magical.kuku.lu Open in urlscan Pro
104.26.6.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://magical.kuku.lu/page.contact.php?type=MailNow
Effective URL:
https://magical.kuku.lu/page.contact.php?type=MailNow
Submission: On October 05 via manual (October 5th 2022, 4:43:45 am UTC) from JP — Scanned from JP

Summary HTTP 54 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 54 HTTP transactions. The main IP is 104.26.6.161, located in United States and belongs to CLOUDFLARENET, US. The main domain is magical.kuku.lu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time magical.kuku.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	104.26.6.161 104.26.6.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:81f::2008	15169 (GOOGLE) (GOOGLE)
3	104.26.15.232 104.26.15.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
1 9	2404:6800:400... 2404:6800:4004:81d::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:821::2006	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80b::2004	15169 (GOOGLE) (GOOGLE)
54	16

8 104.26.6.161 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

magical.kuku.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81f::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.15.232 (United States)

ASN13335 (CLOUDFLARENET, US)

live.erinn.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kukulu.erinn.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:81d::2001 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:821::2006 (Australia)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	334 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 402 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	498 KB
8	kuku.lu 1 redirects magical.kuku.lu	50 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	43 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	2 KB
3	erinn.biz live.erinn.biz kukulu.erinn.biz	3 KB
2	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 55951	914 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	694 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	347 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	74 KB
54	12

	Domain	Requested by
10	pagead2.googlesyndication.com	magical.kuku.lu pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	magical.kuku.lu	1 redirects magical.kuku.lu
7	static.doubleclick.net	googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
2	kukulu.erinn.biz	magical.kuku.lu
1	www.google.com	tpc.googlesyndication.com
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	live.erinn.biz	magical.kuku.lu
1	www.googletagmanager.com	magical.kuku.lu
54	19

This site contains links to these domains. Also see Links.

Domain
m.kuku.lu
draw.kuku.lu
live.erinn.biz
d.kuku.lu
s.kuku.lu
v.kuku.lu
ddns.kuku.lu
status.aquapal.net
aquapal.net
kukulu.erinn.biz
rua.erinn.biz
weather.erinn.biz
labo.erinn.biz

Subject Issuer	Validity	Valid
kuku.lu Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://magical.kuku.lu/page.contact.php?type=MailNow
Frame ID: 0E455199A120F4C0077A75029C84D37D
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=1193451086&adf=1160220461&pi=t.ma~as.3123457437&w=728&lmt=1664945021&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664945021266&bpp=36&bdt=277&idt=253&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=4083397523962&rume=1&frm=20&pv=2&ga_vid=324834028.1664945021&ga_sid=1664945022&ga_hid=889883801&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069178%2C44772927%2C31061691%2C31061692%2C31062930&oid=2&pvsid=1493806641767660&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nxcmcsvklj&p=https%3A//magical.kuku.lu&dtd=272
Frame ID: 32EE485BC9F57035C0FD0870539FCD87
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: E0A7CE85C3C1B7FB6DAFD6B375BD9E6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: AA005F51C3B098EAA07E85C729C4CF90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&lmt=1664945022&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664945022503&bpp=3&bdt=1513&idt=3&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9492c438632669-22dfb9f4ded6002a%3AT%3D1664945021%3ART%3D1664945021%3AS%3DALNI_MYFG8sreT01BJhRw_39AXg8z55fWA&gpic=UID%3D00000a1a84d1a586%3AT%3D1664945021%3ART%3D1664945021%3AS%3DALNI_MZ4_FwCwlZXOp2wjX00NEjzgwqSyg&prev_slotnames=3123457437&nras=1&correlator=4083397523962&rume=1&frm=20&pv=1&ga_vid=324834028.1664945021&ga_sid=1664945022&ga_hid=889883801&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069178%2C44772927%2C31061691%2C31061692%2C31062930&oid=2&psts=APxP-9DVOXRUpfxwMg4VOWlSjq0TtW4XfujsDgLRzoKs-mmQM0JolipwzF6vP_2pHIDJZVsYYIMLNqwJsuK5qPM&pvsid=1493806641767660&tmod=2006741213&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=32
Frame ID: BAD5BBB9B432CFCA1C637B3AEB451983
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7941DE8F1A08FE0493BF1B2C6AA74D86
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97E192C16541AD0EB78B2B7B57E2FE41
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inquiry | MagicalKukusama

Page URL History Show full URLs

http://magical.kuku.lu/page.contact.php?type=MailNow HTTP 301
https://magical.kuku.lu/page.contact.php?type=MailNow Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

54
Requests

98 %
HTTPS

87 %
IPv6

12
Domains

19
Subdomains

16
IPs

2
Countries

1050 kB
Transfer

1998 kB
Size

6
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://m.kuku.lu/
Title: 捨てメアド

Search URL Search Domain Scan URL

URL: https://draw.kuku.lu/
Title: 絵チャ

Search URL Search Domain Scan URL

URL: https://live.erinn.biz/?force=1
Title: LIVE

Search URL Search Domain Scan URL

URL: https://d.kuku.lu/
Title: ファイル転送

Search URL Search Domain Scan URL

URL: https://s.kuku.lu/
Title: 画像共有

Search URL Search Domain Scan URL

URL: https://v.kuku.lu/
Title: 動画共有

Search URL Search Domain Scan URL

URL: https://ddns.kuku.lu/
Title: DDNS

Search URL Search Domain Scan URL

URL: https://status.aquapal.net/
Title: 稼働状況

Search URL Search Domain Scan URL

URL: https://aquapal.net/

Search URL Search Domain Scan URL

URL: https://kukulu.erinn.biz/?force=1
Title: キャラ・放送

Search URL Search Domain Scan URL

URL: https://rua.erinn.biz/
Title: 相場調査

Search URL Search Domain Scan URL

URL: https://weather.erinn.biz/
Title: 攻略情報

Search URL Search Domain Scan URL

URL: http://labo.erinn.biz/
Title: ツール

Search URL Search Domain Scan URL

URL: https://aquapal.net/rule.php
Title: Click here for privacy policy.

Search URL Search Domain Scan URL

URL: https://m.kuku.lu/smphone.app.help.php
Title: Q&A

Search URL Search Domain Scan URL

URL: http://d.kuku.lu/
Title: here

Search URL Search Domain Scan URL

URL: http://aquapal.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://magical.kuku.lu/page.contact.php?type=MailNow HTTP 301
https://magical.kuku.lu/page.contact.php?type=MailNow Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnvL_L7AEQhAcYhAcyCDGhXNUM4mQz HTTP 301
https://tpc.googlesyndication.com/simgad/10029597440460631271

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request page.contact.php Show response
magical.kuku.lu/
Redirect Chain

http://magical.kuku.lu/page.contact.php?type=MailNow
https://magical.kuku.lu/page.contact.php?type=MailNow

27 KB
8 KB

57ms
22ms

Document
text/html

104.26.6.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687bdf7024469b9b89521e7fa35f0caba18df71ce407c6a807a4114ac4e5e8f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 75537f6d1feee055-NRT
content-encoding: gzip
content-length: 7660
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 04:43:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kGcnJZZDYXNFkdPHvKjoKOWQdh%2BIQdH7a6R551Bii6vPCATdzHVz5U9HdMVzRXA1vN%2FJsyLcCHqLapkQgG9HKCHwyS67p%2FhGrE5dqJwYBt6Fkf4dgM7fA4LNAWOhZs1mw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 75537f6cb893e001-NRT
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 05 Oct 2022 04:43:40 GMT
Expires: Wed, 05 Oct 2022 05:43:40 GMT
Location: https://magical.kuku.lu/page.contact.php?type=MailNow
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxzGnYj%2BjhVZII%2F0Go0s7gpIW9iXtJed2n3QZ8u5C9uM70AwjN79SRaN11CyWSprh0slP%2Fk8WB2%2FhJXnyULAdmIkadzlLAclLWEOWiv3Zqx2zUbu9GoWZQFaT5AfqK%2BvTA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 91ms
46ms Script
application/javascript 2404:6800:4004:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QLSXLE74DJ

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

275b6a8bcab258a0580052d335d83a502a693904fae4cc53e3509b3e92c40715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 Oct 2022 04:43:41 GMT

GET
H2 200 _useruuid.js.php Show response
live.erinn.biz/ 0
737 B 59ms
44ms Script
text/html 104.26.15.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.erinn.biz/_useruuid.js.php

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.232 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
strict-transport-security: max-age=2678400;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDWIwbLAQgDK2xsgDD%2F%2BkQdst%2FobDaL79u4sJXxFyQ%2Bg0VSdkPcmWayDbZOhZvE2vlqi51rI1TOmeBeKrdIn%2FslcpPX236LknO382NFO874NCkaj81VqMw7Gus0aDyVw"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 75537f6d499ee025-NRT
content-length: 0

GET
H2 200 kukulufinger2.js Show response
magical.kuku.lu/ 38 KB
12 KB 14ms
13ms Script
application/javascript 104.26.6.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magical.kuku.lu/kukulufinger2.js
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bbb183436474e45fbfd60632ba6506cecaf9539e2b24927e32aca2a549e1bff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 25 May 2019 10:52:58 GMT
server: cloudflare
age: 171
cf-polished: origSize=51453
etag: W/"c8fd-589b41e3d3680"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUUG2VcE7q3ta3z9r003FmdJMoaTdCJJ9luYyr4UfLr5h3UiScR20HLHJDQ0%2F3CWGHxI13U6zaUChtSTLczAwWS6O8lpIxJGFkS7UWpG7XGxtn%2FvwkVXFuaKRUgsuHwVMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=28800
cf-ray: 75537f6d3825e055-NRT

GET
H2 200 t.gif
kukulu.erinn.biz/img/ 986 B
1 KB 24ms
18ms Image
image/gif 104.26.15.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kukulu.erinn.biz/img/t.gif
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jun 2019 17:36:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3413
etag: "3da-58b4c14e6d200"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDdJiFa%2FoTmW3y0Ec7D5Q5pfvg0Ju%2F61JfaewCHAfTCY0ILuC8CEuo2JwcV1skj2D4Fd4sFltER98OQpnGAE%2FdaWG73gTiPevnVoiTBaHRFtsjkmWtjheGKcAoTV8jAdDFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75537f6daa07e025-NRT
content-length: 986

GET
H2 200 a.gif
kukulu.erinn.biz/img/ 227 B
540 B 25ms
19ms Image
image/gif 104.26.15.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kukulu.erinn.biz/img/a.gif
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da00a735ede6be0ca5e0e7fb3e2624f8383d59918d58b9a45d945f8ceb119c0a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
cf-cache-status: HIT
last-modified: Thu, 04 Jul 2013 02:57:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4302
etag: "e3-4e0a6bd7b25c0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awuzNqaysleU1zKM9F5ZEWbgXuE9N2dEMmeFIIXME6KGa4AWmCZyMaYheXo09Yl49ZQugaOtCqfr%2Bqk8CxmgpUdH1AgksH4W3I4jKb0NSNUtfNqMkKE7wAOswJOgDTvjHU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75537f6daa09e025-NRT
content-length: 227

GET
H2 200 top2016c.png
magical.kuku.lu/img/ 13 KB
14 KB 29ms
27ms Image
image/png 104.26.6.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/top2016c.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f203261103ea93f0873878e6e371f325f17bb306c176edba6e421fb954187da4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:100,h2pri
last-modified: Sat, 09 Jan 2016 16:11:57 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=21533, status=vary_header_present
etag: "541d-528e8f6852d40"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QsCV5g%2FhKrix8JOqi2v8WyGVsroZcXbqdDSBa1x9r%2F%2FfHVJIUa%2BmMGI9f2GPZZyWh32Sqm2yYZArGhLvxuPr5xELET%2FrhpiuBemP97GFktF1G3fNC%2BpvuEbyJMw5IzGBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 75537f6da896e055-NRT
content-length: 13613

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 111 KB
38 KB 186ms
100ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab74b3603b72a97d4bd74ed43ad277a5ea010520e8804b8a95abc5c06f27f39a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37995
x-xss-protection: 0
server: cafe
etag: 5504713123562680425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:43:41 GMT

GET
H2 200 foot2016kuku.png
magical.kuku.lu/img/ 12 KB
12 KB 20ms
19ms Image
image/png 104.26.6.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/foot2016kuku.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566dc667c75af793591982c36306a91a09f02c4ce4d41eb4ed68874e2643e88c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171
cf-polished: origSize=12864, status=vary_header_present
content-length: 12301
cf-bgj: imgq:100,h2pri
last-modified: Sat, 09 Jan 2016 16:05:40 GMT
server: cloudflare
etag: "3240-528e8e00c9d00"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw7ZaYjVOJs3YX7hyUAGKPSrF%2FdPc132T9lkUfEFGMS5xKEH51T29yG1NjadsU%2Fs7kFcQh8adtgwT%2Ffh8xVWAbSjr7Ahkr3DGqOuLmfT8VoSlqW0UKUZwLe%2Fy%2F8j9Cc%2F8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 75537f6da897e055-NRT

GET
H2 200 aquapal.png
magical.kuku.lu/img/ 967 B
1 KB 21ms
20ms Image
image/png 104.26.6.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/aquapal.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a694ff2fa675936b314330ca2ffb8738a682c810f402b148e541c05274add1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171
cf-polished: origSize=1783, status=vary_header_present
content-length: 967
cf-bgj: imgq:100,h2pri
last-modified: Mon, 06 Feb 2012 18:34:15 GMT
server: cloudflare
etag: "6f7-4b84fe8d457c0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfG9ta3WMp24NdOCjfFUyGcrBnEo7HWHSH8E0E3qA5pQLFWjYqrNFNRO%2BMnSWNNEksQ5BpQdQpaTL5y88BVt5J6G%2F9oNwDzXUt64qo2EuqCXTruCoVr%2FtsB3E06l%2B5lOGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 75537f6da898e055-NRT

GET
H2 200 top2016b.png
magical.kuku.lu/img/ 538 B
883 B 22ms
19ms Image
image/png 104.26.6.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/top2016b.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67c84d80089d0e5b5028b8cfa153501e0c0f3981d966d9c39bdcb8fc404b015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:100,h2pri
last-modified: Sat, 09 Jan 2016 16:14:33 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=640, status=vary_header_present
etag: "280-528e8ffd18c40"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwHlubBcOYXVDFOeONYQS2EsjM93Q3bwRRbDL3nlFwP7IMPukQqyz6t5OXx983LhCtwhkXWFFq2NtHpBFmupWLfllc7d5FJGkqH21OnmPBE%2FgBlLl8B8xukQiWVQIPMcVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 75537f6dc8e1e055-NRT
content-length: 538

POST
H2 204 collect
www.google-analytics.com/g/ 0
347 B 83ms
36ms Ping
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QLSXLE74DJ&gtm=2oea30&_p=889883801&cid=324834028.1664945021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664945021&sct=1&seg=0&dl=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&dt=Inquiry%20%7C%20MagicalKukusama&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLSXLE74DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 04:43:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://magical.kuku.lu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
123 KB 103ms
102ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68364019fe41501c40d31350f181d84bc56a9ed9df05585b1f24362361914188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125834
x-xss-protection: 0
server: cafe
etag: 8407387809973697034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:43:41 GMT

GET
H2 200 foot2016.png
magical.kuku.lu/img/ 896 B
1 KB 10ms
10ms Image
image/png 104.26.6.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magical.kuku.lu/img/foot2016.png
Requested by: Host: magical.kuku.lu
URL: https://magical.kuku.lu/page.contact.php?type=MailNow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd394264f31d7f0b5d1a8cbec445aa1276f4ec3c0f2525447f4e68b0f5a980c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/page.contact.php?type=MailNow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6627
cf-polished: origSize=1331, status=vary_header_present
content-length: 896
cf-bgj: imgq:100,h2pri
last-modified: Sat, 09 Jan 2016 16:01:27 GMT
server: cloudflare
etag: "533-528e8d0f823c0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqV%2BBWykhNGLTg9F5eenXHaOPMuYzCtrIkFeM7%2BdnD1SP1WeuxOFJoA%2FIZnT0sc1%2FoPrH7FsHLkTyar2AoOctPdC9Dw2C%2FLsWWP6l5mEipOq9fhDmo3HhZ6SQPN90apnXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 75537f6f2a9ae055-NRT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ 55 KB
21 KB 5ms
5ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f6a825722748a17d4b957a5c151cc8707bdfe95f3b737645e4bc138557c3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21920
x-xss-protection: 0
server: cafe
etag: 13018376569377644444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:31:51 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
694 B 163ms
39ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=magical.kuku.lu&callback=_gfp_s_&client=ca-pub-6235967741013519&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf040c48bbda3448479d87f735ac2dfdee36f6013f1d845c90964759964a6173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 165ms
39ms Script
application/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=magical.kuku.lu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 143ms
44ms Script
application/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=magical.kuku.lu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 32EE 114 KB
33 KB 597ms
596ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=1193451086&adf=1160220461&pi=t.ma~as.3123457437&w=728&lmt=1664945021&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664945021266&bpp=36&bdt=277&idt=253&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=4083397523962&rume=1&frm=20&pv=2&ga_vid=324834028.1664945021&ga_sid=1664945022&ga_hid=889883801&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069178%2C44772927%2C31061691%2C31061692%2C31062930&oid=2&pvsid=1493806641767660&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nxcmcsvklj&p=https%3A//magical.kuku.lu&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9bdabf712ee7c1b53715c7e8dda83a3da280f1a6b96997efa721a24b5c7ebfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33475
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 04:43:42 GMT
expires: Wed, 05 Oct 2022 04:43:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 32EE 8 KB
1 KB 92ms
43ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=1193451086&adf=1160220461&pi=t.ma~as.3123457437&w=728&lmt=1664945021&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664945021266&bpp=36&bdt=277&idt=253&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=4083397523962&rume=1&frm=20&pv=2&ga_vid=324834028.1664945021&ga_sid=1664945022&ga_hid=889883801&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069178%2C44772927%2C31061691%2C31061692%2C31062930&oid=2&pvsid=1493806641767660&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nxcmcsvklj&p=https%3A//magical.kuku.lu&dtd=272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 04:23:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 04:43:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 32EE 2 KB
982 B 118ms
6ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 04:42:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 32EE 23 KB
10 KB 114ms
2ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 04:40:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 32EE 3 KB
1 KB 115ms
7ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 04:40:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 32EE 17 KB
7 KB 116ms
4ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 04:42:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32EE 141 KB
44 KB 155ms
43ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 04:43:42 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 32EE 32 KB
14 KB 116ms
8ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 01:54:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 32EE 0
0 50ms
50ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT9usfQs9Y974IoP2rQTa3pGICvnV6MNqv7WXqbcL4fiG3JoYEAEgkZCUF2CJ88WE9BOgAfHv_50DyAEJqQKkbewRvPFgPqgDAcgDywSqBOgBT9Cazmt4SNyrNspDpM0Dc79bYzbri-gBfgnMPY5m8Ch0HbKvFIkijf9X6x9hGf5WkUk1_bfT9OprdGrg7422HRVItJd_9bsEPuiP67LeS-RDUHu7OWvySz6ZLdEeJXiwu8qswwxt-ODP5FmS-P8C3HWj_nsqjeiP0LHgVcLEaApow30H_pZuShYhZ8IKvzCVGkfKRZPL2YUonipQuF9VfMW0hicQ9butd6rdKFWUWVzciXxqbEBCP9wjKNybvr9RABc41QIV1mvcPGhuGilQuQIY9EI1uEiJmRGQwPYyGic3H5lDXG6j4MAEnveRqaICkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_ePgGKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQn_8J0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQF0BUBmBYBgBcBshccChoIABIUcHViLTYyMzU5Njc3NDEwMTM1MTkYAA&sigh=JOe_tEdj7-c&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=90&slotname=3123457437&adk=1193451086&adf=1160220461&pi=t.ma~as.3123457437&w=728&lmt=1664945021&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664945021266&bpp=36&bdt=277&idt=253&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=4083397523962&rume=1&frm=20&pv=2&ga_vid=324834028.1664945021&ga_sid=1664945022&ga_hid=889883801&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069178%2C44772927%2C31061691%2C31061692%2C31062930&oid=2&pvsid=1493806641767660&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nxcmcsvklj&p=https%3A//magical.kuku.lu&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Oct 2022 04:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 05 Oct 2022 04:43:42 GMT

GET
H2 200 6065848933624153454_7294698467941229071.png
static.doubleclick.net/dynamic/5/125095124/ Frame 32EE 72 KB
72 KB 119ms
18ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/125095124/6065848933624153454_7294698467941229071.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb0c20db75f70658756bbbffb0db363c976676138428ddf0b1190477062420a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:45:38 GMT
x-content-type-options: nosniff
age: 475084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73243
x-xss-protection: 0
last-modified: Sat, 14 Mar 2020 17:05:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 16:45:38 GMT

GET
H2 200 17536099060821391207_8680185040854357510.png
static.doubleclick.net/dynamic/5/125095124/ Frame 32EE 65 KB
65 KB 131ms
31ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/125095124/17536099060821391207_8680185040854357510.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf9cfcdeb5ed31e313fc1629f65071b290c99409b893354647ecdc3d2dd5f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 20:08:02 GMT
x-content-type-options: nosniff
age: 376540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66431
x-xss-protection: 0
last-modified: Fri, 01 Nov 2019 10:36:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 20:08:02 GMT

GET
H2 200 9471063476967338210_13841802684953928022.png
static.doubleclick.net/dynamic/5/125095124/ Frame 32EE 68 KB
68 KB 113ms
12ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/125095124/9471063476967338210_13841802684953928022.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02c57d3f300f0ca720ff3a2d8e4c4914f6e7c1de94b791f3f2b834f5f3ce0d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:51:48 GMT
x-content-type-options: nosniff
age: 10314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69851
x-xss-protection: 0
last-modified: Fri, 01 Nov 2019 10:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 01:51:48 GMT

GET
H2 200 15304879777257760979_10963078685416107659.png
static.doubleclick.net/dynamic/5/125095124/ Frame 32EE 62 KB
62 KB 110ms
10ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/125095124/15304879777257760979_10963078685416107659.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28bc38d93cbbad267845512fd2448df1585985aafbf03e98371bbf0204b15918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 11:40:39 GMT
x-content-type-options: nosniff
age: 320583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63234
x-xss-protection: 0
last-modified: Sun, 03 Nov 2019 17:05:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 11:40:39 GMT

GET
H2 200 2402585886565970596_8426675037248272058.png
static.doubleclick.net/dynamic/5/125095124/ Frame 32EE 60 KB
60 KB 114ms
14ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/125095124/2402585886565970596_8426675037248272058.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516c3aee0bf90861ba1dc2d0fe03ed2a8667f8f3b1266b77694b7bf77a5e62d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 22:29:04 GMT
x-content-type-options: nosniff
age: 454478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61768
x-xss-protection: 0
last-modified: Fri, 01 Nov 2019 10:41:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 22:29:04 GMT

GET
H2 200 2272285517565368134_9839196741430775054.png
static.doubleclick.net/dynamic/5/125095124/ Frame 32EE 46 KB
46 KB 131ms
32ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/125095124/2272285517565368134_9839196741430775054.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

120d40c850a6f4a837b372558a653209e07fd819683503b23a783a493d5351d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 20:02:12 GMT
x-content-type-options: nosniff
age: 290490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46709
x-xss-protection: 0
last-modified: Mon, 09 Mar 2020 17:26:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 20:02:12 GMT

GET
H2 200 5965056171708988711_8414385142130346406.png
static.doubleclick.net/dynamic/5/125095124/ Frame 32EE 63 KB
63 KB 113ms
17ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/125095124/5965056171708988711_8414385142130346406.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd22b8c32f720bec931f6c7021422d70440f466a8606f7eeec9c75614b48cf79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 21:48:05 GMT
x-content-type-options: nosniff
age: 284137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64551
x-xss-protection: 0
last-modified: Tue, 17 Mar 2020 17:01:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 21:48:05 GMT

GET
H3

200

10029597440460631271
tpc.googlesyndication.com/simgad/ Frame 32EE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnvL_L7AEQhAcYhAcyCDGhXNUM4mQz
https://tpc.googlesyndication.com/simgad/10029597440460631271

25 KB
25 KB

54ms
8ms

Image
image/jpeg

2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10029597440460631271

Requested by

Protocol

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b8d7b66a7f1d128251094d6ce135588cc57e2b989f79d97b42008de9e917443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:52:33 GMT
x-content-type-options: nosniff
age: 10269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25739
x-xss-protection: 0
last-modified: Tue, 05 Nov 2019 03:54:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Oct 2023 01:52:33 GMT

Redirect headers

date: Tue, 04 Oct 2022 21:21:00 GMT
x-content-type-options: nosniff
server: cafe
age: 26562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/10029597440460631271
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 21:21:00 GMT

GET
DATA 200
OK truncated
/ Frame 32EE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da286dd4e35fadbaf7da320b1d293160cb17bd5e47976e024f15eeaeb0b4b382

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 32EE 28 KB
28 KB 213ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:35:04 GMT
x-content-type-options: nosniff
age: 547718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 20:35:04 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
53 KB 110ms
110ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24ba58ca78079cfa8f87b59e13d04d99fecc65de4a105045af20a2a960fd4cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54521
x-xss-protection: 0
server: cafe
etag: 13063956037890973995
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:43:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 101ms
59ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e4dc8df1c7410087f6845a33258dd8baa9f898ff9b018ea60cdfce3f8c5f2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11207
x-xss-protection: 0

GET
H3 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame E0A7 36 KB
16 KB 5ms
4ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 15:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 15:00:54 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 32EE 63 KB
23 KB 83ms
3ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12f7ca6063a379163fe20065ca2685f3d54b88b2255cb3e9adae96f5c5d8f1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 03:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3321
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23582
x-xss-protection: 0
server: cafe
etag: 15429574133646473231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:48:21 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 32EE 0
327 B 165ms
39ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l8v5a19x&chm=1&ctx=2&gqid=fQs9Y9GbIpKR29gP68emgAw&qqid=CJ6r08SjyPoCFQN7iwodWm8EoQ&met.4=fb.h6~lb.kt~ol.mt~bdt.-fa~bpp.-6l~idt.-k~dtd.-1~dt.-7l&met.3=733.lx~742.lw_1~748.mb~555.mg~739.mh~556.mh_2~738.mr~749.mr_3~736.mv~735.mx_1~113.pf_4~112.pe_5&met.1=1.l8v5a0kj~6.0~7.0~8.0~9.0~10.0~12.1~13.gl~14.gu~15.gr~16.mh~17.mh~18.mj~19.mk~20.mk~21.mt~22.hr~23.hr&met.7=CAUQCBgBMN4EOLUGaAFw1QR474cCgAHDhQKIAaKMB7ABAbgBAw~CBIQBxgBIOgEKOgEMMUFOF5A6ARI6gRQ6gRYmQVg7QRomQVwwwV4jwmAAeMGiAHzQqoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIOgEKOgEMN8FOHdo1wVw3gV4lwmAAesGiAHBDLABAbgBAw~CAkQChgBIOgEKOgEMNwFOHRA6QRIkAVQkAVYyQVglAVo1gVw2wV4hU2AAdlKiAHutwGwAQG4AQM~CB4QChgBIOkEKOkEMOAFOHho1wVw3wV4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIOkEKOkEMN4FOHVo1gVw3QV4sz2AAYc7iAHWiQGwAQG4AQM~CCoQChgBIOkEKOkEMI0GOKQB~CBsQChgBIOkEKOkEMOIFOHo~CCEQBBgBIO4EKO4EMKEFODNo7gRwoAV4rAKwAQG4AQM~CBsQAhgBIPQEKPQEMPoFOIYB~CBsQAhgBIPUEKPUEMPwFOIgB~CBsQAhgBIPUEKPUEMPgFOIMB~CBsQAhgBIPUEKPUEMO4FOHk~CBsQAhgBIPUEKPUEMPEFOHw~CBsQAhgBIPUEKPUEMPwFOIcB~CBsQAhgBIPUEKPUEMPMFOH4~CAQQAhgBIPYEKOMFMJwGOKYBQOUFSOUFUOUFWJEGYOUFaJEGcJkGeLfLAYABi8kBiAGLyQGQAfYEmAHhBbABAbgBAw~CCgQChgBILgGKLgGMI4HOFZoiQdwiwd4yroBgAGeuAGIAfj2A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 04:43:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 57ms
57ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 04:43:42 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame AA00 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 24024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 22:03:18 GMT
etag: 9671129459699598864
expires: Tue, 18 Oct 2022 22:03:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 84ms
48ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=magical.kuku.lu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 85ms
44ms Script
application/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=magical.kuku.lu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAD5 0
16 B 46ms
45ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&lmt=1664945022&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2Fpage.contact.php%3Ftype%3DMailNow&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664945022503&bpp=3&bdt=1513&idt=3&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9492c438632669-22dfb9f4ded6002a%3AT%3D1664945021%3ART%3D1664945021%3AS%3DALNI_MYFG8sreT01BJhRw_39AXg8z55fWA&gpic=UID%3D00000a1a84d1a586%3AT%3D1664945021%3ART%3D1664945021%3AS%3DALNI_MZ4_FwCwlZXOp2wjX00NEjzgwqSyg&prev_slotnames=3123457437&nras=1&correlator=4083397523962&rume=1&frm=20&pv=1&ga_vid=324834028.1664945021&ga_sid=1664945022&ga_hid=889883801&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069178%2C44772927%2C31061691%2C31061692%2C31062930&oid=2&psts=APxP-9DVOXRUpfxwMg4VOWlSjq0TtW4XfujsDgLRzoKs-mmQM0JolipwzF6vP_2pHIDJZVsYYIMLNqwJsuK5qPM&pvsid=1493806641767660&tmod=2006741213&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=32

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 04:43:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7941 13 KB
5 KB 15ms
14ms Document
text/html 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 9100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 02:12:02 GMT
expires: Thu, 05 Oct 2023 02:12:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97E1 783 B
1 KB 108ms
42ms Document
text/html 2404:6800:4004:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fe4c126d583f9778edc27c15e453598c5ac772837d5a438e74ad73ff360bd07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gc_nDVK7THEaSs_Agse8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://magical.kuku.lu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-gc_nDVK7THEaSs_Agse8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 04:43:42 GMT
expires: Wed, 05 Oct 2022 04:43:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame 7941 36 KB
16 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 15:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 15:00:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7941 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v8QChw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:43:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 97E1 0
0 37ms
36ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=1493806641767660&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
39ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=1493806641767660&bg=!LS6lLmrNAAYQgTJdMIE7ACkAdvg8Wsb7V8vbQ1mkl7F7SbfRWQUHhdOMiRJ32TA3ZIUgm4PzlmCShQIAAABSUgAAAARoAQcKAOckAA_jy8H4nKnaHQJu9_N-j4S-BodYfhWjdau_060aqU7tLN-3vyj8UT7eddunrfFRDvwfWOL6GdiRePqMlrgaXeOiYBcDo6uP_ut1PRa3FpID3UIpikJBwfc47Q3QxUb4LMiDJVJ5BdnNOGXF4oImxcu7mbQsRDY47lkRM2tPLwpHJ4xfIIcnFJ4bqYctE7yyurcsHTTjyIviwxX6voOYgHu-SscAXLjCNN7tgI4GCmGum3HwfV9vj7_-8spaWpxKZ93NPwQHuDgSWoVe0K8u5Zcso99t2SiMmjprJdeQOJDYeuls2W6ZApdjXZKACWR-ZoWqPVfThEEeiS84fbQNRuRegv0J5EikNnoCixwSQvDeBBqjaJYi-JVFafS5tkeCd7fIjuVDACC8HCTUbFE0QpjRxeJ20dQfbaljTut-6M8EQXFhaAK5O7XEtUBqdCt1P3FSv5wh-vOzwySR6tus6ZhVPqB4qywogS8CESm28OqiZFHs-q9qpOl_gK2f15eaZWEheK0fN5xSqP52n1helgMaiVCLErtND44aq4_102cIpQGfkVjwWp3YSaSajcfDFImSRIT6gMZtJnb9-_BJUZv0D2yQS2IXgT8CfC8O_FRPYcx-U3RfDZPozP_wl1anoN5FKbSJBv_v49I7IyKVvigoTvpXiHloSLrfDMm3X0bMwXI-LVsd_Pzx85K9NIzOB5I5QK-cJfn90E9CNUF25LR_Z4fxPSOM-PhQfHcNH8pCkgE87sjFEQXkynp5x8fWEQlQkvoQ2EZFCMqyzZFsduQG2aL_qVVlWpDI8SqUrju75l5H7oLStO97OP0OJkByUbRRumJIST2_uc9y14Ky6DjIGP676AtxIEqj1Ka0Z1UrcsZCpxbvx3Rd9MIsCw5Sh4gORt6G8PLO6cvuqsRPfMl-yjdiFvg6MmjuBZdX9hQf7elZwy6Wk4AGopHGFQfPYkY-YET7Bm4m8ny_L4aRlSOyIUDNZUPztznK5CcsN1HqgVcfHio-YFG_4CT_cPPxMwNdcyy94QpFcjdWj026Y-m4PI4T2EksdiRm3QG3I1GxYStQO2oWSHfSPHe3ptTW4YmapRpopLxUsHEmjdFn2vuiQk9rZyNtbb_5Vt3BUoxmUWm8ory7n066VG3hwXAkp4qmQZ27JUkvbZOJYe2R0U2pcoNFUUNZgENllw4er1M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 32EE 42 B
64 B 45ms
44ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8gopaO0ZOUDyW4KtZgEscBME5k59xAw5LUBt5FF7-RrSJw60iztFdx8j7cqcHA3OOvQEi61XYIGHT2ahVwhjI7Pg-cISX_PUDNcd6tSQfoQDYkUgFmt6YwtYktuC5E3spUE8&sai=AMfl-YSnCxKnkkIflL4E3D-nwh2Ohya8JauKeOzdKxa_yJgdpl9aZQrj1WABsaNqAzGbyoRov3mPYJgiTR6wNdA&sig=Cg0ArKJSzJL2Jg1FuuxGEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1193451086&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664945021539&rpt=819&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 04:43:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 78ms
38ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l8v5a0kr&c=1493806641767660&e=44759876%2C44759927%2C44759837%2C42531706%2C31069178%2C44772927%2C31061691%2C31061692&ctx=1&met.3=779.ax~158.a9_x~1032.h6~326.ha_1~832.hd~868.hd~216.h6_8~215.h6_8~843.h5_a~889.hl~639.hr~914.hr~112.hy_1~629.m3_3~168.12k~168.12l~168.12l_1~168.12l_1~113.14n_1~779.18f~1001.18j_1__1~1032.18m~326.18m~832.18m~868.18m~164.18l_2~165.18i_5~166.18b_w~889.19e~639.19g~914.19g&met.1=1.l8v5a02t~6.t~7.u~8.u~9.u~10.1t~11.16~12.1t~13.2f~14.2f~15.2h~16.b9~17.b9~18.b9~19.14j~20.14j~21.14k~22.53~23.53
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://magical.kuku.lu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 04:43:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kuku.lu/	1970-01-20 16:05:05	Name: _ga_QLSXLE74DJ Value: GS1.1.1664945021.1.0.1664945021.0.0.0
.kuku.lu/	1970-01-20 16:05:05	Name: _ga Value: GA1.1.324834028.1664945021
.kuku.lu/	1970-01-20 16:05:05	Name: ffucs Value: KDRjKSgxNjAweDEyMDApKEludGVsIEluYy5%2BSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lKSg0YykoMTYwMHgxMjAwKShJbnRlbCBJbmMufkludGVsIElyaXMgT3BlbkdMIEVuZ2luZSk%3D
.kuku.lu/	1970-01-20 15:50:41	Name: __gads Value: ID=ee9492c438632669-22dfb9f4ded6002a:T=1664945021:RT=1664945021:S=ALNI_MYFG8sreT01BJhRw_39AXg8z55fWA
.kuku.lu/	1970-01-20 15:50:41	Name: __gpi Value: UID=00000a1a84d1a586:T=1664945021:RT=1664945021:S=ALNI_MZ4_FwCwlZXOp2wjX00NEjzgwqSyg
.doubleclick.net/	1970-01-20 16:05:05	Name: IDE Value: AHWqTUnU0GH2fl9G0j6iHc5JYbIOgYYAcf0u2_Jbc7tA_M3mzwRJS7oZYy1NEnZjdVY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kukulu.erinn.biz
live.erinn.biz
magical.kuku.lu
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
static.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.26.15.232
104.26.6.161
2001:4860:4802:32::3
2404:6800:4004:801::2003
2404:6800:4004:80b::2002
2404:6800:4004:80b::2004
2404:6800:4004:81d::2001
2404:6800:4004:81f::2008
2404:6800:4004:821::2006
2404:6800:4004:822::2002
2404:6800:4004:822::200a
2404:6800:4004:823::2003
2404:6800:4004:824::2002
2404:6800:4004:825::200e
2404:6800:4004:827::2002
02c57d3f300f0ca720ff3a2d8e4c4914f6e7c1de94b791f3f2b834f5f3ce0d1d
07a694ff2fa675936b314330ca2ffb8738a682c810f402b148e541c05274add1
0bbb183436474e45fbfd60632ba6506cecaf9539e2b24927e32aca2a549e1bff
120d40c850a6f4a837b372558a653209e07fd819683503b23a783a493d5351d3
12f7ca6063a379163fe20065ca2685f3d54b88b2255cb3e9adae96f5c5d8f1db
24ba58ca78079cfa8f87b59e13d04d99fecc65de4a105045af20a2a960fd4cc0
275b6a8bcab258a0580052d335d83a502a693904fae4cc53e3509b3e92c40715
28bc38d93cbbad267845512fd2448df1585985aafbf03e98371bbf0204b15918
2b8d7b66a7f1d128251094d6ce135588cc57e2b989f79d97b42008de9e917443
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4fe4c126d583f9778edc27c15e453598c5ac772837d5a438e74ad73ff360bd07
516c3aee0bf90861ba1dc2d0fe03ed2a8667f8f3b1266b77694b7bf77a5e62d5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566dc667c75af793591982c36306a91a09f02c4ce4d41eb4ed68874e2643e88c
5eb0c20db75f70658756bbbffb0db363c976676138428ddf0b1190477062420a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68364019fe41501c40d31350f181d84bc56a9ed9df05585b1f24362361914188
687bdf7024469b9b89521e7fa35f0caba18df71ce407c6a807a4114ac4e5e8f3
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7e4dc8df1c7410087f6845a33258dd8baa9f898ff9b018ea60cdfce3f8c5f2b8
81f6a825722748a17d4b957a5c151cc8707bdfe95f3b737645e4bc138557c3c3
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab74b3603b72a97d4bd74ed43ad277a5ea010520e8804b8a95abc5c06f27f39a
bf040c48bbda3448479d87f735ac2dfdee36f6013f1d845c90964759964a6173
ccd394264f31d7f0b5d1a8cbec445aa1276f4ec3c0f2525447f4e68b0f5a980c
ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea
d67c84d80089d0e5b5028b8cfa153501e0c0f3981d966d9c39bdcb8fc404b015
da00a735ede6be0ca5e0e7fb3e2624f8383d59918d58b9a45d945f8ceb119c0a
da286dd4e35fadbaf7da320b1d293160cb17bd5e47976e024f15eeaeb0b4b382
dcf9cfcdeb5ed31e313fc1629f65071b290c99409b893354647ecdc3d2dd5f96
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f203261103ea93f0873878e6e371f325f17bb306c176edba6e421fb954187da4
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f9bdabf712ee7c1b53715c7e8dda83a3da280f1a6b96997efa721a24b5c7ebfd
fd22b8c32f720bec931f6c7021422d70440f466a8606f7eeec9c75614b48cf79

magical.kuku.lu Open in urlscan Pro 104.26.6.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

87 %IPv6

12 Domains

19 Subdomains

16 IPs

2 Countries

1050 kBTransfer

1998 kBSize

6 Cookies

17 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

magical.kuku.lu Open in urlscan Pro
104.26.6.161 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

87 %
IPv6

12
Domains

19
Subdomains

16
IPs

2
Countries

1050 kB
Transfer

1998 kB
Size

6
Cookies

54 HTTP transactions
1 data transactions