www.freemp3.wepqu.com Open in urlscan Pro
172.67.186.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.freemp3.wepqu.com/
Submission: On October 24 via api (October 24th 2023, 3:38:00 am UTC) from US — Scanned from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 19 HTTP transactions. The main IP is 172.67.186.212, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.freemp3.wepqu.com.

This is the only time www.freemp3.wepqu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	172.67.186.212 172.67.186.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:bad4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::69	15169 (GOOGLE) (GOOGLE)
19	5

6 172.67.186.212 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.freemp3.wepqu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bad4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.freemp3.wepqu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	226 KB
7	wepqu.com 1 redirects www.freemp3.wepqu.com	19 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	329 B
19	5

	Domain	Requested by
7	www.freemp3.wepqu.com	1 redirects www.freemp3.wepqu.com
6	pagead2.googlesyndication.com	www.freemp3.wepqu.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
19	6

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://www.freemp3.wepqu.com/
Frame ID: B30C56EFDDFE114158E17E38146421D3
Requests: 9 HTTP requests in this frame

Frame: http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: 011010CED6FD608C7E10CD78EAA7D119
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/zrt_lookup.html
Frame ID: 51EACAA7A75D96008F94F462FC61344D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735456764042638&output=html&adk=1812271804&adf=3025194257&lmt=1698154674&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.freemp3.wepqu.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1698118675869&bpp=4&bdt=1350&idt=357&shv=r20231019&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8299177225317&frm=20&pv=2&ga_vid=518022179.1698118676&ga_sid=1698118676&ga_hid=937151674&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44798934%2C44805113%2C44805534%2C44805932%2C31078301%2C31079057%2C44803791&oid=2&pvsid=2123811153811853&tmod=790183751&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=375
Frame ID: 239AE2D245AC0162DE47F3371B0DFF55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4AEF9ADBFFEAFC1CE9C0E33BD516A47
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D55E1D0A31B6DA5B6BDBBF8F989980B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Global Play Lists

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

19
Requests

63 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

251 kB
Transfer

662 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 500
Internal Server Error Primary Request / Show response
www.freemp3.wepqu.com/ 5 KB
6 KB 2665ms
391ms Document
text/html 172.67.186.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freemp3.wepqu.com/
Protocol: HTTP/1.1
Server: 172.67.186.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.23
Resource Hash: 55f5e8a29bbfbc4fc3eaa6a149b1b6b511e7108edfa02486dbaef58e73253fd6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 81af2f116ea06da7-MIA
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Oct 2023 03:37:54 GMT
Expires: Tue, 24 Oct 2022 03:37:54 GMT
Last-Modified: Tue, 24 Oct 2023 03:37:54 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsbKzXQggysj4gbJoK4b%2BCDZHRqmUktKFoLCxAybaybwtjkMzDkI1Bod%2ByDhN9bpANZvWxCaIOA1gRTisNtnXPcMcrV0%2BMPulohgPg2oesw187zugBEGwMfuTBqLKVlIJtdRJs1Vxag%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/8.1.23
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
www.freemp3.wepqu.com/ 5 KB
2 KB 1040ms
1039ms Stylesheet
text/css 172.67.186.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freemp3.wepqu.com/style.css
Requested by: Host: www.freemp3.wepqu.com
URL: http://www.freemp3.wepqu.com/
Protocol: HTTP/1.1
Server: 172.67.186.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99d29e2f958f223f309f35f4b9bc51d699617e9ba916c3487d8142fecfd12345

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 03:37:55 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Fri, 31 Aug 2018 05:58:54 GMT
Server: cloudflare
ETag: W/"5b88d91e-15a4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUaAqIh2T0gxrKE%2Boz9TiwiPchjdEZ7uo3TywjOHH3VuxY6xBlf8dxhKNdiUAXO%2FZT7FgVN68zue%2BgL8hFweCFUd%2B1s0DzkaNAndXGUqqP%2FdZamHqKnmGjJrDD9ziZ4WGMg4cY%2FPo9Y%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 81af2f13e8cf6da7-MIA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK rocket-loader.min.js Show response
www.freemp3.wepqu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 62ms
36ms Script
application/javascript 2606:4700:3032::ac43:bad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.freemp3.wepqu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.freemp3.wepqu.com
URL: http://www.freemp3.wepqu.com/

Protocol

HTTP/1.1

Server

2606:4700:3032::ac43:bad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 03:37:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 16 Oct 2023 11:32:23 GMT
Server: cloudflare
ETag: W/"652d1f47-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrfVeavWsz1x8DEJ%2FEzmitoIOUFJ5TP4%2F%2FlgBaOweA9CYmirObuGyPl8nHXkrhbLADFAkR4cZGw70jMoTD5Bsfq93aoSQ1GnVEuO8NtMMRIKgtkgBIBiKXZAx46qS5%2B5qxEZlAi10%2Bgvx7kkjEu2o8c7IEY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 81af2f140f8a2886-MIA
Expires: Thu, 26 Oct 2023 03:37:54 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
53 KB 127ms
76ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.freemp3.wepqu.com
URL: http://www.freemp3.wepqu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34b708cbaa82703298730106af8fdebcc5cdd608f8ae9140f4ad89b428bd6808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 03:37:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 53799
X-XSS-Protection: 0
Server: cafe
ETag: 6746820512977642362
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 24 Oct 2023 03:37:55 GMT

GET
H/1.1

200
OK

main.js Show response
www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame 0110
Redirect Chain

http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

7 KB
4 KB

35ms
34ms

Script
application/javascript

172.67.186.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Protocol

HTTP/1.1

Server

172.67.186.212 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049c33dd85522de4d091fb25682016af2331d6f986c4771d0a0fc6114ace2796

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 03:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YALrJC4jMwiUIXgoOuX5q8NLHUsiFka6pS7ebi9nIIKN%2B2FxP%2Fl6FlAQ%2B9%2BOz25PADXt7vTbPpXLZSsZK104JyJh5o7qNtheYpbRQAwTMv2hxUsIZgLtq44x6RFxzWmisZIpSzp4Xp4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, public
Connection: keep-alive
CF-RAY: 81af2f1adf8a6da7-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Tue, 24 Oct 2023 03:37:55 GMT
content-encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97YxmO%2FDNygkgExF4OYylPvs6XtWiE2cpTwE83GakUt0Q6lnX6XiNbizRvtVcKNow88ldna4JwEacuQcijaeX7u62oPPY7GQPcCWoUhl9vRxK0C01Lt5hev4xn0IBeg7vuUsFxmd%2FhQ%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
Connection: keep-alive
CF-RAY: 81af2f1a9f4a6da7-MIA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK 81af2f116ea06da7 Show response
www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0110 0
832 B 67ms
67ms XHR
text/plain 172.67.186.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/jsd/r/81af2f116ea06da7
Requested by: Host: www.freemp3.wepqu.com
URL: http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: HTTP/1.1
Server: 172.67.186.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 24 Oct 2023 03:37:55 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoLSBT3utpuCnaFoKBCWBYXBN8gdAq7cICFFfbzxKdug6D%2FOwCy3INMaz5PJjY3BNEXHWNuP%2FCXPFcGmCTt8azT0BlcLJgYkvlMzwuh1IuN3Mu3M16ToIvPUQIeqoZew0osov%2ByVa14%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 81af2f1bb87f6da7-MIA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK 81af2f116ea06da7 Show response
www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0110 0
838 B 40ms
40ms XHR
text/plain 172.67.186.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/h/b/jsd/r/81af2f116ea06da7
Requested by: Host: www.freemp3.wepqu.com
URL: http://www.freemp3.wepqu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: HTTP/1.1
Server: 172.67.186.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 24 Oct 2023 03:37:55 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9n5tvDZjbVyu2mnmRkMKfvzk9AbfJf6nSikXYKB0i7tdJMCcK7Vxj5YS8S3cKKqrZV9q4A7AlMvkY2BguvbBBT7ArMs%2FhGoj%2BcY%2Fl4%2B9zCN0aGXt3pWLKfGFnsXSx6SaLAeb6g%2BcxM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 81af2f1c28e66da7-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/ 395 KB
134 KB 200ms
94ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079057

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d390ae8058c4fa9a5b7e5aa68015fe8bec53b5a528953d6a195c41028ea2dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137101
x-xss-protection: 0
server: cafe
etag: 14585744523976921911
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 03:37:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/ Frame 51EA 10 KB
5 KB 159ms
53ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.freemp3.wepqu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 16495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 23:03:01 GMT
etag: 4569948109300706969
expires: Mon, 06 Nov 2023 23:03:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
329 B 63ms
62ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.freemp3.wepqu.com&callback=_gfp_s_&client=ca-pub-8735456764042638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

053d94fac48e124580c01d755cc92e3ecb947ba0ea76f22f825325aad1cdc397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 239A 603 B
245 B 129ms
127ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735456764042638&output=html&adk=1812271804&adf=3025194257&lmt=1698154674&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.freemp3.wepqu.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1698118675869&bpp=4&bdt=1350&idt=357&shv=r20231019&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8299177225317&frm=20&pv=2&ga_vid=518022179.1698118676&ga_sid=1698118676&ga_hid=937151674&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44798934%2C44805113%2C44805534%2C44805932%2C31078301%2C31079057%2C44803791&oid=2&pvsid=2123811153811853&tmod=790183751&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=375

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.freemp3.wepqu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:37:56 GMT
expires: Tue, 24 Oct 2023 03:37:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 177ms
73ms XHR
application/json 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231019&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24cb7e91b510ac9500b139b464048525f1023b61f452a86fc8df18d920030f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12211
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 161ms
55ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 03:37:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4AE 13 KB
5 KB 54ms
52ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.freemp3.wepqu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 309695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 13:36:21 GMT
expires: Sat, 19 Oct 2024 13:36:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D55 829 B
1 KB 174ms
69ms Document
text/html 2607:f8b0:4004:c17::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a47b2ded59d3e661ab543ad02649016981d0a23f8d1fa9438586715a77ed2e6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rICVrb1WgfO24zCIE_YhxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.freemp3.wepqu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rICVrb1WgfO24zCIE_YhxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 03:37:56 GMT
expires: Tue, 24 Oct 2023 03:37:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response
pagead2.googlesyndication.com/bg/ Frame D4AE 37 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 05:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Oct 2024 05:51:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D55 0
0 66ms
66ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231019&jk=2123811153811853&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D4AE 0
10 B 51ms
51ms Image
text/plain 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ADFBEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:37:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231019&jk=2123811153811853&bg=!gIOlg8zNAAbDUgby41I7ADQBe5WfOGsXVHP2uw610mnaCfwoDp7SjTsBnhG4y6Dp3-4gxWSHFKNy6Q_wL6wWpJdDeZLwAgAAAF1SAAAAAmgBBwoAZBb1uAIKNXGMZscaPibaB31QwUbYzMsP0531j61A-j8h7kmHz3NyfmQpcBMttRANfuV0UDbZjKhRjbXU48136ep-6tHvCj1UGeKMSDJ6bO4aV8izRZldsPZzrg7du6KW_uggBouZAs3kTELlxLVRwiiKDkcKpgfdBCZPDMkkxkoJaz5i-46bfn9-5O5VdwDqqKmWgz83Pq4gtR6Dv9HcwmddoeezwCcRc2S1J4dgMe6tHE471xKVi8kXZX9vqhLx5NKgZRwQvDTYCW7Hsd2mREr_7OXkGU_A8lrUri1TKJTbF8KVuxadohrnw_9QH_voLYogCSi6uQOvRLi64-zsztuCCxK7H_SMlEJCj08lvMJdYxtGV5vsqB26i8xyKDADXqe7NoUyd9PqfLOGh5_qJTA8blBeYh7jQi8lIaZ7UD9JGSMBYrIM_fxa5Beg2bwNQ_AYa0m-Hi67WzTbwV0-PqFK5Hzr_6cq5r2pdkJH0H3jnJHt7o2j-Y_hyBPCl_bbakdLvOpSDIMMukT4PhtAZlFK2JDbnZPZPqwtUTazAENT7B7DiCrUfYEnVtgMXMDUMItuLCHyMTNz3dH4hGd6jofPhlBk3al6xkRVkRGbdh2uhFruvQEAQJwy47epOGp7LNsG_zVm-hQ9hUtw1E1XPbj_snQV66Ts_Z2ZW9EnrvjMh6yCIXbo1PRpzsTW1orzEserx28fMOftgu54PXQtmPN4owKZVBuYkP7c8G5BzItCeam4EpMWLl1RJDDNd-5wBGXWroS0ROIr9DVkUoKuEDQU51lh9n-sybqxcKrYrlbbfI8Aeqi0tqPRfVxqp59qDylVwt3ZUemZ7U1Z9FOmpAS5pd4zUUQVVu6oYBn-UZ6YwuH0ljRM-FFrD1vmZs1X914JYnU59R1wsvWJ7_616AfZfdhKBLo4-3Ce9jIBtcYykRStPQe7ZKPDEz4iLkFKIi1TfjQJ2KvSvic7tLBiRcoj6I4q7qFjKld-xG0o6jI74NWWDk031_YenWOKBedcu91rLeZsEmwNC2O9kaks4YfjbODZ9mOj6EGdduM0X6JbwCUtmgMqnJ47hPF4PemLd5IXOQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.freemp3.wepqu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wepqu.com/	1970-01-21 01:03:34	Name: __gads Value: ID=ea374a346a729587-22780b59a6e400fa:T=1698118676:RT=1698118676:S=ALNI_MYYYbqKo6s6-RB7ZN2SA7cYwOFfPg
.wepqu.com/	1970-01-21 01:03:34	Name: __gpi Value: UID=00000d9c2042aeb4:T=1698118676:RT=1698118676:S=ALNI_MabBS7X6x-Apzu2niVGGzCMB4msIA
.doubleclick.net/	1970-01-20 15:41:59	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.freemp3.wepqu.com/ Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.freemp3.wepqu.com
www.google.com
172.67.186.212
2606:4700:3032::ac43:bad4
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c17::69
2607:f8b0:4004:c17::84
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
049c33dd85522de4d091fb25682016af2331d6f986c4771d0a0fc6114ace2796
053d94fac48e124580c01d755cc92e3ecb947ba0ea76f22f825325aad1cdc397
24cb7e91b510ac9500b139b464048525f1023b61f452a86fc8df18d920030f71
34b708cbaa82703298730106af8fdebcc5cdd608f8ae9140f4ad89b428bd6808
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f5e8a29bbfbc4fc3eaa6a149b1b6b511e7108edfa02486dbaef58e73253fd6
5d390ae8058c4fa9a5b7e5aa68015fe8bec53b5a528953d6a195c41028ea2dd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
99d29e2f958f223f309f35f4b9bc51d699617e9ba916c3487d8142fecfd12345
a47b2ded59d3e661ab543ad02649016981d0a23f8d1fa9438586715a77ed2e6b
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.freemp3.wepqu.com Open in urlscan Pro 172.67.186.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

63 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

5 IPs

1 Countries

251 kBTransfer

662 kBSize

3 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

www.freemp3.wepqu.com Open in urlscan Pro
172.67.186.212 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

63 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

251 kB
Transfer

662 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions