Submitted URL: http://kuku.neko2.net/
Effective URL: https://magical.kuku.lu/
Submission: On December 20 via manual from PH

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 45 HTTP transactions. The main IP is 104.26.2.85, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is magical.kuku.lu.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 11th 2019. Valid for: a year.
This is the only time magical.kuku.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 133.130.103.18 7506 (INTERQ GM...)
30 104.26.2.85 13335 (CLOUDFLAR...)
1 104.26.15.232 13335 (CLOUDFLAR...)
3 104.26.14.232 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
45 6
Domain Requested by
30 magical.kuku.lu magical.kuku.lu
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 pagead2.googlesyndication.com magical.kuku.lu
pagead2.googlesyndication.com
3 kukulu.erinn.biz magical.kuku.lu
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.google-analytics.com magical.kuku.lu
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 live.erinn.biz magical.kuku.lu
1 kuku.neko2.net 1 redirects
45 10
Subject Issuer Validity Valid
kuku.lu
CloudFlare Inc ECC CA-2
2019-02-11 -
2020-02-11
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-03 -
2020-10-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh

This page contains 5 frames:

Primary Page: https://magical.kuku.lu/
Frame ID: A7CEB7DD8EC3DCB5D92E747A9B84B85D
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: C5DD2E31B3ABE17E93666B615E466FA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=600&slotname=8165143813&adk=3532086201&adf=2437290725&w=160&lmt=1576836858&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fmagical.kuku.lu%2F&flash=0&wgl=1&adsid=NT&dt=1576836858687&bpp=20&bdt=1106&fdt=108&idt=108&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&correlator=4377708166053&frm=20&pv=2&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=8874&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=828&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Rf8T67eM78&p=https%3A//magical.kuku.lu&dtd=120
Frame ID: 613ED16CFC5820CD2F32CE5CDDE1C77F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=9176414207&adk=336717694&adf=1757488073&w=336&lmt=1576836858&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fmagical.kuku.lu%2F&flash=0&wgl=1&adsid=NT&dt=1576836858725&bpp=36&bdt=1145&fdt=105&idt=105&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_slotnames=8165143813&correlator=4377708166053&frm=20&pv=1&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=139946&dssz=19&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=493&ady=376&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=T6BmRBkgoW&p=https%3A//magical.kuku.lu&dtd=108
Frame ID: 1622E67F190E232D52FA836A11457C99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&lmt=1576836859&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576836859438&bpp=4&bdt=1857&fdt=4&idt=4&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813&nras=1&correlator=4377708166053&frm=20&pv=1&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=139946&dssz=19&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=8
Frame ID: 443F232ECF720B37A8DDCEC5EC26223B
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://kuku.neko2.net/ HTTP 302
    https://magical.kuku.lu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

45
Requests

100 %
HTTPS

43 %
IPv6

9
Domains

10
Subdomains

6
IPs

3
Countries

764 kB
Transfer

1174 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kuku.neko2.net/ HTTP 302
    https://magical.kuku.lu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
magical.kuku.lu/
Redirect Chain
  • http://kuku.neko2.net/
  • https://magical.kuku.lu/
83 KB
14 KB
Document
General
Full URL
https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
1cc70ac1091c5988a62b3c592c2d73f6a64455e7a9a55bc592720087d3fb4070

Request headers

:method
GET
:authority
magical.kuku.lu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Fri, 20 Dec 2019 10:14:17 GMT
content-type
text/html; charset=UTF-8
content-length
13975
set-cookie
__cfduid=df3a9d66f164e642cc117cfdf9b982dfe1576836857; expires=Sun, 19-Jan-20 10:14:17 GMT; path=/; domain=.kuku.lu; HttpOnly; SameSite=Lax
x-powered-by
Secret
vary
Accept-Encoding,User-Agent
content-encoding
gzip
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5480d93448547203-AMS

Redirect headers

Date
Fri, 20 Dec 2019 10:14:16 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By
Secret
Location
https://magical.kuku.lu/
Vary
User-Agent
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
_useruuid.js.php
live.erinn.biz/
0
610 B
Script
General
Full URL
https://live.erinn.biz/_useruuid.js.php
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2678400;

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/html; charset=UTF-8
status
200
strict-transport-security
max-age=2678400;
cf-ray
5480d938efd82b92-AMS
content-length
0
header_ar.png
kukulu.erinn.biz/img/
192 B
300 B
Image
General
Full URL
https://kukulu.erinn.biz/img/header_ar.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e031f8c24f85b1290ff81de4aef0ec1ce89f2e6e2d406cc22f431fc6bf6a04f

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:17 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Jan 2014 13:47:32 GMT
server
cloudflare
age
3613
etag
"c0-4efee6f18e500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5480d938d8109bd3-AMS
content-length
192
t.gif
kukulu.erinn.biz/img/
986 B
1 KB
Image
General
Full URL
https://kukulu.erinn.biz/img/t.gif
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:17 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Jun 2019 17:36:08 GMT
server
cloudflare
age
3613
etag
"3da-58b4c14e6d200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5480d938e8129bd3-AMS
content-length
986
a.gif
kukulu.erinn.biz/img/
227 B
328 B
Image
General
Full URL
https://kukulu.erinn.biz/img/a.gif
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da00a735ede6be0ca5e0e7fb3e2624f8383d59918d58b9a45d945f8ceb119c0a

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:17 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2013 02:57:35 GMT
server
cloudflare
age
3613
etag
"e3-4e0a6bd7b25c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5480d939083b9bd3-AMS
content-length
227
top2016c.png
magical.kuku.lu/img/
13 KB
13 KB
Image
General
Full URL
https://magical.kuku.lu/img/top2016c.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c70fad8e3eeb9c5c9a8701fc8bdd586c66793146aabb8fda6bd4435578ebff5

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 09 Jan 2016 16:11:57 GMT
server
cloudflare
etag
"541d-528e8f6852d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=28800
cf-polished
pngoptimizer, origSize=21533
accept-ranges
bytes
cf-ray
5480d9394d307203-AMS
content-length
13490
cf-bgj
imgq:100
twiacc.png
magical.kuku.lu/img/
2 KB
2 KB
Image
General
Full URL
https://magical.kuku.lu/img/twiacc.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4dfff6eaee021d39727a488d663f45c307876494d9ed53195f6a7d845fede3

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
cf-cache-status
MISS
last-modified
Sun, 14 Apr 2013 09:53:34 GMT
server
cloudflare
etag
"8a1-4da4f1c01e380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
5480d9396d437203-AMS
content-length
2209
ar.png
magical.kuku.lu/img/
166 B
265 B
Image
General
Full URL
https://magical.kuku.lu/img/ar.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb58bd6a9970162272082b5853fd106b5478d2faf7e36ca577b80b09327f556

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Oct 2012 20:46:37 GMT
server
cloudflare
etag
"a6-4cba66f2be540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
5480d93cb8167203-AMS
content-length
166
show_ads.js
pagead2.googlesyndication.com/pagead/
78 KB
29 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2c08b5b8f62b8b8ff7cf20b959f3e1c59131a6ab0b1b1acd9e53ca6c71faec1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29460
x-xss-protection
0
server
cafe
etag
14098270111006999435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 Dec 2019 10:14:17 GMT
gamennow_proxy.php
magical.kuku.lu/
20 KB
20 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=3onjjg26d
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
e9751730474ffa0dc76ab89f9872009d218eb198f7a5153af22db159ae4515c1

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93cd8357203-AMS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
104 KB
37 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37933
x-xss-protection
0
server
cafe
etag
2924851815849280674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 Dec 2019 10:14:18 GMT
gamennow_proxy.php
magical.kuku.lu/
33 KB
33 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=64folojj1
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
6429cfeaf3d6ba8bebb2bdbbf07cad18a87d00afbf194999b95ed8dcd1505c29

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e19317203-AMS
gamennow_proxy.php
magical.kuku.lu/
26 KB
26 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=56boikbje
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
2b9dd9e697a6394485781bd42d42d2a0cf164909d9cb0baa68bbc4c2109d5395

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e19337203-AMS
s_1dbabcccefceeba79b7db76eb83a2e7b.jpeg
magical.kuku.lu/upimg/
28 KB
28 KB
Image
General
Full URL
https://magical.kuku.lu/upimg/s_1dbabcccefceeba79b7db76eb83a2e7b.jpeg
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bcfa437af158a2848e63c9af5a5c6e34a15fe2397daaed7377fa0bde8d099e7

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
last-modified
Sat, 07 Dec 2019 21:26:58 GMT
server
cloudflare
etag
"6f2d-59923d28014f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
5480d93e19347203-AMS
content-length
28461
gamennow_proxy.php
magical.kuku.lu/
30 KB
30 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=3l4i4lno
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
20b2ce459045afc8556c7a469b7d924b9c45c93b9c82b770bd1880ec2825fe0e

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e19357203-AMS
gamennow_proxy.php
magical.kuku.lu/
26 KB
26 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=1hao1c725
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
724b77dc583298dc59e6cf2821644750f9f5794d0f6b4803048d50c3fc7f6425

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e19367203-AMS
gamennow_proxy.php
magical.kuku.lu/
13 KB
13 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=73ebbf01a
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
628f55d62c3097dcb7239f55f808d0dd1d7e48ec10d4b8e5df563ee727eaffb3

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e19387203-AMS
gamennow_proxy.php
magical.kuku.lu/
18 KB
18 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=5509dcih9
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
55fd15e70aba714e89c504d757cd751067eea9f215b5802081db71b2ae3c80a0

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e19397203-AMS
gamennow_proxy.php
magical.kuku.lu/
20 KB
21 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=500l34ke4
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
6e17c0bda37d5463d6d5a9882d7f3c47769841a622595a53a816c09ea9c54035

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e193a7203-AMS
gamennow_proxy.php
magical.kuku.lu/
24 KB
24 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=1h1lb5co8
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
6332931565164496c9e9fd66553120bb97bfbaa6d6522ab12bd76f94a11deca1

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e193c7203-AMS
gamennow_proxy.php
magical.kuku.lu/
23 KB
23 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=2h9ea4cbf
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
347c3ce67aff0c56dc25d2ad38d91813dfc65a13f7bcb561132219eb73c3bbf7

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e193d7203-AMS
gamennow_proxy.php
magical.kuku.lu/
27 KB
27 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=1fl67iok2
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
0dcd7f54771d4e5852973256e1f86d4baa0553593c6c87e133d2b752d7bc48b1

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e294f7203-AMS
gamennow_proxy.php
magical.kuku.lu/
19 KB
19 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=1i1d9go73
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
35f56427e2843e24657fddd3587acbe2f5997e594003af01d3a3ebdb24ac2f63

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e29517203-AMS
gamennow_proxy.php
magical.kuku.lu/
17 KB
17 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=3dk7n19ed
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
ea9adbe35a14f74199d1144e7fec409042cfba99623ebf7ed20e29a421cbc572

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e29527203-AMS
gamennow_proxy.php
magical.kuku.lu/
28 KB
28 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=6ol4m4j4e
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
11ac87b3f8faa063f744028f728b21fdde6bace5f8cffb19a11a2b50df7e41be

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e29537203-AMS
gamennow_proxy.php
magical.kuku.lu/
20 KB
20 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=2od9nk8k
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
44a0fd3efdb791c7f45d63ddc7f9361cb137f1ccd1ba583c4e32640d12c416c3

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e29567203-AMS
gamennow_proxy.php
magical.kuku.lu/
16 KB
16 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=35lfejna2
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
8125ddaeb88d0184b8d72825bd9bd0ef7388affe8658b4ebb43d8a0da48412fb

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e29577203-AMS
gamennow_proxy.php
magical.kuku.lu/
26 KB
26 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=72nem2c3k
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
cd1d32031fab106b108a06301573e3586bc037379abf66be3484a5bc6906213a

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e29587203-AMS
gamennow_proxy.php
magical.kuku.lu/
20 KB
20 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=34njc09k2
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
a10a5ac891f5799b83d27fbca0f2a3499a2b996184062b56d9c6d7aaa3af1a52

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e29597203-AMS
gamennow_proxy.php
magical.kuku.lu/
15 KB
15 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=2id7a110
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
91f74e84593e342dee9c126dafb06c98df38705a7799520ae307bff04737a670

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e295a7203-AMS
gamennow_proxy.php
magical.kuku.lu/
27 KB
27 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=2lo07dioc
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
ddf13b8440e2d160f7ce1a683a0f3df05c292ebf0f366bdc76e62cd1887038a6

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e295c7203-AMS
gamennow_proxy.php
magical.kuku.lu/
34 KB
34 KB
Image
General
Full URL
https://magical.kuku.lu/gamennow_proxy.php?q=6f4c6be9k
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Secret
Resource Hash
03f91c9205f75ac88a8712ca9bdfbf1bff3e6dabed1c391151e92b89797ca081

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
Secret
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=28800
cf-ray
5480d93e295e7203-AMS
foot2016kuku.png
magical.kuku.lu/img/
12 KB
12 KB
Image
General
Full URL
https://magical.kuku.lu/img/foot2016kuku.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51843f4c6af99f45aa85d6d05137bae96ab1e65fc0690bd08569e8a83c04fcc

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 09 Jan 2016 16:05:40 GMT
server
cloudflare
etag
"3240-528e8e00c9d00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=28800
cf-polished
pngoptimizer, origSize=12864
accept-ranges
bytes
cf-ray
5480d93e295f7203-AMS
content-length
12211
cf-bgj
imgq:100
aquapal.png
magical.kuku.lu/img/
1 KB
1 KB
Image
General
Full URL
https://magical.kuku.lu/img/aquapal.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4d18e4680fa6ebbbe71671b3cd6778b953ad9a6cc6f2f06386af282d9bd25d

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 06 Feb 2012 18:34:15 GMT
server
cloudflare
etag
"6f7-4b84fe8d457c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=28800
cf-polished
origSize=1783
accept-ranges
bytes
cf-ray
5480d93e29617203-AMS
content-length
1262
cf-bgj
imgq:100
top2016b.png
magical.kuku.lu/img/
500 B
612 B
Image
General
Full URL
https://magical.kuku.lu/img/top2016b.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
041e1e0d22e1db8c76ea42d1fe7d317a6eacaa98a111bed5149ca66e14f98020

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 09 Jan 2016 16:14:33 GMT
server
cloudflare
etag
"280-528e8ffd18c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=28800
cf-polished
origSize=640
accept-ranges
bytes
cf-ray
5480d93eb9c57203-AMS
content-length
500
cf-bgj
imgq:100
integrator.js
adservice.google.de/adsid/
109 B
778 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=magical.kuku.lu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
323 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=magical.kuku.lu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/
245 KB
90 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
91654
x-xss-protection
0
server
cafe
etag
2923717731764352670
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Dec 2019 10:14:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame C5DD
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://magical.kuku.lu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://magical.kuku.lu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 19 Dec 2019 17:33:14 GMT
expires
Thu, 02 Jan 2020 17:33:14 GMT
content-type
text/html; charset=UTF-8
etag
13309989325511048345
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6574
x-xss-protection
0
cache-control
public, max-age=1209600
age
60064
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6041
date
Fri, 20 Dec 2019 08:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 20 Dec 2019 10:33:37 GMT
foot2016.png
magical.kuku.lu/img/
983 B
1 KB
Image
General
Full URL
https://magical.kuku.lu/img/foot2016.png
Requested by
Host: magical.kuku.lu
URL: https://magical.kuku.lu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
639ba804ce687bae023c2d631d7ddf9bc53bdbbe08cab47fef1be680aac7332c

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:19 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 09 Jan 2016 16:01:27 GMT
server
cloudflare
etag
"533-528e8d0f823c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=28800
cf-polished
pngoptimizer, origSize=1331
accept-ranges
bytes
cf-ray
5480d93f6a757203-AMS
content-length
983
cf-bgj
imgq:100
ads
googleads.g.doubleclick.net/pagead/ Frame 613E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=600&slotname=8165143813&adk=3532086201&adf=2437290725&w=160&lmt=1576836858&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fmagical.kuku.lu%2F&flash=0&wgl=1&adsid=NT&dt=1576836858687&bpp=20&bdt=1106&fdt=108&idt=108&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&correlator=4377708166053&frm=20&pv=2&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=8874&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=828&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Rf8T67eM78&p=https%3A//magical.kuku.lu&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6235967741013519&output=html&h=600&slotname=8165143813&adk=3532086201&adf=2437290725&w=160&lmt=1576836858&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fmagical.kuku.lu%2F&flash=0&wgl=1&adsid=NT&dt=1576836858687&bpp=20&bdt=1106&fdt=108&idt=108&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&correlator=4377708166053&frm=20&pv=2&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=8874&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=828&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Rf8T67eM78&p=https%3A//magical.kuku.lu&dtd=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://magical.kuku.lu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://magical.kuku.lu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Dec 2019 10:14:19 GMT
server
cafe
content-length
19732
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Dec-2019 10:29:18 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Fri, 20 Dec 2019 10:14:19 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
78 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://magical.kuku.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 10:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Fri, 20 Dec 2019 10:14:18 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1622
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=9176414207&adk=336717694&adf=1757488073&w=336&lmt=1576836858&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fmagical.kuku.lu%2F&flash=0&wgl=1&adsid=NT&dt=1576836858725&bpp=36&bdt=1145&fdt=105&idt=105&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_slotnames=8165143813&correlator=4377708166053&frm=20&pv=1&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=139946&dssz=19&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=493&ady=376&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=T6BmRBkgoW&p=https%3A//magical.kuku.lu&dtd=108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17425142638748824069/336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17425142638748824069/336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLq63Ib_w-YCFZQ6GwodTZIHLw&gqi=-p78XcuhM8bYba7BpLgF&layout=/sadbundle/%24csp%253Der3%24/17425142638748824069/336x280.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6235967741013519&output=html&h=280&slotname=9176414207&adk=336717694&adf=1757488073&w=336&lmt=1576836858&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fmagical.kuku.lu%2F&flash=0&wgl=1&adsid=NT&dt=1576836858725&bpp=36&bdt=1145&fdt=105&idt=105&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_slotnames=8165143813&correlator=4377708166053&frm=20&pv=1&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=139946&dssz=19&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=493&ady=376&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=T6BmRBkgoW&p=https%3A//magical.kuku.lu&dtd=108
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://magical.kuku.lu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://magical.kuku.lu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17425142638748824069/336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17425142638748824069/336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLq63Ib_w-YCFZQ6GwodTZIHLw&gqi=-p78XcuhM8bYba7BpLgF&layout=/sadbundle/%24csp%253Der3%24/17425142638748824069/336x280.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Dec 2019 10:14:19 GMT
server
cafe
content-length
27442
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Dec-2019 10:29:18 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Fri, 20 Dec 2019 10:14:19 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 443F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&lmt=1576836859&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576836859438&bpp=4&bdt=1857&fdt=4&idt=4&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813&nras=1&correlator=4377708166053&frm=20&pv=1&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=139946&dssz=19&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6235967741013519&output=html&adk=193914898&adf=935745360&lmt=1576836859&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmagical.kuku.lu%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576836859438&bpp=4&bdt=1857&fdt=4&idt=4&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=336x280&prev_slotnames=8165143813&nras=1&correlator=4377708166053&frm=20&pv=1&ga_vid=1667482012.1576836859&ga_sid=1576836859&ga_hid=2098613183&ga_fc=0&iag=0&icsg=139946&dssz=19&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C21065274&oid=3&pvsid=3495036448138709&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&dtd=8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://magical.kuku.lu/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmSWZFHKm4LsUM_rLa6pqdloxpciaX4ojLsimmvosFH_bk1syljyapAdYFP; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://magical.kuku.lu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Dec 2019 10:14:19 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| r_enable boolean| r_uuid boolean| r_fb function| open_header_aquapal function| goShortURL_Header object| post_num_list object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| googleToken object| googleIMState function| processGoogleToken boolean| _gfp_p_ boolean| _gfp_a_ number| google_unique_id object| google_sa_queue object| google_sl_win function| google_process_slots object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_core_dbp object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_bfa object| ebfa object| ebfaca object| google_eids object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_lact object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_only_pyv_ads object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_scs object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_video_url_to_fetch object| google_webgl_support object| google_yt_pt object| google_yt_up object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_refresh_count object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map object| google_t12n_vars object| adsbygoogle function| google_spfd number| google_lpabyc function| toggleView undefined| _hash string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmSWZFHKm4LsUM_rLa6pqdloxpciaX4ojLsimmvosFH_bk1syljyapAdYFP

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
kuku.neko2.net
kukulu.erinn.biz
live.erinn.biz
magical.kuku.lu
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
104.26.14.232
104.26.15.232
104.26.2.85
133.130.103.18
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:824::2002
03f91c9205f75ac88a8712ca9bdfbf1bff3e6dabed1c391151e92b89797ca081
041e1e0d22e1db8c76ea42d1fe7d317a6eacaa98a111bed5149ca66e14f98020
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0dcd7f54771d4e5852973256e1f86d4baa0553593c6c87e133d2b752d7bc48b1
11ac87b3f8faa063f744028f728b21fdde6bace5f8cffb19a11a2b50df7e41be
1c70fad8e3eeb9c5c9a8701fc8bdd586c66793146aabb8fda6bd4435578ebff5
1cc70ac1091c5988a62b3c592c2d73f6a64455e7a9a55bc592720087d3fb4070
1e031f8c24f85b1290ff81de4aef0ec1ce89f2e6e2d406cc22f431fc6bf6a04f
20b2ce459045afc8556c7a469b7d924b9c45c93b9c82b770bd1880ec2825fe0e
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
2b9dd9e697a6394485781bd42d42d2a0cf164909d9cb0baa68bbc4c2109d5395
2c08b5b8f62b8b8ff7cf20b959f3e1c59131a6ab0b1b1acd9e53ca6c71faec1a
347c3ce67aff0c56dc25d2ad38d91813dfc65a13f7bcb561132219eb73c3bbf7
35f56427e2843e24657fddd3587acbe2f5997e594003af01d3a3ebdb24ac2f63
44a0fd3efdb791c7f45d63ddc7f9361cb137f1ccd1ba583c4e32640d12c416c3
55fd15e70aba714e89c504d757cd751067eea9f215b5802081db71b2ae3c80a0
5bcfa437af158a2848e63c9af5a5c6e34a15fe2397daaed7377fa0bde8d099e7
628f55d62c3097dcb7239f55f808d0dd1d7e48ec10d4b8e5df563ee727eaffb3
6332931565164496c9e9fd66553120bb97bfbaa6d6522ab12bd76f94a11deca1
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
639ba804ce687bae023c2d631d7ddf9bc53bdbbe08cab47fef1be680aac7332c
6429cfeaf3d6ba8bebb2bdbbf07cad18a87d00afbf194999b95ed8dcd1505c29
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
6d4dfff6eaee021d39727a488d663f45c307876494d9ed53195f6a7d845fede3
6e17c0bda37d5463d6d5a9882d7f3c47769841a622595a53a816c09ea9c54035
724b77dc583298dc59e6cf2821644750f9f5794d0f6b4803048d50c3fc7f6425
8125ddaeb88d0184b8d72825bd9bd0ef7388affe8658b4ebb43d8a0da48412fb
91f74e84593e342dee9c126dafb06c98df38705a7799520ae307bff04737a670
a10a5ac891f5799b83d27fbca0f2a3499a2b996184062b56d9c6d7aaa3af1a52
a51843f4c6af99f45aa85d6d05137bae96ab1e65fc0690bd08569e8a83c04fcc
bb4d18e4680fa6ebbbe71671b3cd6778b953ad9a6cc6f2f06386af282d9bd25d
cd1d32031fab106b108a06301573e3586bc037379abf66be3484a5bc6906213a
ceef4568a47660beea74cfddbc97527ca2ec768b1c2b67eccd8f6f05f63357ea
da00a735ede6be0ca5e0e7fb3e2624f8383d59918d58b9a45d945f8ceb119c0a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ddf13b8440e2d160f7ce1a683a0f3df05c292ebf0f366bdc76e62cd1887038a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9751730474ffa0dc76ab89f9872009d218eb198f7a5153af22db159ae4515c1
ea9adbe35a14f74199d1144e7fec409042cfba99623ebf7ed20e29a421cbc572
fdb58bd6a9970162272082b5853fd106b5478d2faf7e36ca577b80b09327f556