urlscan.io logo urlscan.io
SecurityTrails logo

covidmusicstudy.org Open in urlscan Pro
74.117.219.199  Public Scan

Go To Rescan Add Verdict Report
URL: http://covidmusicstudy.org/
Submission Tags: falconsandbox
Submission: On May 27 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 74.117.219.199, located in Cayman Islands and belongs to DNC-HOLDINGS-INC, US. The main domain is covidmusicstudy.org.
This is the only time covidmusicstudy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    74.117.219.199 (Cayman Islands)

ASN53997 (DNC-HOLDINGS-INC, US)
covidmusicstudy.org
4    192.64.147.158 (United States)

ASN19867 (VOODOO1, US)
PTR: 192.64.147.158.voodoo.com
050005.voodoo.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    74.117.219.198 (Cayman Islands)

ASN53997 (DNC-HOLDINGS-INC, US)
redirection20.directnic.com
1    192.64.147.153 (United States)

ASN19867 (VOODOO1, US)
PTR: 192.64.147.153.voodoo.com
syndication.voodoo.com
13    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
Domain Requested by
19 www.google.com pagead2.googlesyndication.com
050005.voodoo.com
www.google.com
4 050005.voodoo.com covidmusicstudy.org
050005.voodoo.com
2 ajax.googleapis.com 050005.voodoo.com
1 afs.googleusercontent.com www.google.com
1 syndication.voodoo.com 050005.voodoo.com
1 redirection20.directnic.com 050005.voodoo.com
1 pagead2.googlesyndication.com 050005.voodoo.com
1 covidmusicstudy.org
30 8

This site contains no links.

Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://covidmusicstudy.org/
Frame ID: 9972E0081ACF806CA12F1F8E77E18FB6
Requests: 4 HTTP requests in this frame

Frame: http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Frame ID: 71E2B1C6C358BC75122A7C4EECE47096
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: 7D680AAB8EAA59EB9EB885BB9EB71474
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: EF14B2F6D939FEE23E5708335F74DB3D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: 560587B2387DA2F97359B48E2DD7CE15
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/dp/ads?adtest=off&cpp=0&domain_name=covidmusicstudy.org&hl=ro&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300494%2C17300496%2C17300703%2C17300706%2C17300707&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622121583888&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA%26ref%3D%26domain%3Dcovidmusicstudy.org%26token%3D43921e31950f287fb52c72bc98d78a35%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fcovidmusicstudy.org%2F
Frame ID: 7AF1540DD4D92F649634E736CE69FE1F
Requests: 2 HTTP requests in this frame

Frame: http://050005.voodoo.com/status.php?domain=covidmusicstudy.org&trackingtoken=43921e31950f287fb52c72bc98d78a35&status=caf&u_his=2&u_h=1200&u_w=1600&d_h=1200&d_w=1600&u_top=0&u_left=0&http_referrer=http%3A%2F%2Fcovidmusicstudy.org%2F
Frame ID: 7C232A28EF533A4F875DCADE17DF7E6F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: 01A6FD00E22037D60B665A3FE5BBABE5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: 46775A73A28607215AEC8C4B466221D9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: 0E2D83C43FFD663F948DE74E29379FAA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: A316D1D8B0DDF804FCB0509FFFE3296B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

30
Requests

63 %
HTTPS

56 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

284 kB
Transfer

674 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covidmusicstudy.org/ 		791 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://covidmusicstudy.org/
Protocol
HTTP/1.1
Server
74.117.219.199 , Cayman Islands, ASN53997 (DNC-HOLDINGS-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
81c6745388307e6ee57e9d40f80312af3baa42629a2b091bf60fbdd067f22adf

Request headers

Host
covidmusicstudy.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 27 May 2021 13:19:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMLl0RJYcDS0N2xIgi01rOAcEtvCUTUq+IuNz5PA8eXYsfPLRkgnNehO+NbOZAlLoQnSpB5rXuRxRCTF+T1iU9sCAwEAAQ==_FzrU0O/DzPHwhUHqvo1zsrZd6OYhY/CKmMbfkIpM4HkqpULVsnDaZNpBRyCVeu0ugpO2Xos2NXdjGtQoX27wGQ==
Content-Encoding
gzip
partner.js
050005.voodoo.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://050005.voodoo.com/js/partner.js
Requested by
Host: covidmusicstudy.org
URL: http://covidmusicstudy.org/
Protocol
HTTP/1.1
Server
192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS
192.64.147.158.voodoo.com
Software
Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash
df5d3ff97beb752c1c282803a8ae9aad610d32aca75c64d89a61440cc199c8db

Request headers

Referer
http://covidmusicstudy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 27 May 2021 13:19:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 May 2021 13:19:42 GMT
Server
Apache/2.2.3 (CentOS)
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMLl0RJYcDS0N2xIgi01rOAcEtvCUTUq+IuNz5PA8eXYsfPLRkgnNehO+NbOZAlLoQnSpB5rXuRxRCTF+T1iU9sCAwEAAQ==_sDzdmXzeqEhjvj0JdTVitFpua+YHRhv9DRXcZxIPa/wDyAjt/pyHGdISzGGw3cUTEmYj7p48YLJQa5qpBjbIhQ==
X-Powered-By
PHP/5.3.8
Vary
Accept-Encoding,User-Agent
P3P
CP="CAO PSA OUR"
Connection
close
Content-Type
text/javascript
Content-Length
1500
Expires
Tue, 4 Jan 1994 00:00:00
show_afd_ads.js
pagead2.googlesyndication.com/apps/domainpark/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/js/partner.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bfe95d0b1aaba7381b62b6115184b9d0db623917aa589d664dae861667793cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covidmusicstudy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 27 May 2021 13:19:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"6126896914240740145"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
1437
X-XSS-Protection
0
Expires
Thu, 27 May 2021 13:19:42 GMT
ads
www.google.com/dp/ 		151 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?output=afd_ads&client=dp-voodoo21_3ph&domain_name=covidmusicstudy.org&afdt=create&swp=as-drid-2464369813134582&dt=1622121582945&u_tz=120&u_his=2&u_h=1200&u_w=1600&frm=0
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
b0b93ca7726e0c7c5eb02cfc5007d6e4a8766475f0d9eb57014d39438b2fbd5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://covidmusicstudy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:42 GMT
content-encoding
br
server
gws
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
*
cache-control
private, max-age=3600
content-disposition
inline
content-type
application/json; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
x-xss-protection
0
expires
Thu, 27 May 2021 13:19:42 GMT
partner.php
050005.voodoo.com/ Frame 71E2 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/js/partner.js
Protocol
HTTP/1.1
Server
192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS
192.64.147.158.voodoo.com
Software
Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash
5b0dd7ef13f23e6098e1dfe4e8bf1073137a4a7522bbb3392b98a2db46ecdac6

Request headers

Host
050005.voodoo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covidmusicstudy.org/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://covidmusicstudy.org/

Response headers

Date
Thu, 27 May 2021 13:19:43 GMT
Server
Apache/2.2.3 (CentOS)
X-Powered-By
PHP/5.3.8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires
Mon, 31 Dec 2001 7:32:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
P3P
CP="CAO PSA OUR"
Pragma
no-cache
Content-Length
4746
Connection
close
Content-Type
text/html; charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 71E2 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 27 May 2021 10:21:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
10716
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33621
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 27 May 2022 10:21:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 71E2 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 27 May 2021 13:16:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
204
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33845
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 27 May 2022 13:16:19 GMT
caf.js
050005.voodoo.com/js/ Frame 71E2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://050005.voodoo.com/js/caf.js
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Protocol
HTTP/1.1
Server
192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS
192.64.147.158.voodoo.com
Software
Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash
5cd5a07b3182874ae2d7c446f05de7543680eb02d7c516cf3942395cd92f076d

Request headers

Referer
http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 27 May 2021 13:19:43 GMT
Content-Encoding
gzip
Server
Apache/2.2.3 (CentOS)
X-Powered-By
PHP/5.3.8
Vary
Accept-Encoding,User-Agent
P3P
CP="CAO PSA OUR"
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
2533
caf.js
www.google.com/adsense/domains/ Frame 71E2 		168 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e69d683a232116512b030256d93914e88c02cfeea9bfff1d706d3c56295740a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 27 May 2021 13:19:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"12912970063672460847"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
X-XSS-Protection
0
Expires
Thu, 27 May 2021 13:19:43 GMT
parked_header.png
redirection20.directnic.com/assets/images/ Frame 71E2 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://redirection20.directnic.com/assets/images/parked_header.png
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Protocol
HTTP/1.1
Server
74.117.219.198 , Cayman Islands, ASN53997 (DNC-HOLDINGS-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
f23c65d2cf0c22fdf0c6d6667aa9925b322860ae8846aac8b6a2c6950be3d5eb

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Thu, 27 May 2021 13:19:43 GMT
Last-Modified
Sun, 17 Nov 2019 19:59:05 GMT
Server
nginx
ETag
"5dd1a689-b6e8"
Content-Type
image/png
Cache-Control
max-age=31104000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46824
Expires
Sun, 22 May 2022 13:19:43 GMT
dnic-search-bg.png
syndication.voodoo.com/images/ Frame 71E2 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://syndication.voodoo.com/images/dnic-search-bg.png
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Protocol
HTTP/1.1
Server
192.64.147.153 , United States, ASN19867 (VOODOO1, US),
Reverse DNS
192.64.147.153.voodoo.com
Software
Apache/2.2.3 (CentOS) /
Resource Hash
f1766d9c26242a6a17c856c3458e93d88f5ec85687be2b982d526fbe24c287f6

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 27 May 2021 13:19:44 GMT
Last-Modified
Wed, 03 Jul 2019 18:59:00 GMT
Server
Apache/2.2.3 (CentOS)
ETag
"117d-58ccb743da500"
P3P
CP="CAO PSA OUR"
Cache-Control
max-age=2592000, public
Connection
close
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4477
Expires
Sat, 26 Jun 2021 13:19:44 GMT
iframe.html
www.google.com/afs/ads/i/ Frame 7D68 		1 KB
666 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads/i/iframe.html
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e74efb2b784ad04d04b86b0b6ac19b243a5dcb767485c387b3256b700f1ead1
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-3776CCs1YB39cuv317DWcw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/afs/ads/i/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://050005.voodoo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://050005.voodoo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy
script-src 'nonce-3776CCs1YB39cuv317DWcw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
642
date
Thu, 27 May 2021 13:19:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 25 May 2020 08:30:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
www.google.com/afs/ads/i/ Frame EF14 		1 KB
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads/i/iframe.html
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b38a22588a416a065a916f50bbbc74665edbcb98421211f5e296c92f76395243
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-IrDtIMdLvQg1pZg5XxoEnA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/afs/ads/i/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://050005.voodoo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://050005.voodoo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy
script-src 'nonce-IrDtIMdLvQg1pZg5XxoEnA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
639
date
Thu, 27 May 2021 13:19:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 25 May 2020 08:30:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
www.google.com/afs/ads/i/ Frame 5605 		1 KB
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads/i/iframe.html
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f58fe7d78b7f7874bfa84e777ada9eab1577e0426953b06ab53b477b9ab8b9ff
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-T-jh5yV3jD0X9XlMhoFjSQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/afs/ads/i/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://050005.voodoo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://050005.voodoo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy
script-src 'nonce-T-jh5yV3jD0X9XlMhoFjSQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
641
date
Thu, 27 May 2021 13:19:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 25 May 2020 08:30:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
www.google.com/dp/ Frame 7AF1 		12 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?adtest=off&cpp=0&domain_name=covidmusicstudy.org&hl=ro&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300494%2C17300496%2C17300703%2C17300706%2C17300707&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622121583888&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA%26ref%3D%26domain%3Dcovidmusicstudy.org%26token%3D43921e31950f287fb52c72bc98d78a35%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fcovidmusicstudy.org%2F
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
2cf77a0b1db86f7627b1252b2b55719fefd002a9739e0adf5435b68c5ecc1ed0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/dp/ads?adtest=off&cpp=0&domain_name=covidmusicstudy.org&hl=ro&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300494%2C17300496%2C17300703%2C17300706%2C17300707&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622121583888&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA%26ref%3D%26domain%3Dcovidmusicstudy.org%26token%3D43921e31950f287fb52c72bc98d78a35%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fcovidmusicstudy.org%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://050005.voodoo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://050005.voodoo.com/

Response headers

content-type
text/html; charset=UTF-8
content-disposition
inline
date
Thu, 27 May 2021 13:19:43 GMT
expires
Thu, 27 May 2021 13:19:43 GMT
cache-control
private, max-age=3600
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
7857
x-xss-protection
0
set-cookie
CONSENT=PENDING+546; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
caf.js
www.google.com/adsense/domains/ Frame 7AF1 		168 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: www.google.com
URL: https://www.google.com/dp/ads?adtest=off&cpp=0&domain_name=covidmusicstudy.org&hl=ro&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300494%2C17300496%2C17300703%2C17300706%2C17300707&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622121583888&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA%26ref%3D%26domain%3Dcovidmusicstudy.org%26token%3D43921e31950f287fb52c72bc98d78a35%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fcovidmusicstudy.org%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5bc2029385904a1cc58e8d039de71906192975e5d4dbe8060c6a9f9094bd70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"5952543602775998047"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 27 May 2021 13:19:44 GMT
bullet_doublearrow_orange.png
afs.googleusercontent.com/dp-voodoo/ Frame 5605 		896 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/dp-voodoo/bullet_doublearrow_orange.png
Requested by
Host: www.google.com
URL: https://www.google.com/dp/ads?adtest=off&cpp=0&domain_name=covidmusicstudy.org&hl=ro&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300494%2C17300496%2C17300703%2C17300706%2C17300707&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622121583888&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA%26ref%3D%26domain%3Dcovidmusicstudy.org%26token%3D43921e31950f287fb52c72bc98d78a35%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fcovidmusicstudy.org%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f51944cc7f8309ad0b375720813c3f17969701741b6315583b1d3faddedf482c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 23:52:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Apr 2013 22:28:15 GMT
server
sffe
age
48427
content-type
image/png
cache-control
public, max-age=82800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
expires
Thu, 27 May 2021 22:52:37 GMT
Cookie set status.php
050005.voodoo.com/ Frame 7C23 		0
514 B 		Document
General
Check archive.org
Download Go to
Full URL
http://050005.voodoo.com/status.php?domain=covidmusicstudy.org&trackingtoken=43921e31950f287fb52c72bc98d78a35&status=caf&u_his=2&u_h=1200&u_w=1600&d_h=1200&d_w=1600&u_top=0&u_left=0&http_referrer=http%3A%2F%2Fcovidmusicstudy.org%2F
Requested by
Host: 050005.voodoo.com
URL: http://050005.voodoo.com/js/caf.js
Protocol
HTTP/1.1
Server
192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS
192.64.147.158.voodoo.com
Software
Apache / PHP/5.3.8
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
050005.voodoo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://050005.voodoo.com/partner.php?dsess=ChMIgPDv5fnp8AIVNoD9Bx0sDw9xEkvcHWDsF6NGvYO5Z63C9MxLHqTxiE3EaRS3kmqtfyqcNd37-Oy5gWRsq6i0wWw0o0Rjcop1UO1eNYvRjBDa1285CoLFctGFIAuMNMA&ref=&domain=covidmusicstudy.org&token=43921e31950f287fb52c72bc98d78a35&drid=as-drid-2464369813134582

Response headers

Date
Thu, 27 May 2021 13:19:44 GMT
Server
Apache
X-Powered-By
PHP/5.3.8
Set-Cookie
session=43921e31950f287fb52c72bc98d78a35; expires=Thu, 27-May-2021 13:49:44 GMT; path=/
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires
Mon, 31 Dec 2001 7:32:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
P3P
CP="CAO PSA OUR"
Pragma
no-cache
Content-Length
20
Connection
close
Content-Type
text/html; charset=UTF-8
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
www.google.com/js/bg/ Frame 01A6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
age
246274
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Tue, 24 May 2022 16:55:10 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
www.google.com/js/bg/ Frame 4677 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
age
246274
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Tue, 24 May 2022 16:55:10 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
www.google.com/js/bg/ Frame 0E2D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
age
246274
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Tue, 24 May 2022 16:55:10 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
www.google.com/js/bg/ Frame A316 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
age
246274
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
expires
Tue, 24 May 2022 16:55:10 GMT
gen_204
www.google.com/afs/ Frame 71E2 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=t6uh9bxh8p71&aqid=cJyvYPACi7PXBsXKqagD&pbt=bs&adbx=939&adby=145&adbh=28&adbw=300&adbn=master-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=242&csadr=219&lle=0&llm=1000&ifv=1&usr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:45 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ Frame 71E2 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=7pocs0gvt2kn&pbt=bs&adbx=344&adby=228&adbh=326&adbw=454&adbn=slave-1-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=224&csadr=238&lle=0&llm=1000&ifv=1&usr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:45 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ Frame 71E2 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=1o0tlyaietr&pbt=bs&adbx=802&adby=228&adbh=326&adbw=454&adbn=slave-2-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=219&csadr=244&lle=0&llm=1000&ifv=1&usr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:45 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ Frame 71E2 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=g1wwrdq03i9f&pbt=bs&adbx=321&adby=185&adbh=22&adbw=958&adbn=slave-3-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=214&csadr=249&lle=0&llm=1000&ifv=1&usr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:45 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ Frame 71E2 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=82zv4mwjv889&aqid=cJyvYPACi7PXBsXKqagD&pbt=bv&adbx=939&adby=145&adbh=28&adbw=300&adbn=master-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=242&csadr=219&lle=0&llm=1000&ifv=1&usr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:46 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ Frame 71E2 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=lcj5d9ilout1&pbt=bv&adbx=344&adby=228&adbh=326&adbw=454&adbn=slave-1-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=224&csadr=238&lle=0&llm=1000&ifv=1&usr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:46 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ Frame 71E2 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=fo6rijwr5n2z&pbt=bv&adbx=802&adby=228&adbh=326&adbw=454&adbn=slave-2-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=219&csadr=244&lle=0&llm=1000&ifv=1&usr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:46 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ Frame 71E2 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=lq1ndwfs6wvz&pbt=bv&adbx=321&adby=185&adbh=22&adbw=958&adbn=slave-3-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=214&csadr=249&lle=0&llm=1000&ifv=1&usr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://050005.voodoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:19:46 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| pM string| token object| google_afd_request function| google_afd_ad_request_done object| vrs number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpaForCanoeV2 number| _enableLazyLoading number| _googEnableQup number| _googErrorTurnOffPersonalization number| _googTimeoutTurnOffPersonalization string| _googLazyLoadingDenyList string| _googLazyLoadingEnableList number| _googLazyLoadingRootMargin number| _googUspApiTimeout number| googleAltLoader

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: http://050005.voodoo.com/js/partner.js(Line 12)
Message:
[object Object]
console-api log URL: http://050005.voodoo.com/js/caf.js(Line 77)
Message:
requestAccepted in cafCallback
console-api log URL: http://050005.voodoo.com/js/caf.js(Line 78)
Message:
[object Object]
console-api log URL: http://050005.voodoo.com/js/caf.js(Line 21)
Message:
[object Object]
console-api log URL: http://050005.voodoo.com/js/caf.js(Line 22)
Message:
[object Object]
console-api log URL: http://050005.voodoo.com/js/caf.js(Line 24)
Message:
requestAccepted

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

050005.voodoo.com
afs.googleusercontent.com
ajax.googleapis.com
covidmusicstudy.org
pagead2.googlesyndication.com
redirection20.directnic.com
syndication.voodoo.com
www.google.com
192.64.147.153
192.64.147.158
2a00:1450:4001:800::200a
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:827::2004
74.117.219.198
74.117.219.199
2cf77a0b1db86f7627b1252b2b55719fefd002a9739e0adf5435b68c5ecc1ed0
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5b0dd7ef13f23e6098e1dfe4e8bf1073137a4a7522bbb3392b98a2db46ecdac6
5bfe95d0b1aaba7381b62b6115184b9d0db623917aa589d664dae861667793cd
5cd5a07b3182874ae2d7c446f05de7543680eb02d7c516cf3942395cd92f076d
5d5bc2029385904a1cc58e8d039de71906192975e5d4dbe8060c6a9f9094bd70
6e74efb2b784ad04d04b86b0b6ac19b243a5dcb767485c387b3256b700f1ead1
81c6745388307e6ee57e9d40f80312af3baa42629a2b091bf60fbdd067f22adf
b0b93ca7726e0c7c5eb02cfc5007d6e4a8766475f0d9eb57014d39438b2fbd5e
b38a22588a416a065a916f50bbbc74665edbcb98421211f5e296c92f76395243
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
df5d3ff97beb752c1c282803a8ae9aad610d32aca75c64d89a61440cc199c8db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69d683a232116512b030256d93914e88c02cfeea9bfff1d706d3c56295740a5
f1766d9c26242a6a17c856c3458e93d88f5ec85687be2b982d526fbe24c287f6
f23c65d2cf0c22fdf0c6d6667aa9925b322860ae8846aac8b6a2c6950be3d5eb
f51944cc7f8309ad0b375720813c3f17969701741b6315583b1d3faddedf482c
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f58fe7d78b7f7874bfa84e777ada9eab1577e0426953b06ab53b477b9ab8b9ff