urlscan.io logo urlscan.io
SecurityTrails logo

www.zqu.xbb.temporary.site Open in urlscan Pro
192.254.185.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.zqu.xbb.temporary.site/
Submission: On June 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 53 HTTP transactions. The main IP is 192.254.185.36, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.zqu.xbb.temporary.site.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time www.zqu.xbb.temporary.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 192.254.185.36 46606 (UNIFIEDLA...)
15 172.217.23.98 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
53 5
30    192.254.185.36 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-185-36.unifiedlayer.com
www.zqu.xbb.temporary.site
freedom3d.org
15    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
29 freedom3d.org
freedom3d.org
7 MB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
214 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3242
pixel.wp.com — Cisco Umbrella Rank: 3184
3 KB
1 temporary.site
www.zqu.xbb.temporary.site
37 KB
53 4
Domain Requested by
29 freedom3d.org www.zqu.xbb.temporary.site
15 pagead2.googlesyndication.com www.zqu.xbb.temporary.site
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 pixel.wp.com www.zqu.xbb.temporary.site
1 stats.wp.com www.zqu.xbb.temporary.site
1 www.zqu.xbb.temporary.site
53 6

This site contains links to these domains. Also see Links.

Domain
freedom3d.org
freedom3d.art
freedom3d.net
shareasale.com
shrsl.com
www.youtube.com
Subject Issuer Validity Valid
zqu.xbb.temporary.site
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://www.zqu.xbb.temporary.site/
Frame ID: C7BBE8BF9235A8A62EE206746B235118
Requests: 41 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Frame ID: AEAEE5C885123956E02BEF1E609F2E4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717854933&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_9~29_10&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933452&bpp=2&bdt=3465&idt=316&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2468642364213&frm=20&pv=2&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fsapi=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=334
Frame ID: 64BDCB82158FBC1336628A90A13D3AB3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=200&slotname=8866011629&adk=4228424373&adf=1755771042&pi=t.ma~as.8866011629&w=888&abgtt=6&fwrn=4&lmt=1717854933&rafmt=11&format=888x200&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933454&bpp=1&bdt=3467&idt=345&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=350
Frame ID: CF9FE6B9D972CF1CE01C8A0866CB4D2A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=200&slotname=5183037040&adk=2760775708&adf=3333035749&pi=t.ma~as.5183037040&w=888&abgtt=6&fwrn=4&lmt=1717854933&rafmt=11&format=888x200&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933455&bpp=1&bdt=3468&idt=354&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=355
Frame ID: 97387DA1E5DD0D24840273DEE8737BA7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=1287652934&adk=3367378512&adf=2202018338&pi=t.ma~as.1287652934&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933456&bpp=1&bdt=3468&idt=358&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&nt=1&ifi=4&uci=a!4&fsb=1&dtd=359
Frame ID: 1FBC84821CF818BA5776DA79C718CEB0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=7174404435&adk=4191370949&adf=3140140441&pi=t.ma~as.7174404435&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933456&bpp=1&bdt=3469&idt=363&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=365
Frame ID: DCE3DF49084BA0442CA5257CBFC65511
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=2221907767&adk=2737585050&adf=1798466797&pi=t.ma~as.2221907767&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933456&bpp=1&bdt=3469&idt=369&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=2016&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=370
Frame ID: 1EDE6E03F276F6B99ADEA839F148A368
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=3036096297&adk=499470638&adf=1013160263&pi=t.ma~as.3036096297&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933457&bpp=1&bdt=3470&idt=372&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=2646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=373
Frame ID: 9EAF1F97D5A4C7B84397B25D6F5F6C44
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=7081236798&adk=1518614930&adf=3280296476&pi=t.ma~as.7081236798&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933457&bpp=1&bdt=3470&idt=379&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=3276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=380
Frame ID: 66787FBA4A6A05AA2D82286B876C75BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=6592197921&adk=1911608472&adf=2874117383&pi=t.ma~as.6592197921&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933457&bpp=1&bdt=3470&idt=384&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=3906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&nt=1&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=385
Frame ID: 9755662F105B0B789C7F9F0497649D61
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=3207239265&adk=1206592608&adf=1544609445&pi=t.ma~as.3207239265&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933458&bpp=1&bdt=3471&idt=387&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=4536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&nt=1&ifi=10&uci=a!a&btvi=8&fsb=1&dtd=388
Frame ID: EB51B0AD0B8F7ED2A3CAA2E26BD7138E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC8CD47E41277E4EDEBF38E068DC2DC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Freedom 3D Models & Scans - All 3D Models FREE for you! FBX, OBJ, Blender, 3D Scanned

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

53
Requests

92 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

7446 kB
Transfer

8427 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zqu.xbb.temporary.site/ 		135 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
nginx/1.21.6 /
Resource Hash
22f82667fcc521d60f0adf31a747a87177c39c894bfa2631e1bece4a96679397

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Jun 2024 13:55:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://freedom3d.org/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
nginx/1.21.6
vary
Accept-Encoding
x-endurance-cache-level
2
x-newfold-cache-level
2
x-nginx-cache
WordPress
x-proxy-cache
MISS
x-server-cache
true
sdm_wp_styles.css
freedom3d.org/wp-content/plugins/simple-download-monitor/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/simple-download-monitor/css/sdm_wp_styles.css?ver=4df9c6a87a5348943db2d4fc694905de
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
eb10c0905a2bf5fe20aefef7192dcd3c33aab5c838eebbc5790b9b80a3e33b3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Fri, 17 May 2024 22:46:14 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3571
expires
Mon, 08 Jul 2024 13:55:30 GMT
style.min.css
freedom3d.org/wp-includes/blocks/navigation/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-includes/blocks/navigation/style.min.css?ver=4df9c6a87a5348943db2d4fc694905de
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Wed, 03 Apr 2024 00:40:39 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3258
expires
Mon, 08 Jul 2024 13:55:30 GMT
edd-blocks.css
freedom3d.org/wp-content/plugins/easy-digital-downloads/includes/blocks/assets/css/ 		294 B
273 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/easy-digital-downloads/includes/blocks/assets/css/edd-blocks.css?ver=3.2.12
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
d922fc2fc26115fb47f3089f0c7947cd13a8fba5d6184add1ce465da07763a3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Tue, 30 Apr 2024 05:28:53 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
214
expires
Mon, 08 Jul 2024 13:55:30 GMT
4fc30d60-9944-482c-afe8-ff3542806c28
https://www.zqu.xbb.temporary.site/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.zqu.xbb.temporary.site/4fc30d60-9944-482c-afe8-ff3542806c28
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
frontend.css
freedom3d.org/wp-content/plugins/paid-memberships-pro/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=3.0.4
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
38ba1aecacdb73bb6d4206ab713adeb0a662066d7fea23bce4b2bd7ba4b6674e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Thu, 09 May 2024 05:28:59 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5966
expires
Mon, 08 Jul 2024 13:55:30 GMT
print.css
freedom3d.org/wp-content/plugins/paid-memberships-pro/css/ 		86 B
157 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/paid-memberships-pro/css/print.css?ver=3.0.4
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
8bfde7d10e2082b756f613f164fb156c71bc74a376074ddb7f59abfba66a2740

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Thu, 09 May 2024 05:28:59 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
97
expires
Mon, 08 Jul 2024 13:55:38 GMT
style.css
freedom3d.org/wp-content/plugins/search-filter/ 		577 B
373 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/search-filter/style.css?ver=1
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
071ca38b8cec663d589e0f75341f534a696edc4aee2b99d6e502c98fa04ee020

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 03:30:04 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
272
expires
Mon, 08 Jul 2024 13:55:30 GMT
edd.min.css
freedom3d.org/wp-content/plugins/easy-digital-downloads/assets/css/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/easy-digital-downloads/assets/css/edd.min.css?ver=3.2.12
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
f7694fd04a2a0f7de560b7c43808ab767eb2672a733aa0a3fd752dd11f3da515

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Tue, 30 Apr 2024 05:28:53 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5600
expires
Mon, 08 Jul 2024 13:55:30 GMT
dashicons.min.css
freedom3d.org/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-includes/css/dashicons.min.css?ver=4df9c6a87a5348943db2d4fc694905de
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Thu, 04 Mar 2021 08:46:22 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
expires
Mon, 08 Jul 2024 13:55:30 GMT
ponyfill.css
freedom3d.org/wp-content/themes/blockbase/assets/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/themes/blockbase/assets/ponyfill.css?ver=3.1.17
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
e25214a561b07deb10d2cb8a971f6bfea951159656ede76f10eb6679c6d76a65

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Sun, 02 Jun 2024 10:36:09 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
x-newfold-cache-level
2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6804
expires
Mon, 08 Jul 2024 13:55:30 GMT
jquery.min.js
freedom3d.org/wp-includes/js/jquery/ 		86 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Wed, 08 Nov 2023 00:55:33 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
x-newfold-cache-level
2
cache-control
max-age=21600
accept-ranges
bytes
expires
Sat, 08 Jun 2024 19:55:30 GMT
jquery-migrate.min.js
freedom3d.org/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:30 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Fri, 09 Jun 2023 16:19:24 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
x-newfold-cache-level
2
cache-control
max-age=21600
accept-ranges
bytes
content-length
5422
expires
Sat, 08 Jun 2024 19:55:30 GMT
sdm_wp_scripts.js
freedom3d.org/wp-content/plugins/simple-download-monitor/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/simple-download-monitor/js/sdm_wp_scripts.js?ver=4df9c6a87a5348943db2d4fc694905de
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
53d9c9ed3d147946f678b224d21cff1a6b50a88dc921043828b32c90edcb66a4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:32 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Fri, 17 May 2024 22:46:14 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
x-newfold-cache-level
2
cache-control
max-age=21600
accept-ranges
bytes
content-length
1188
expires
Sat, 08 Jun 2024 19:55:32 GMT
view.min.js
freedom3d.org/wp-includes/blocks/navigation/ 		0
0
interactivity.min.js
freedom3d.org/wp-includes/js/dist/ 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5564317248950729
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
9fdc82f1d391a68ae009cb7d905d2ede9f10be47146aca213ddf7afb83310806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Origin
https://www.zqu.xbb.temporary.site
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52205
x-xss-protection
0
server
cafe
etag
5451052579416166897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 08 Jun 2024 13:55:33 GMT
freedom-arts-3d-256.png
freedom3d.org/wp-content/uploads/2024/06/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/06/freedom-arts-3d-256.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
b7e558d994e38f9f067681bf41d5a619bef2bee8ca3decf69db8e2a59cde4617

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:32 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61652
expires
Sun, 08 Jun 2025 13:55:32 GMT
almond-01-3D-Model-Scannned.png
freedom3d.org/wp-content/uploads/2024/05/ 		719 KB
719 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/almond-01-3D-Model-Scannned.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
53ae2d4383a203f0b83a1825f1f968cc1936477e50168f5c8b58f260c26a93e1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:32 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
736115
expires
Sun, 08 Jun 2025 13:55:32 GMT
walnut-01-3D-Scans-Model.png
freedom3d.org/wp-content/uploads/2024/05/ 		669 KB
669 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/walnut-01-3D-Scans-Model.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
048c1f7650d32ed2c96b4a1aafcb64a227c7a424981592832e9ef75f4d12274f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:32 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
685068
expires
Sun, 08 Jun 2025 13:55:32 GMT
sun-earth-moon.png
freedom3d.org/wp-content/uploads/2024/05/ 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/sun-earth-moon.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
7ba8aee8117d8ca623fb1c019c5db51f03cc5cba519c92b0437cb6b427f5d1af

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
318704
expires
Sun, 08 Jun 2025 13:55:38 GMT
icon.png
freedom3d.org/wp-content/plugins/chp-ads-block-detector/assets/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Wed, 17 Jan 2024 17:30:28 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15671
expires
Sun, 08 Jun 2025 13:55:38 GMT
edd-ajax.js
freedom3d.org/wp-content/plugins/easy-digital-downloads/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/easy-digital-downloads/assets/js/edd-ajax.js?ver=3.2.12
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
b9052ea598420869c9196e164a35704bc0784102625072cd258e14125fcf5d92

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Tue, 30 Apr 2024 05:28:53 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
x-newfold-cache-level
2
cache-control
max-age=21600
accept-ranges
bytes
content-length
5194
expires
Sat, 08 Jun 2024 19:55:38 GMT
e-202423.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202423.js
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Sat, 08 Jun 2024 13:55:33 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356443.5398
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 May 2025 00:50:42 GMT
hoverIntent.min.js
freedom3d.org/wp-includes/js/ 		1 KB
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Sat, 09 Apr 2022 06:37:18 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
x-newfold-cache-level
2
cache-control
max-age=21600
accept-ranges
bytes
content-length
707
expires
Sat, 08 Jun 2024 19:55:38 GMT
maxmegamenu.js
freedom3d.org/wp-content/plugins/megamenu/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.3.1
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
a875e1d5f8cfe252cc8f5e04d750dd8c771fb8aceabd435d548425a445ab61d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Mon, 05 Feb 2024 17:29:16 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
x-newfold-cache-level
2
cache-control
max-age=21600
accept-ranges
bytes
content-length
7966
expires
Sat, 08 Jun 2024 19:55:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5564317248950729
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
9fdc82f1d391a68ae009cb7d905d2ede9f10be47146aca213ddf7afb83310806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Origin
https://www.zqu.xbb.temporary.site
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52205
x-xss-protection
0
server
cafe
etag
5451052579416166897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 08 Jun 2024 13:55:33 GMT
03-1.png
freedom3d.org/wp-content/uploads/2023/04/ 		533 KB
533 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2023/04/03-1.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
8e6b35e016921953a1ae6c4553952232a2fc6b289c3a022c509da9d53acd409a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:36 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
545585
expires
Sun, 08 Jun 2025 13:55:38 GMT
image-3.png
freedom3d.org/wp-content/uploads/2024/05/ 		919 KB
920 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/image-3.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
2f12ebf8816fa45824329d1165c958f8ec224a6a02cb67c46abea454230ea1e9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
941414
expires
Sun, 08 Jun 2025 13:55:38 GMT
Malaysian-Food-Nasi-Lemak-Ayam-Kari-01.png
freedom3d.org/wp-content/uploads/2024/05/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/Malaysian-Food-Nasi-Lemak-Ayam-Kari-01.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
c14d1549486bf8c4cef2ac9e2bf1bfaa19a3d1f7c6d2f6e9844186ba68ae6112

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1607233
expires
Sun, 08 Jun 2025 13:55:38 GMT
image-2.png
freedom3d.org/wp-content/uploads/2024/05/ 		843 KB
843 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/image-2.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
f4140aef607106907ec91582e649552cae7c1ef1acb70444cee9ed3cf0df3c46

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
863011
expires
Sun, 08 Jun 2025 13:55:38 GMT
apple-03-3D-Scans-Model.png
freedom3d.org/wp-content/uploads/2024/05/ 		722 KB
722 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/apple-03-3D-Scans-Model.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
65001f9bd627ac54f3dc9e9e2233985f6421e046f9b0f8bd64c4aeddbececdad

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
738904
expires
Sun, 08 Jun 2025 13:55:38 GMT
strawberry-01-3D-Scans-Model.png
freedom3d.org/wp-content/uploads/2024/05/ 		703 KB
703 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedom3d.org/wp-content/uploads/2024/05/strawberry-01-3D-Scans-Model.png
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
ba0813d631114504a8003a030c1d49becc9de7183103533c2a1a774c692cf44a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:38 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
719826
expires
Sun, 08 Jun 2025 13:55:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5564317248950729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
5dfd03855a4a1d88d87e6a17c15930c1310dd0765cea9347558d7e924a5f6956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147102
x-xss-protection
0
server
cafe
etag
17289923339467666673
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 08 Jun 2024 13:55:33 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/ Frame AEAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
17299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 09:07:14 GMT
etag
3711839061170457607
expires
Sat, 22 Jun 2024 09:07:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 64BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717854933&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_9~29_10&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933452&bpp=2&bdt=3465&idt=316&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2468642364213&frm=20&pv=2&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fsapi=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=334
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame CF9F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=200&slotname=8866011629&adk=4228424373&adf=1755771042&pi=t.ma~as.8866011629&w=888&abgtt=6&fwrn=4&lmt=1717854933&rafmt=11&format=888x200&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933454&bpp=1&bdt=3467&idt=345&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=350
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 9738 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=200&slotname=5183037040&adk=2760775708&adf=3333035749&pi=t.ma~as.5183037040&w=888&abgtt=6&fwrn=4&lmt=1717854933&rafmt=11&format=888x200&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933455&bpp=1&bdt=3468&idt=354&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=355
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 1FBC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=1287652934&adk=3367378512&adf=2202018338&pi=t.ma~as.1287652934&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933456&bpp=1&bdt=3468&idt=358&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&nt=1&ifi=4&uci=a!4&fsb=1&dtd=359
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame DCE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=7174404435&adk=4191370949&adf=3140140441&pi=t.ma~as.7174404435&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933456&bpp=1&bdt=3469&idt=363&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=365
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 1EDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=2221907767&adk=2737585050&adf=1798466797&pi=t.ma~as.2221907767&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933456&bpp=1&bdt=3469&idt=369&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=2016&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=370
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 9EAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=3036096297&adk=499470638&adf=1013160263&pi=t.ma~as.3036096297&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933457&bpp=1&bdt=3470&idt=372&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=2646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=373
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 6678 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=7081236798&adk=1518614930&adf=3280296476&pi=t.ma~as.7081236798&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933457&bpp=1&bdt=3470&idt=379&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=3276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=380
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 9755 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=6592197921&adk=1911608472&adf=2874117383&pi=t.ma~as.6592197921&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933457&bpp=1&bdt=3470&idt=384&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=3906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&nt=1&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=385
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame EB51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5564317248950729&output=html&h=600&slotname=3207239265&adk=1206592608&adf=1544609445&pi=t.ma~as.3207239265&w=296&abgtt=6&fwrn=4&fwrnh=100&lmt=1717854933&rafmt=1&format=296x600&url=https%3A%2F%2Fwww.zqu.xbb.temporary.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717854933458&bpp=1&bdt=3471&idt=387&shv=r20240605&mjsv=m202406050102&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C888x200%2C888x200%2C296x600%2C296x600%2C296x600%2C296x600%2C296x600%2C296x600&nras=1&correlator=2468642364213&frm=20&pv=1&ga_vid=227576659.1717854934&ga_sid=1717854934&ga_hid=2120155045&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1274&ady=4536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334511%2C95334526%2C95334571%2C95334828%2C95335263%2C31084381%2C95334054%2C95334156%2C31078668&oid=2&pvsid=3948840770841775&tmod=182093230&uas=0&nvt=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&nt=1&ifi=10&uci=a!a&btvi=8&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 13:55:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=223514544&post=0&tz=0&srv=freedom3d.org&j=1%3A13.4.3&host=www.zqu.xbb.temporary.site&ref=&fcp=12230&rand=0.054032094067765435
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 08 Jun 2024 13:55:40 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
freedom3d.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-includes/js/wp-emoji-release.min.js?ver=4df9c6a87a5348943db2d4fc694905de
Requested by
Host: www.zqu.xbb.temporary.site
URL: https://www.zqu.xbb.temporary.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:45 GMT
content-encoding
gzip
x-nginx-cache
WordPress
last-modified
Wed, 03 Apr 2024 00:40:39 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
x-newfold-cache-level
2
cache-control
max-age=21600
accept-ranges
bytes
content-length
5365
expires
Sat, 08 Jun 2024 19:55:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240605&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
87dacf8b6d85d4c29c969c77c40560a748c8bca56b1c334572cfb7eee8796467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12914
x-xss-protection
0
freedom-arts-3d-256.png
freedom3d.org/wp-content/uploads/2024/06/ 		60 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/uploads/2024/06/freedom-arts-3d-256.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
b7e558d994e38f9f067681bf41d5a619bef2bee8ca3decf69db8e2a59cde4617

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:32 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61652
expires
Sun, 08 Jun 2025 13:55:32 GMT
freedom-arts-3d-256.png
freedom3d.org/wp-content/uploads/2024/06/ 		60 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://freedom3d.org/wp-content/uploads/2024/06/freedom-arts-3d-256.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.185.36 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-185-36.unifiedlayer.com
Software
Apache /
Resource Hash
b7e558d994e38f9f067681bf41d5a619bef2bee8ca3decf69db8e2a59cde4617

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:32 GMT
x-nginx-cache
WordPress
last-modified
Tue, 04 Jun 2024 06:56:48 GMT
server
Apache
x-newfold-cache-level
2
x-endurance-cache-level
2
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61652
expires
Sun, 08 Jun 2025 13:55:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406050102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5564317248950729&plah=www.zqu.xbb.temporary.site&aplac=true&bust=31084381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zqu.xbb.temporary.site/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 13:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 08 Jun 2024 13:55:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.zqu.xbb.temporary.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
29300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 05:47:26 GMT
expires
Sun, 08 Jun 2025 05:47:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
freedom3d.org
URL
https://freedom3d.org/wp-includes/blocks/navigation/view.min.js?ver=4df9c6a87a5348943db2d4fc694905de
Domain
freedom3d.org
URL
https://freedom3d.org/wp-includes/js/dist/interactivity.min.js?ver=4df9c6a87a5348943db2d4fc694905de
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240605&jk=3948840770841775&bg=!s7ClsP_NAAb64txl2uI7ADQBe5WfOHGLNLrH3IBWbaVEEe2Ay0k9iB3toKejKzpnVHTxIT6gjFqQa3pwivv7mfCSZXB6AgAAAEdSAAAAA2gBB34ANTEqKXEP29qeObhhKdDMAiLXfjm7L1ROHDH_R9_GdW8OwNBlaP9lT1T-wEt6HL7dPLbf6jJJmQKsRW08YoS9XDXO2qHlZYD91cB2ye6zX9dXXDHphQpt1c5b5JaH0DTzH6OREW1wjgxMUFsoKk_pbbYluGda6yBG_188UkUNj_fsP56Y7gUD_7lqmgm5Nl4pnIVpNnSyd9eS0gVaXcABkfZsFdir5n87RL8o_nXUs445O1VTuhZ-bCPT-TjIzyzi7PlW895PI2Q-S_nH4qYdCXyOei6AJsabCVE4FNPAJ-Ori7QBX6s1T2qpyzjbJhT9K7F5RgwbpCpINI83IAL4oSP8PRT7dy4DHnIV6vfUmBVPdFPM4AQmNiEsj2NObVsckIRcc7aW0GewaFflLorYnPEGulGKY8y-DoPqhnEgUE4PZ6cgJ_WDjxUTeXiJAKOJNtQslYZtOlSikY4M4zPvgXWTSEv8XjiVEhuSzmwz5vRQNzCBuU2kqAwIzrfgFSrVCL0RhMz3W9o8UwEtnoMP_fi5KqOd2VPz_yYCQdS7YN5W3S-fQdUGVJgjg62peMPEQz5Cefy21RSXfR9stWBJ3oX-xDTPqNI2zk1C4N1Eju_bpiKc9qAWnNtjjuvkp6UINFrJFdUrZvDBB0RsvooJ5eHUpr8pjPrMgpaJt0ugtE0oTSKJFcnN0f0FqttdhwJtu1bsKHuhub-_7DvVGSZ8MbLO4gb4Nggdjlmr_qvPD4dlV7PUhyjF41O4qnm1bkHd2N56-hlxvMLUW9G3Zpf1Z9ZhoEBpqjNN1ReAf8ANQywVV5goeeYDOud0c5iAqFOePhe0sDtQbud3d6ew3jVonW-gXwAgweHWiTXy3ZRQDEC1vDMinNNYp8DPl7Xk-hOc75NBs-FZksMiqiKYVmg7S5RltKlHHfMMBOa0XCmfz0I4TzxKEGzOH4YxVXMI-XmzqFKnujvMgE9P7yOqgWHUxYh3uQ9V

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| _wpemojiSettings undefined| $ function| jQuery object| sdm_ajax_script function| sdm_is_ie function| external_links_in_new_windows_loop function| external_links_in_new_windows_load object| adsbygoogle object| _0xc88e function| _0xe4c undefined| vkhmmrtzfzdjeulpkzdfkubydjuectjtgdwundzdhdykirewbewazttgviczeznlnnxheburutgjpblzjpblz undefined| hasClass undefined| addClass undefined| removeClass undefined| bnljmvjozjzanfwujvamhczzybjbkdsvncyewlzmzwttlsrgrndmxdldchmyvtjarhnkwxqwlwlwjpblzjpblz undefined| vjlbyjlurtvemxlvrgxxstrlywjmzeottbpwlewaeyzgjoanrxzzdtcarndaskveuzhnsgpavxcwnmgwtqjpblzjpblz undefined| chp_ads_blocker_detector undefined| fairAdblock undefined| adsBlocked undefined| checkMultiple undefined| init object| edd_scripts object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| edd_load_gateway function| st_go function| linktracker_init object| wpcom object| _stq object| megamenu function| update_state_field object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
www.zqu.xbb.temporary.site/ Name: PHPSESSID
Value: 145da6da84be11fe7a36689ad097d7ce
www.zqu.xbb.temporary.site/ Name: pmpro_visit
Value: 1

4 Console Messages

Source Level URL
Text
javascript error URL: https://www.zqu.xbb.temporary.site/
Message:
Access to script at 'https://freedom3d.org/wp-includes/blocks/navigation/view.min.js?ver=4df9c6a87a5348943db2d4fc694905de' from origin 'https://www.zqu.xbb.temporary.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://freedom3d.org/wp-includes/blocks/navigation/view.min.js?ver=4df9c6a87a5348943db2d4fc694905de
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zqu.xbb.temporary.site/
Message:
Access to script at 'https://freedom3d.org/wp-includes/js/dist/interactivity.min.js?ver=4df9c6a87a5348943db2d4fc694905de' from origin 'https://www.zqu.xbb.temporary.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://freedom3d.org/wp-includes/js/dist/interactivity.min.js?ver=4df9c6a87a5348943db2d4fc694905de
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

freedom3d.org
pagead2.googlesyndication.com
pixel.wp.com
stats.wp.com
tpc.googlesyndication.com
www.zqu.xbb.temporary.site
freedom3d.org
pagead2.googlesyndication.com
172.217.23.98
192.0.76.3
192.254.185.36
2a00:1450:4001:831::2001
048c1f7650d32ed2c96b4a1aafcb64a227c7a424981592832e9ef75f4d12274f
071ca38b8cec663d589e0f75341f534a696edc4aee2b99d6e502c98fa04ee020
22f82667fcc521d60f0adf31a747a87177c39c894bfa2631e1bece4a96679397
2f12ebf8816fa45824329d1165c958f8ec224a6a02cb67c46abea454230ea1e9
38ba1aecacdb73bb6d4206ab713adeb0a662066d7fea23bce4b2bd7ba4b6674e
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53ae2d4383a203f0b83a1825f1f968cc1936477e50168f5c8b58f260c26a93e1
53d9c9ed3d147946f678b224d21cff1a6b50a88dc921043828b32c90edcb66a4
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5dfd03855a4a1d88d87e6a17c15930c1310dd0765cea9347558d7e924a5f6956
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65001f9bd627ac54f3dc9e9e2233985f6421e046f9b0f8bd64c4aeddbececdad
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
7ba8aee8117d8ca623fb1c019c5db51f03cc5cba519c92b0437cb6b427f5d1af
87dacf8b6d85d4c29c969c77c40560a748c8bca56b1c334572cfb7eee8796467
8bfde7d10e2082b756f613f164fb156c71bc74a376074ddb7f59abfba66a2740
8e6b35e016921953a1ae6c4553952232a2fc6b289c3a022c509da9d53acd409a
9fdc82f1d391a68ae009cb7d905d2ede9f10be47146aca213ddf7afb83310806
a875e1d5f8cfe252cc8f5e04d750dd8c771fb8aceabd435d548425a445ab61d3
b7e558d994e38f9f067681bf41d5a619bef2bee8ca3decf69db8e2a59cde4617
b9052ea598420869c9196e164a35704bc0784102625072cd258e14125fcf5d92
ba0813d631114504a8003a030c1d49becc9de7183103533c2a1a774c692cf44a
c14d1549486bf8c4cef2ac9e2bf1bfaa19a3d1f7c6d2f6e9844186ba68ae6112
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d922fc2fc26115fb47f3089f0c7947cd13a8fba5d6184add1ce465da07763a3f
e25214a561b07deb10d2cb8a971f6bfea951159656ede76f10eb6679c6d76a65
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b
eb10c0905a2bf5fe20aefef7192dcd3c33aab5c838eebbc5790b9b80a3e33b3f
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4140aef607106907ec91582e649552cae7c1ef1acb70444cee9ed3cf0df3c46
f7694fd04a2a0f7de560b7c43808ab767eb2672a733aa0a3fd752dd11f3da515