFx3L-dmNosxcqnAqYvW2ieKMdbADmuh5AdBGdVxBGmgaIR8wZYH-9DHnbiXxOS4sCoA7RMuYb7wd7BvlNjV_nOiGfKlEY-sPTjeP-ADWBU0tnZBtZ-X-L_LAhSaTf3mKTPpyAJnaYyZL3-J4V72bqpXvbcRVay5woUt14p9ws9mLAgKKCcmejnbDIgMEDyN3fqQbX94bCE70uU0eeyLAVS7m2LjU3QjLxBFq_saxP03Z17OF5X2OgjnmmZ2IqJTD3TptEF9ILAAUDKr73gmdHpO40ypYyZKVj7kDwb1X3wm0hJGNlu1_e7ey3YUWCoSk2o96tyMifJvCNmByN1qsMlbmbNBPLOIymlnejGSeGFz2j6Ek8Fi3XynfihODpsH5gt5SpuE8_nD89HTMcWt_BCcvYxofpIUfJD6nxgSojM1U446x9JOIbCjcubvWyo6Plra81KRllRfkQOKsbO767O9ZgiQLGlqzsDZYoGa0bnSbsN2T-Mue3XGecpkBtT7w5lcUsBLnYtQyOIq5OMIoPAHWlYA2Ye61fy8QsSY-M03jjhYy1939oXYmUYCpUBXzHCATsr1JuZyRbjAvXrkYNx2HRlAhkKgjiRc23AE1303HaSvJo_sV-KyN_DZVehikXZS12DSYKDJjE7-eFFuL2sHuMHy8TSJybZMJNdxYOiwyVFLSsc2wB3Yf1Q_5HFQNlP9j__WLmX6bb-Y2VyWo5TC3dZOHddoZ9OZePSoUNznupOG-SQJuKtI8hEhKn6JrZ49EmUOylKUbt6WK4pqAJ9aGdnhLhQyPlPE0EdcTxhEEMLpYyWH_0rFHYRZuQWxSfF4D7oR-OITWkZS9trk2mO9pJxXeX8yxZyKw4FT2F2wLk1HYxbU65lhdLYfgGLkrxYgBw5yCMXK4BmC7r0ulhAa-N9FY3bAWmmUJY0oZ_Nss9tOJ0EiZw0ZRruM2DPpV8Ca6yc3IiaHWea3YFYKFRnHE-bW7-kSybCW2Cswp3PiNoFh0bjzxHDfVcAfrJdYlLVCQjkvmVmTAedR0QHP5XYcO1JxcF8sGtM1G5uCs-5YaxiKb8UTvsw3BjQTKuaPqlbRk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ddns.kuku.lu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jan 2021 20:08:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| open_header_mabinogi function| goShortURL_Header function| SendCheckFreeDomain function| RecvCheckFreeDomain boolean| new_checktrue_domain string| old_domain function| checkNewDomain function| checkNewDomainError function| checkNewDomainSuccess boolean| new_sendlock boolean| new_checktrue_password function| checkNewPassword object| adsbygoogle string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnHfcKmohwaPql06nl3mFPMqI5kbqrWtUvkhyp5B2G4bWmU93WIPN2JE6da
.kuku.lu/ Name: __gads
Value: ID=2941a6b0b672f6f3-2279f94f7db90073:T=1609704497:RT=1609704497:S=ALNI_MZN9tJDz2zl955RJks3aEo2SlyOwQ
.kuku.lu/ Name: __cfduid
Value: df2aae792f0cc2160dae68f21b6bd0f321609704496

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
ddns.kuku.lu
f5.si
googleads.g.doubleclick.net
kukulu.erinn.biz
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
104.26.15.232
133.130.103.75
172.217.21.226
172.67.71.160
2a00:1450:4001:800::200a
2a00:1450:4001:816::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:820::2002
2a00:1450:4001:820::200e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07a694ff2fa675936b314330ca2ffb8738a682c810f402b148e541c05274add1
0e9e248931147fa7949443cf7e73c4aa7a0f5cacadfe6d41367e30f58dce2585
338788bb935704b48ea31676e9ff62de84b7f61531730c32cac8a3252b33354c
396f43ae4c4996ee7cb1511bfd6b4d7859365c97931d1b8dc861f381c038f256
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a3b54f462a6ee7b921f4ad79ac7036f89e0f761ad35e280259ccd6694fbf3d61
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea
d443235a824af58342f4de2b69bd2baec4a78a008ba8c8af95aefbb20ec86910
da00a735ede6be0ca5e0e7fb3e2624f8383d59918d58b9a45d945f8ceb119c0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e95312c4f446a778a4e381be2ab80be0f36fea344760b66ec06e17d1e4c1740f
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149