survivedcovid19.net Open in urlscan Pro
74.117.219.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://survivedcovid19.net/
Submission Tags: falconsandbox
Submission: On May 27 via api (May 27th 2021, 3:51:22 am UTC) from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 74.117.219.199, located in Cayman Islands and belongs to DNC-HOLDINGS-INC, US. The main domain is survivedcovid19.net.

This is the only time survivedcovid19.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	74.117.219.199 74.117.219.199	53997 (DNC-HOLDI...) (DNC-HOLDINGS-INC)
4	192.64.147.158 192.64.147.158	19867 (VOODOO1) (VOODOO1)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	74.117.219.198 74.117.219.198	53997 (DNC-HOLDI...) (DNC-HOLDINGS-INC)
1	192.64.147.153 192.64.147.153	19867 (VOODOO1) (VOODOO1)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
30	8

1 74.117.219.199 (Cayman Islands)

ASN53997 (DNC-HOLDINGS-INC, US)

survivedcovid19.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.64.147.158 (United States)

ASN19867 (VOODOO1, US)
PTR: 192.64.147.158.voodoo.com

050005.voodoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.117.219.198 (Cayman Islands)

ASN53997 (DNC-HOLDINGS-INC, US)

redirection20.directnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.64.147.153 (United States)

ASN19867 (VOODOO1, US)
PTR: 192.64.147.153.voodoo.com

syndication.voodoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	google.com www.google.com	152 KB
5	voodoo.com 050005.voodoo.com syndication.voodoo.com	15 KB
2	googleapis.com ajax.googleapis.com	185 KB
1	googleusercontent.com afs.googleusercontent.com	1 KB
1	directnic.com redirection20.directnic.com	46 KB
1	googlesyndication.com pagead2.googlesyndication.com	2 KB
1	survivedcovid19.net survivedcovid19.net	1 KB
30	7

	Domain	Requested by
19	www.google.com	pagead2.googlesyndication.com 050005.voodoo.com www.google.com
4	050005.voodoo.com	survivedcovid19.net 050005.voodoo.com
2	ajax.googleapis.com	050005.voodoo.com
1	afs.googleusercontent.com	www.google.com
1	syndication.voodoo.com	050005.voodoo.com
1	redirection20.directnic.com	050005.voodoo.com
1	pagead2.googlesyndication.com	050005.voodoo.com
1	survivedcovid19.net
30	8

This site contains no links.

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://survivedcovid19.net/
Frame ID: 5E7BBB2DC011478EBEDF089D19CF799A
Requests: 4 HTTP requests in this frame

Frame: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582
Frame ID: DD8063235A6ADC4FC614EC43AF76F673
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: 8901E223669259007A9DC636B3CA94EE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: BF25808E94FEAB0342A214CC6A9CC010
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: D6DDA5CF3C5A3D1D0C665CBA82E2276E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/dp/ads?adtest=off&cpp=0&domain_name=survivedcovid19.net&hl=cs&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622087466358&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6%26ref%3D%26domain%3Dsurvivedcovid19.net%26token%3D86852d384d74def99ade4f878effcc6d%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fsurvivedcovid19.net%2F
Frame ID: 6826CCD6C7835B34026A9490F7DB9423
Requests: 2 HTTP requests in this frame

Frame: http://050005.voodoo.com/status.php?domain=survivedcovid19.net&trackingtoken=86852d384d74def99ade4f878effcc6d&status=caf&u_his=2&u_h=1200&u_w=1600&d_h=1200&d_w=1600&u_top=0&u_left=0&http_referrer=http%3A%2F%2Fsurvivedcovid19.net%2F
Frame ID: 858E0F923CA80E799628D839B19ED11A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Frame ID: A308A031ABA38BE6D75A1B47FEBF468E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Frame ID: 5FDDDE3441494CF600AD22FF55C84717
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Frame ID: 4B981834825643D59DBB5C9AC2551A00
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Frame ID: 893DC4BB8F7D2D875AFAC35777F6A157
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

30
Requests

63 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

402 kB
Transfer

674 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
survivedcovid19.net/ 791 B
1 KB 329ms
211ms Document
text/html 74.117.219.199
DNC-HOLDINGS-INC

General

Check archive.org

Show headers Download Go to

Full URL: http://survivedcovid19.net/
Protocol: HTTP/1.1
Server: 74.117.219.199 , Cayman Islands, ASN53997 (DNC-HOLDINGS-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 453749ef54667335773d7c55f07bdda9c006728e7068d56100e93635be4f1036

Request headers

Host: survivedcovid19.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 27 May 2021 03:51:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMLl0RJYcDS0N2xIgi01rOAcEtvCUTUq+IuNz5PA8eXYsfPLRkgnNehO+NbOZAlLoQnSpB5rXuRxRCTF+T1iU9sCAwEAAQ==_FzrU0O/DzPHwhUHqvo1zsrZd6OYhY/CKmMbfkIpM4HkqpULVsnDaZNpBRyCVeu0ugpO2Xos2NXdjGtQoX27wGQ==
Content-Encoding: gzip

GET
H/1.1 200
OK partner.js Show response
050005.voodoo.com/js/ 4 KB
2 KB 445ms
304ms Script
text/javascript 192.64.147.158
VOODOO1

General

Check archive.org

Show headers Download Go to

Full URL: http://050005.voodoo.com/js/partner.js
Requested by: Host: survivedcovid19.net
URL: http://survivedcovid19.net/
Protocol: HTTP/1.1
Server: 192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS: 192.64.147.158.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: e6f5b9a9fd1844a4dacadb1a372a4c775053271a138947e013a195507a85fe76

Request headers

Referer: http://survivedcovid19.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 03:51:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 May 2021 03:51:05 GMT
Server: Apache/2.2.3 (CentOS)
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMLl0RJYcDS0N2xIgi01rOAcEtvCUTUq+IuNz5PA8eXYsfPLRkgnNehO+NbOZAlLoQnSpB5rXuRxRCTF+T1iU9sCAwEAAQ==_sDzdmXzeqEhjvj0JdTVitFpua+YHRhv9DRXcZxIPa/wDyAjt/pyHGdISzGGw3cUTEmYj7p48YLJQa5qpBjbIhQ==
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: text/javascript
Content-Length: 1498
Expires: Mon, 3 Jan 1994 00:00:00

GET
H/1.1 200
OK show_afd_ads.js Show response
pagead2.googlesyndication.com/apps/domainpark/ 3 KB
2 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js

Requested by

Host: 050005.voodoo.com
URL: http://050005.voodoo.com/js/partner.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bfe95d0b1aaba7381b62b6115184b9d0db623917aa589d664dae861667793cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://survivedcovid19.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 27 May 2021 03:51:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "6126896914240740145"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 1437
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 03:51:05 GMT

GET
H2 200 ads Show response
www.google.com/dp/ 152 B
572 B 110ms
92ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/dp/ads?output=afd_ads&client=dp-voodoo21_3ph&domain_name=survivedcovid19.net&afdt=create&swp=as-drid-2464369813134582&dt=1622087465641&u_tz=120&u_his=2&u_h=1200&u_w=1600&frm=0

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

bcc18442bf34b45154607cdef3413fe1190199bbb7a609439259c34dd4fb0bed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://survivedcovid19.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:05 GMT
content-encoding: br
server: gws
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=3600
content-disposition: inline
content-type: application/json; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
expires: Thu, 27 May 2021 03:51:05 GMT

GET
H/1.1 200
OK partner.php Show response
050005.voodoo.com/ Frame DD80 14 KB
5 KB 323ms
309ms Document
text/html 192.64.147.158
VOODOO1

General

Check archive.org

Show headers Download Go to

Full URL: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582
Requested by: Host: 050005.voodoo.com
URL: http://050005.voodoo.com/js/partner.js
Protocol: HTTP/1.1
Server: 192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS: 192.64.147.158.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: 2a55a7d16895c7dd9c959813bfbc4101b5b2b2851cc1dbbb289331d29dc5e301

Request headers

Host: 050005.voodoo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://survivedcovid19.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://survivedcovid19.net/

Response headers

Date: Thu, 27 May 2021 03:51:05 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 4744
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame DD80 91 KB
92 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 10:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 62245
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 93435
X-XSS-Protection: 0
Expires: Thu, 26 May 2022 10:33:41 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame DD80 93 KB
93 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 10:28:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 62557
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 94840
X-XSS-Protection: 0
Expires: Thu, 26 May 2022 10:28:29 GMT

GET
H/1.1 200
OK caf.js Show response
050005.voodoo.com/js/ Frame DD80 8 KB
3 KB 267ms
252ms Script
text/html 192.64.147.158
VOODOO1

General

Check archive.org

Show headers Download Go to

Full URL: http://050005.voodoo.com/js/caf.js
Requested by: Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582
Protocol: HTTP/1.1
Server: 192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS: 192.64.147.158.voodoo.com
Software: Apache / PHP/5.3.8
Resource Hash: 5cd5a07b3182874ae2d7c446f05de7543680eb02d7c516cf3942395cd92f076d

Request headers

Referer: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 03:51:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 2533

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ Frame DD80 168 KB
60 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db7395a5abf138a974188a2aae5f020f46e48db86c855238afac6b32288967df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 03:51:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "13245459450254332544"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 03:51:06 GMT

GET
H/1.1 200
OK parked_header.png
redirection20.directnic.com/assets/images/ Frame DD80 46 KB
46 KB 368ms
196ms Image
image/png 74.117.219.198
DNC-HOLDINGS-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://redirection20.directnic.com/assets/images/parked_header.png
Requested by: Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582
Protocol: HTTP/1.1
Server: 74.117.219.198 , Cayman Islands, ASN53997 (DNC-HOLDINGS-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: f23c65d2cf0c22fdf0c6d6667aa9925b322860ae8846aac8b6a2c6950be3d5eb

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 27 May 2021 03:51:06 GMT
Last-Modified: Sun, 17 Nov 2019 19:59:05 GMT
Server: nginx
ETag: "5dd1a689-b6e8"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46824
Expires: Sun, 22 May 2022 03:51:06 GMT

GET
H/1.1 200
OK dnic-search-bg.png
syndication.voodoo.com/images/ Frame DD80 4 KB
5 KB 6433ms
6299ms Image
image/png 192.64.147.153
VOODOO1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://syndication.voodoo.com/images/dnic-search-bg.png
Requested by: Host: 050005.voodoo.com
URL: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582
Protocol: HTTP/1.1
Server: 192.64.147.153 , United States, ASN19867 (VOODOO1, US),
Reverse DNS: 192.64.147.153.voodoo.com
Software: Apache/2.2.3 (CentOS) /
Resource Hash: f1766d9c26242a6a17c856c3458e93d88f5ec85687be2b982d526fbe24c287f6

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 03:51:12 GMT
Last-Modified: Wed, 03 Jul 2019 18:58:59 GMT
Server: Apache/2.2.3 (CentOS)
ETag: "117d-58ccb742e62c0"
P3P: CP="CAO PSA OUR"
Cache-Control: max-age=2592000, public
Connection: close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 4477
Expires: Sat, 26 Jun 2021 03:51:12 GMT

GET
H3-29 200 iframe.html Show response
www.google.com/afs/ads/i/ Frame 8901 1 KB
663 B 13ms
13ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214cb6afaa15e5296fc6f77e14d782971a9b8f5ea0cb046c103f1d388fe8559d

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-XxXXxdjrUsbw2fNi08GRyA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads/i/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://050005.voodoo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://050005.voodoo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-XxXXxdjrUsbw2fNi08GRyA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 639
date: Thu, 27 May 2021 03:51:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iframe.html Show response
www.google.com/afs/ads/i/ Frame BF25 1 KB
664 B 14ms
13ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30450e67be52f82027d45aa0696bd11eca21a81ec01475e0bfe6757bef5f9a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-hVIM-IUNfjqNFvuHeueJ6Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads/i/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://050005.voodoo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://050005.voodoo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-hVIM-IUNfjqNFvuHeueJ6Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 640
date: Thu, 27 May 2021 03:51:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iframe.html Show response
www.google.com/afs/ads/i/ Frame D6DD 1 KB
663 B 14ms
13ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ed5b7cdcd93456da30a8dc2ab4096c483965cbc90d635d4fb02919d0b4621

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-w9xAHgXLdx3D9IPtlwBDnw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads/i/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://050005.voodoo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://050005.voodoo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-w9xAHgXLdx3D9IPtlwBDnw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 639
date: Thu, 27 May 2021 03:51:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
www.google.com/dp/ Frame 6826 13 KB
8 KB 109ms
108ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/dp/ads?adtest=off&cpp=0&domain_name=survivedcovid19.net&hl=cs&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622087466358&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6%26ref%3D%26domain%3Dsurvivedcovid19.net%26token%3D86852d384d74def99ade4f878effcc6d%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fsurvivedcovid19.net%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

23dec0f1be893b49842b8e416b26cf2b650b9e6708a88d13e205189d45da39a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /dp/ads?adtest=off&cpp=0&domain_name=survivedcovid19.net&hl=cs&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622087466358&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6%26ref%3D%26domain%3Dsurvivedcovid19.net%26token%3D86852d384d74def99ade4f878effcc6d%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fsurvivedcovid19.net%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://050005.voodoo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://050005.voodoo.com/

Response headers

content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 27 May 2021 03:51:06 GMT
expires: Thu, 27 May 2021 03:51:06 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 7857
x-xss-protection: 0
set-cookie: CONSENT=PENDING+929; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 caf.js Show response
www.google.com/adsense/domains/ Frame 6826 168 KB
59 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: www.google.com
URL: https://www.google.com/dp/ads?adtest=off&cpp=0&domain_name=survivedcovid19.net&hl=cs&client=dp-voodoo21_3ph&r=m&max_radlink_len=32&swp=as-drid-2464369813134582&afdt=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496&format=s%7Cr5%7Cr5%7Cr3&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1622087466358&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1600&ish=1200&psw=-1&psh=-1&frm=2&uio=sl1sr1--sa16sv16st22lt35-sa16sv16st22lt35-sa12st12&cont=related-3%7Crelated-2%7Crelated-1&csize=%7C%7C&inames=slave-1-1%7Cslave-2-1%7Cslave-3-1&jsv=27785&rurl=http%3A%2F%2F050005.voodoo.com%2Fpartner.php%3Fdsess%3DChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6%26ref%3D%26domain%3Dsurvivedcovid19.net%26token%3D86852d384d74def99ade4f878effcc6d%26drid%3Das-drid-2464369813134582&referer=http%3A%2F%2Fsurvivedcovid19.net%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa9f74429f2f3501c62c67360719418e8bafe1d4c2333edf01b0ddbea7a039cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "10097937148647971076"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 27 May 2021 03:51:06 GMT

GET
H2 200 bullet_doublearrow_orange.png
afs.googleusercontent.com/dp-voodoo/ Frame D6DD 896 B
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/dp-voodoo/bullet_doublearrow_orange.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f51944cc7f8309ad0b375720813c3f17969701741b6315583b1d3faddedf482c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 10:42:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Apr 2013 22:28:15 GMT
server: sffe
age: 61715
content-type: image/png
cache-control: public, max-age=82800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
expires: Thu, 27 May 2021 09:42:31 GMT

GET
H/1.1 200
OK Cookie set status.php Show response
050005.voodoo.com/ Frame 858E 0
529 B 297ms
282ms Document
text/html 192.64.147.158
VOODOO1

General

Check archive.org

Show headers Download Go to

Full URL: http://050005.voodoo.com/status.php?domain=survivedcovid19.net&trackingtoken=86852d384d74def99ade4f878effcc6d&status=caf&u_his=2&u_h=1200&u_w=1600&d_h=1200&d_w=1600&u_top=0&u_left=0&http_referrer=http%3A%2F%2Fsurvivedcovid19.net%2F
Requested by: Host: 050005.voodoo.com
URL: http://050005.voodoo.com/js/caf.js
Protocol: HTTP/1.1
Server: 192.64.147.158 , United States, ASN19867 (VOODOO1, US),
Reverse DNS: 192.64.147.158.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: 050005.voodoo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://050005.voodoo.com/partner.php?dsess=ChMIuYC-2fro8AIVEYL9Bx1Aog5eEkzcHWCDfYcK6-ipeEXR9de-JprUqF7cmwOsyv82Z0-5BjHv8fdMuVpJi7usM3sv-9H4au9QYwF4qIrVwneEpm0glbP2SenFYULFbZl6&ref=&domain=survivedcovid19.net&token=86852d384d74def99ade4f878effcc6d&drid=as-drid-2464369813134582

Response headers

Date: Thu, 27 May 2021 03:51:06 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Set-Cookie: session=86852d384d74def99ade4f878effcc6d; expires=Thu, 27-May-2021 04:21:06 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 20
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js Show response
www.google.com/js/bg/ Frame A308 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 16:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:30:00 GMT
server: sffe
age: 213461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5787
x-xss-protection: 0
expires: Tue, 24 May 2022 16:33:25 GMT

GET
H3-29 200 6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js Show response
www.google.com/js/bg/ Frame 5FDD 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 16:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:30:00 GMT
server: sffe
age: 213461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5787
x-xss-protection: 0
expires: Tue, 24 May 2022 16:33:25 GMT

GET
H3-29 200 6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js Show response
www.google.com/js/bg/ Frame 4B98 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 16:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:30:00 GMT
server: sffe
age: 213461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5787
x-xss-protection: 0
expires: Tue, 24 May 2022 16:33:25 GMT

GET
H3-29 200 6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js Show response
www.google.com/js/bg/ Frame 893D 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 16:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:30:00 GMT
server: sffe
age: 213461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5787
x-xss-protection: 0
expires: Tue, 24 May 2022 16:33:25 GMT

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 27ms
27ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=wlhstlxy9tke&aqid=KhevYLfXGtPwywXTppPABw&pbt=bs&adbx=939&adby=145&adbh=28&adbw=300&adbn=master-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=32&csadr=189&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 32ms
31ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=xjpjyf9do5g6&pbt=bs&adbx=344&adby=228&adbh=325&adbw=454&adbn=slave-1-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=30&csadr=191&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 30ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=epoho0jksh2w&pbt=bs&adbx=802&adby=228&adbh=325&adbw=454&adbn=slave-2-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=28&csadr=193&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 34ms
34ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=7yf8fqighias&pbt=bs&adbx=321&adby=185&adbh=22&adbw=958&adbn=slave-3-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=24&csadr=198&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 29ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=4qz7zqbf95bf&aqid=KhevYLfXGtPwywXTppPABw&pbt=bv&adbx=939&adby=145&adbh=28&adbw=300&adbn=master-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=32&csadr=189&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 30ms
29ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=r5jdazd2s36b&pbt=bv&adbx=344&adby=228&adbh=325&adbw=454&adbn=slave-1-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=30&csadr=191&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 29ms
29ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=2gqx44frg06b&pbt=bv&adbx=802&adby=228&adbh=325&adbw=454&adbn=slave-2-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=28&csadr=193&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ Frame DD80 0
15 B 32ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-voodoo21_3ph&output=uds_ads_only&zx=d0fr85kwutep&pbt=bv&adbx=321&adby=185&adbh=22&adbw=958&adbn=slave-3-1&eawp=partner-dp-voodoo21_3ph&errv=2778577214847641062&csadii=24&csadr=198&lle=0&llm=1000&ifv=1&usr=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://050005.voodoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:51:08 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://050005.voodoo.com/js/partner.js(Line 12) Message: [object Object]
console-api	log	URL: http://050005.voodoo.com/js/caf.js(Line 77) Message: requestAccepted in cafCallback
console-api	log	URL: http://050005.voodoo.com/js/caf.js(Line 78) Message: [object Object]
console-api	log	URL: http://050005.voodoo.com/js/caf.js(Line 21) Message: [object Object]
console-api	log	URL: http://050005.voodoo.com/js/caf.js(Line 22) Message: [object Object]
console-api	log	URL: http://050005.voodoo.com/js/caf.js(Line 24) Message: requestAccepted

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

050005.voodoo.com
afs.googleusercontent.com
ajax.googleapis.com
pagead2.googlesyndication.com
redirection20.directnic.com
survivedcovid19.net
syndication.voodoo.com
www.google.com
192.64.147.153
192.64.147.158
2a00:1450:4001:803::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
74.117.219.198
74.117.219.199
0c4ed5b7cdcd93456da30a8dc2ab4096c483965cbc90d635d4fb02919d0b4621
214cb6afaa15e5296fc6f77e14d782971a9b8f5ea0cb046c103f1d388fe8559d
23dec0f1be893b49842b8e416b26cf2b650b9e6708a88d13e205189d45da39a5
2a55a7d16895c7dd9c959813bfbc4101b5b2b2851cc1dbbb289331d29dc5e301
453749ef54667335773d7c55f07bdda9c006728e7068d56100e93635be4f1036
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5bfe95d0b1aaba7381b62b6115184b9d0db623917aa589d664dae861667793cd
5cd5a07b3182874ae2d7c446f05de7543680eb02d7c516cf3942395cd92f076d
a30450e67be52f82027d45aa0696bd11eca21a81ec01475e0bfe6757bef5f9a5
aa9f74429f2f3501c62c67360719418e8bafe1d4c2333edf01b0ddbea7a039cc
bcc18442bf34b45154607cdef3413fe1190199bbb7a609439259c34dd4fb0bed
db7395a5abf138a974188a2aae5f020f46e48db86c855238afac6b32288967df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f5b9a9fd1844a4dacadb1a372a4c775053271a138947e013a195507a85fe76
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
f1766d9c26242a6a17c856c3458e93d88f5ec85687be2b982d526fbe24c287f6
f23c65d2cf0c22fdf0c6d6667aa9925b322860ae8846aac8b6a2c6950be3d5eb
f51944cc7f8309ad0b375720813c3f17969701741b6315583b1d3faddedf482c
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

survivedcovid19.net Open in urlscan Pro 74.117.219.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

30 Requests

63 %HTTPS

50 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

402 kBTransfer

674 kBSize

0 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

survivedcovid19.net Open in urlscan Pro
74.117.219.199 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

63 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

402 kB
Transfer

674 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions