urlscan.io logo urlscan.io
SecurityTrails logo

cdtrrracks.com Open in urlscan Pro
51.75.70.234  Public Scan

Go To Rescan Add Verdict Report
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Submission: On February 02 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 38 HTTP transactions. The main IP is 51.75.70.234, located in France and belongs to OVH, FR. The main domain is cdtrrracks.com.
This is the only time cdtrrracks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    51.75.70.234 (France)

ASN16276 (OVH, FR)
PTR: vps-4f3e839b.vps.ovh.net
cdtrrracks.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    18.66.244.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-244-28.dus51.r.cloudfront.net
z-na.amazon-adsystem.com
2    104.20.228.67 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
5    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
11 google.com
www.google.com — Cisco Umbrella Rank: 13
cse.google.com — Cisco Umbrella Rank: 2788
adservice.google.com — Cisco Umbrella Rank: 80
clients1.google.com — Cisco Umbrella Rank: 437
170 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
189 KB
8 cdtrrracks.com
cdtrrracks.com
21 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
10 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 11056
c.statcounter.com — Cisco Umbrella Rank: 7747
15 KB
1 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 35
178 B
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 27839
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
646 B
1 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 6391
8 KB
38 9
Domain Requested by
8 cdtrrracks.com cdtrrracks.com
7 www.google.com 1 redirects www.google.com
cdtrrracks.com
tpc.googlesyndication.com
6 pagead2.googlesyndication.com cdtrrracks.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cse.google.com cdtrrracks.com
www.google.com
1 clients1.google.com cdtrrracks.com
1 www.googleapis.com cdtrrracks.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com cdtrrracks.com
1 z-na.amazon-adsystem.com cdtrrracks.com
38 14

This site contains links to these domains. Also see Links.

Domain
freedb.org
blinmedia.com
Subject Issuer Validity Valid
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-06 -
2022-12-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Frame ID: A34692214D7866612CBF07188FB1D2C6
Requests: 25 HTTP requests in this frame

Frame: http://cdtrrracks.com/scripts/albumpicture.php?artist=MOJO%20in%20the%20Morning&album=Phone%20Scams%20Volume%201
Frame ID: 93397208707344DCF7C0B5CF941AC607
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Frame ID: 44308E579570163FAAECB40EC94FB2CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&h=280&slotname=4528045710&adk=2826534490&adf=118230528&pi=t.ma~as.4528045710&w=772&fwrn=4&fwrnh=100&lmt=1643817165&rafmt=1&psa=0&format=772x280&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1643817165363&bpp=3&bdt=216&idt=201&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1441068006247&frm=20&pv=2&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=220&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EfBlaYpbfS&p=http%3A//cdtrrracks.com&dtd=216
Frame ID: EB3E336E5F64F4B9D75359E8E3D06263
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&h=280&slotname=4615675623&adk=3464960937&adf=4247797310&pi=t.ma~as.4615675623&w=772&fwrn=4&fwrnh=100&lmt=1643817165&rafmt=1&psa=0&format=772x280&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1643817165366&bpp=1&bdt=219&idt=217&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=772x280&correlator=1441068006247&frm=20&pv=1&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=220&ady=1188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=dRuj4xoLd3&p=http%3A//cdtrrracks.com&dtd=219
Frame ID: 0CD802C5B996888C8FC6E0F1808421F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&h=280&slotname=3213311655&adk=1072540162&adf=1085429509&pi=t.ma~as.3213311655&w=350&fwrn=4&fwrnh=100&lmt=1643817165&rafmt=1&psa=0&format=350x280&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1643817165367&bpp=1&bdt=220&idt=247&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=772x280%2C772x280&correlator=1441068006247&frm=20&pv=1&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=qiJTwEWtW6&p=http%3A//cdtrrracks.com&dtd=251
Frame ID: EADD8FE51CB58C4A7759F6A1FFA0F4B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&adk=1812271804&adf=3025194257&lmt=1643817165&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&ea=0&flash=0&pra=7&wgl=1&dt=1643817165376&bpp=1&bdt=229&idt=250&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=772x280%2C772x280%2C350x280&nras=1&correlator=1441068006247&frm=20&pv=1&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=256
Frame ID: C4B97BDDCB3976799099DE0C240E0B4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0FA2576DC2E55F0676D5C66768B11907
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B6237BC98F49832A8065B656C9CAF70
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Phone Scams Volume 1 • MOJO in the Morning • cdtrrrackssearch

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

38
Requests

66 %
HTTPS

69 %
IPv6

9
Domains

14
Subdomains

13
IPs

4
Countries

415 kB
Transfer

1142 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc HTTP 301
  • https://cse.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
2e46d6c58b6021680bc2be00850c5608a4911974895549f1b43d8ddb8b1e00d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Server
nginx
Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
3874
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Content-Encoding
gzip
2018.css
cdtrrracks.com/common/ 		2 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdtrrracks.com/common/2018.css
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
c0ed5b7a9f14048d6ea2f7de55111755ae8a488666a29d955084719edd24cb0a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Sep 2018 11:13:40 GMT
Server
nginx
ETag
"83b-57509c0010100-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
699
new.css
cdtrrracks.com/common/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdtrrracks.com/common/new.css
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
d3b4d6c95117d0fdf1cbdbaa2a2efe02ee384286cb6f2277bb070c15b42f9ecc

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2017 19:15:18 GMT
Server
nginx
ETag
"c04-55ca039cfdd80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1058
new.js
cdtrrracks.com/common/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdtrrracks.com/common/new.js
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
e0fcf45f8ce1bf202cdff580af26f75731a1b30f13c7cd2c7772b801e094d714

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2017 19:15:20 GMT
Server
nginx
ETag
"1506-55ca039ee6200-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1557
new.gif
cdtrrracks.com/common/ 		215 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdtrrracks.com/common/new.gif
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
0e4dfa7cac22a39453c6bda2c129b2596b7fb9e440a9b8b25a0af7b0bb64108c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Last-Modified
Sat, 28 Oct 2017 19:15:20 GMT
Server
nginx
ETag
"d7-55ca039ee6200"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
215
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9300bbd7fd0bebc4e6cb23f9df65b6e96526c7f201f240730ea2683d16d2e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14154574417229687071
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
52516
X-XSS-Protection
0
Expires
Wed, 02 Feb 2022 15:52:45 GMT
onejs
z-na.amazon-adsystem.com/widgets/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
18.66.244.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-244-28.dus51.r.cloudfront.net
Software
Server /
Resource Hash
8e2915bb3f39f5febe599eaef80aa1a0a536d2a5305a055fcaedf467312bba7d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 06:58:14 GMT
Content-Encoding
gzip
Age
32071
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7944
Pragma
Public
Access-Control-Allow-Origin
*
Server
Server
Content-Type
application/javascript;charset=UTF-8
Via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
charset
UTF-8
Cache-Control
public,max-age=86400,s-maxage=86400,no-transform
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
tpVDawA4PeFe4tjrAy58Ka62xg5XJT7DIEON5PvxPiq5_oudiertzA==
Expires
Thu, 03 Feb 2022 06:58:14 GMT
counter.js
www.statcounter.com/counter/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5652900e428b78ad7d459209e5e0ad0d8b21542f1060acb1ed8c60a1f579b6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Feb 2022 17:24:01 GMT
server
cloudflare
age
8894
etag
W/"61f96cb1-a37d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6d7496a33d223a69-CDG
expires
Thu, 03 Feb 2022 01:24:31 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • http://www.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc
  • https://cse.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
H2
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
2f8a718cd8baef7074c18574b301458f9f9d42a848018f3892e103144db3523f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3459
x-xss-protection
0
server
gws
expires
Wed, 02 Feb 2022 15:52:45 GMT

Redirect headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
X-Content-Type-Options
nosniff
Server
sffe
Content-Type
text/html; charset=UTF-8
Location
https://cse.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc
Cache-Control
public, max-age=1800
Content-Length
267
X-XSS-Protection
0
Expires
Wed, 02 Feb 2022 16:22:45 GMT
albumpicture.php
cdtrrracks.com/scripts/ Frame 9339 		342 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cdtrrracks.com/scripts/albumpicture.php?artist=MOJO%20in%20the%20Morning&album=Phone%20Scams%20Volume%201
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
729b5a4d472f5c22051d92c12fd2ffa4521be5684cd27ff293471bb4ddb06fb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/

Response headers

Server
nginx
Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
232
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Content-Encoding
gzip
t.php
c.statcounter.com/ 		192 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11813384&u1=5ADF49E8B03E4FD2E0CB372A343C9FDE&java=1&security=abfd589c&sc_snum=1&sess=fa717c&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//cdtrrracks.com/MOJO%2520in%2520the%2520Morning/Phone%2520Scams%2520Volume%25201/&t=Phone%20Scams%20Volume%201%20%E2%80%A2%20MOJO%20in%20the%20Morning%20%E2%80%A2%20cdtrrracks&invisible=1&sc_rum_e_s=291&sc_rum_e_e=295&sc_rum_f_s=0&sc_rum_f_e=280&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d7496a39df53a69-CDG
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
http://cdtrrracks.com
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 		284 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
628830c445c95c4d75daf1c71f527d8bc35dafdc7e954d7307d179741e1b8a48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104643
x-xss-protection
0
server
cafe
etag
5880570957449717226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 15:52:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/ Frame 4430 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 01 Feb 2022 19:01:41 GMT
expires
Tue, 15 Feb 2022 19:01:41 GMT
cache-control
public, max-age=1209600
age
75064
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cse_element__en.js
www.google.com/cse/static/element/ff97a008b4153450/ 		301 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__en.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: http://www.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eafc0571b8ce226f09e8de577d88921a0218da6ff4982984e357ada8e08031b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 11:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102059
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 15:35:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 02 Feb 2023 11:04:05 GMT
default+en.css
www.google.com/cse/static/element/ff97a008b4153450/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/ff97a008b4153450/default+en.css
Requested by
Host: www.google.com
URL: http://www.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 11:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 15:35:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 02 Feb 2023 11:04:05 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: http://www.google.com/cse/cse.js?cx=006450847850393792644:9xlcujwespc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:14:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 02 Feb 2022 16:04:05 GMT
main.js
cdtrrracks.com/common/ Frame 9339 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdtrrracks.com/common/main.js
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/scripts/albumpicture.php?artist=MOJO%20in%20the%20Morning&album=Phone%20Scams%20Volume%201
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
9dd605e227823137fa145687b502f448cc0e95acdce83ffa079b6b18af84f8fc

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/scripts/albumpicture.php?artist=MOJO%20in%20the%20Morning&album=Phone%20Scams%20Volume%201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2017 19:15:18 GMT
Server
nginx
ETag
"3c8e-55ca039cfdd80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
3700
cnf.gif
cdtrrracks.com/common/ Frame 9339 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdtrrracks.com/common/cnf.gif
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/scripts/albumpicture.php?artist=MOJO%20in%20the%20Morning&album=Phone%20Scams%20Volume%201
Protocol
HTTP/1.1
Server
51.75.70.234 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-4f3e839b.vps.ovh.net
Software
nginx /
Resource Hash
00d34d0b97790ecad7af60e9ab5ad4620f533ce145e3ad0da81f67fcb401adaf

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/scripts/albumpicture.php?artist=MOJO%20in%20the%20Morning&album=Phone%20Scams%20Volume%201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Last-Modified
Sat, 28 Oct 2017 19:15:12 GMT
Server
nginx
ETag
"1f57-55ca039745000"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
8023
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=cdtrrracks.com&callback=_gfp_s_&client=ca-pub-4085496937036467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
eee77fe1a02842d0b63ef3ffe6203b9904192dd696be8ff893cfe72a65665233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=cdtrrracks.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdtrrracks.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EB3E 		436 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&h=280&slotname=4528045710&adk=2826534490&adf=118230528&pi=t.ma~as.4528045710&w=772&fwrn=4&fwrnh=100&lmt=1643817165&rafmt=1&psa=0&format=772x280&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1643817165363&bpp=3&bdt=216&idt=201&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1441068006247&frm=20&pv=2&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=220&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EfBlaYpbfS&p=http%3A//cdtrrracks.com&dtd=216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61c00e0e5e6f511d3bc3fc600ca11e4cb3e368a7f6894ee2ff104864fe74b5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 15:52:45 GMT
server
cafe
content-length
212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 15:52:45 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0CD8 		436 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&h=280&slotname=4615675623&adk=3464960937&adf=4247797310&pi=t.ma~as.4615675623&w=772&fwrn=4&fwrnh=100&lmt=1643817165&rafmt=1&psa=0&format=772x280&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1643817165366&bpp=1&bdt=219&idt=217&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=772x280&correlator=1441068006247&frm=20&pv=1&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=220&ady=1188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=dRuj4xoLd3&p=http%3A//cdtrrracks.com&dtd=219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dedf504adc907cbc77c86bd118a98de09e0cc29af826ebfa65b0a288a7b3341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 15:52:45 GMT
server
cafe
content-length
214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 15:52:45 GMT
cache-control
private
async-ads.js
cse.google.com/adsense/search/ 		138 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__en.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
212fb9c612ea81c841172f6338aba2a45e0716bb13182860c09edb57d3843ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"6248772687611180785"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Wed, 02 Feb 2022 15:52:45 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/default+en.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/cse/static/element/ff97a008b4153450/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 05:46:24 GMT
x-content-type-options
nosniff
age
36381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 02 Feb 2023 05:46:24 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 12:42:20 GMT
x-content-type-options
nosniff
age
357025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 29 Jan 2023 12:42:20 GMT
generate_204
www.googleapis.com/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:52:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clients1.google.com/generate_204
Requested by
Host: cdtrrracks.com
URL: http://cdtrrracks.com/MOJO%20in%20the%20Morning/Phone%20Scams%20Volume%201/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 15:52:45 GMT
Content-Length
0
ads
googleads.g.doubleclick.net/pagead/ Frame EADD 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&h=280&slotname=3213311655&adk=1072540162&adf=1085429509&pi=t.ma~as.3213311655&w=350&fwrn=4&fwrnh=100&lmt=1643817165&rafmt=1&psa=0&format=350x280&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1643817165367&bpp=1&bdt=220&idt=247&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=772x280%2C772x280&correlator=1441068006247&frm=20&pv=1&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=qiJTwEWtW6&p=http%3A//cdtrrracks.com&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e82d45d403639267bef0b1141e379cc04ff7c7623b4c4624b12941a1c8850e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 15:52:45 GMT
server
cafe
content-length
212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 15:52:45 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame C4B9 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4085496937036467&output=html&adk=1812271804&adf=3025194257&lmt=1643817165&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcdtrrracks.com%2FMOJO%2520in%2520the%2520Morning%2FPhone%2520Scams%2520Volume%25201%2F&ea=0&flash=0&pra=7&wgl=1&dt=1643817165376&bpp=1&bdt=229&idt=250&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=772x280%2C772x280%2C350x280&nras=1&correlator=1441068006247&frm=20&pv=1&ga_vid=873187953.1643817166&ga_sid=1643817166&ga_hid=718752266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064527%2C31063222&oid=2&pvsid=3871866016765260&pem=814&tmod=417232960&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=256
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c20052164d8244960d28922a84dbcf47b3dea88d5a4f549f010cad18f97b5f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 15:52:45 GMT
server
cafe
content-length
4450
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 15:52:45 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a33e85cc005dc62e6f85dfcb47326a1400c89cbf215a73c244261959423f7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 15:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9845
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4085496937036467&plah=cdtrrracks.com&bust=31064527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 15:52:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0FA2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 15:49:21 GMT
expires
Thu, 02 Feb 2023 15:49:21 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1B62 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8dd7ac985a1cbab13c82566332490b13ec18c82a02fbb10d53ffe392e28330bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OSkJacN1fy4LvCIwScY4PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 02 Feb 2022 15:52:46 GMT
date
Wed, 02 Feb 2022 15:52:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-OSkJacN1fy4LvCIwScY4PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 1B62 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220131&jk=3871866016765260&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
pagead2.googlesyndication.com/bg/ Frame 0FA2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 15:29:17 GMT
generate_204
tpc.googlesyndication.com/ Frame 0FA2 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TtiTJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 15:52:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220131&jk=3871866016765260&bg=!tLelt_PNAAYZkRhwGZE7ACkAdvg8WnQThpwf5-KXw4dtE4HfGGTNE_r8i1LCafnmy5C3SMS53LlnQQIAAABfUgAAAAJoAQeZArcLUejDIcindH5h4k9JzggAgVAScPECxBFWypjrVZBPtBdymibo_PEZeKIJEY_mGlmkzA06L5WS0eferypWWNYUty0gOPBBhU4deGWsKxo2UhGg5tFzkUBC_2rzn9yDcWsknwg8z0MVCDSFdSlB8jnVHeGFyP20Ui4Zm2Z9GzWo3B7GQr76f1GzfiJRxzSCgSAu14J0SEDwBNg9blFn0YNaR-qXloXxHFgClwlgfBm8PTVTQ_0-sg6-5oNZwV5I8QpoGdUTnJZsdlctcRHudjLBB6JGWU15UV4mqcF-hRC5iph-Aqfx159V-oq4O_uGMIEsNoKOAPCG6pa4bT7H9CdUbcFbemgJ4pWA2tIPY7lBP_Km7yzWjLgJVvc83i6RbodxVlVsU1g65Ze-QPPoSPpvaUcVpHQ2TX39RQQErs_U-vUaFS4UuMbGXr7X_zmvEZYANKaipNJwmMoQ0RyvSaoJ0wKceyLfaApLSYWxzV645sy8EfYdNXBnloCKsQ6MRyqml-KaGTcKBpllGRSVrfIaq17oGJfrl9eaPn3WXW-_sDh4pnDJcGrDy3ec3nH9B5t2BHJ54X-U7FTu-C_2qU6APuh4MhCXXZY7g-ShhZJGGqpDZ6AyIRrGA_pZ8OCObZPTm_8B1YV7swHLqbJrvaC3pK8xpuHIK7otRatHrdUdhUoTvUZTUv9PK7rgFgkZy9Ns94qERYDxgw7NgIdO6jZvfpMCRomDgu_Wt_DzO4ddzD0d8QAolm035KEU_OmZoVQ48vO_v5DYh2mZSWKsxS5UNxMF8B54tJjY1xyBIRWmT14IhBGE9xEXF3EZOqT7u-nO_tAzAI-d8Sc-EkquT2LMsvqvn3Ipaq49SO62niTzrMtG-zPQXZtZLUkJ5yM8sJkUXBgyxXz4-XGnris-2hNmYo2CJ0ZmiQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://cdtrrracks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 15:52:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| httpRequester function| getHTTPRequestObject function| $ function| mOver function| mOut function| sOver function| sOut function| mClick function| searchClick function| focusBkg function| blurBkg function| dragOver function| searchKeyUp function| inputChange function| init function| rateover function| rateout function| rateclick function| UpdateRating function| ratemode function| LoadPage function| findPos function| Count function| SearchLoad function| VideoLoad function| LyricsLoad boolean| searchfocused object| adsbygoogle string| type string| id function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| nativeAdLayoutComputer object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson number| sc_project number| sc_invisible string| sc_security function| _statcounter object| google_js_reporting_queue number| google_srt object| googletag object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| __gcse function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId number| googleNDT_ number| googleAltLoader object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.cdtrrracks.com/ Name: sc_is_visitor_unique
Value: rx11813384.1643817165.5ADF49E8B03E4FD2E0CB372A343C9FDE.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc11813384.1643817165.0
.statcounter.com/ Name: is_visitor_unique
Value: 1643817165369336559
.cdtrrracks.com/ Name: __gads
Value: ID=ec8ed97391c4741d-228006a531cd0044:T=1643817165:RT=1643817165:S=ALNI_MbgBL5qEtEfjHd55TjXIC-uCoCocg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
c.statcounter.com
cdtrrracks.com
clients1.google.com
cse.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googleapis.com
www.statcounter.com
z-na.amazon-adsystem.com
104.20.228.67
142.250.186.98
18.66.244.28
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82b::200e
51.75.70.234
00d34d0b97790ecad7af60e9ab5ad4620f533ce145e3ad0da81f67fcb401adaf
0e4dfa7cac22a39453c6bda2c129b2596b7fb9e440a9b8b25a0af7b0bb64108c
212fb9c612ea81c841172f6338aba2a45e0716bb13182860c09edb57d3843ee6
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2e46d6c58b6021680bc2be00850c5608a4911974895549f1b43d8ddb8b1e00d1
2f8a718cd8baef7074c18574b301458f9f9d42a848018f3892e103144db3523f
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c00e0e5e6f511d3bc3fc600ca11e4cb3e368a7f6894ee2ff104864fe74b5ee
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628830c445c95c4d75daf1c71f527d8bc35dafdc7e954d7307d179741e1b8a48
729b5a4d472f5c22051d92c12fd2ffa4521be5684cd27ff293471bb4ddb06fb9
75a33e85cc005dc62e6f85dfcb47326a1400c89cbf215a73c244261959423f7f
8dd7ac985a1cbab13c82566332490b13ec18c82a02fbb10d53ffe392e28330bb
8e2915bb3f39f5febe599eaef80aa1a0a536d2a5305a055fcaedf467312bba7d
9dd605e227823137fa145687b502f448cc0e95acdce83ffa079b6b18af84f8fc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a9300bbd7fd0bebc4e6cb23f9df65b6e96526c7f201f240730ea2683d16d2e12
bd5652900e428b78ad7d459209e5e0ad0d8b21542f1060acb1ed8c60a1f579b6
c0ed5b7a9f14048d6ea2f7de55111755ae8a488666a29d955084719edd24cb0a
c20052164d8244960d28922a84dbcf47b3dea88d5a4f549f010cad18f97b5f99
d3b4d6c95117d0fdf1cbdbaa2a2efe02ee384286cb6f2277bb070c15b42f9ecc
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dedf504adc907cbc77c86bd118a98de09e0cc29af826ebfa65b0a288a7b3341e
e0fcf45f8ce1bf202cdff580af26f75731a1b30f13c7cd2c7772b801e094d714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82d45d403639267bef0b1141e379cc04ff7c7623b4c4624b12941a1c8850e06
eafc0571b8ce226f09e8de577d88921a0218da6ff4982984e357ada8e08031b7
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eee77fe1a02842d0b63ef3ffe6203b9904192dd696be8ff893cfe72a65665233
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02