regbu.com Open in urlscan Pro
2606:4700:3037::6815:14f4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://freenet.cz/
Effective URL:
https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Submission: On December 19 via api (December 19th 2023, 3:05:15 pm UTC) from US — Scanned from US

Summary HTTP 128 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3037::6815:14f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is regbu.com.
TLS certificate: Issued by GTS CA 1P5 on November 15th 2023. Valid for: 3 months.

This is the only time regbu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	46.8.8.200 46.8.8.200	60592 (GRANSY Gr...) (GRANSY Gransy s.r.o. gransy.com)
1 1	44.197.254.96 44.197.254.96	14618 (AMAZON-AES) (AMAZON-AES)
1 1	107.22.53.88 107.22.53.88	14618 (AMAZON-AES) (AMAZON-AES)
45	2606:4700:303... 2606:4700:3037::6815:14f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
2 10	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
4	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
128	17

1 46.8.8.200 (Prague, Czech Republic)

ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ)

freenet.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.254.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-254-96.compute-1.amazonaws.com

blog.manystylesandme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.53.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-53-88.compute-1.amazonaws.com

orvar-mza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3037::6815:14f4 (United States)

ASN13335 (CLOUDFLARENET, US)

regbu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:809::2002 (United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	regbu.com regbu.com	843 KB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	464 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	301 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	151 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	7 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4606	81 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	220 KB
1	orvar-mza.com 1 redirects orvar-mza.com — Cisco Umbrella Rank: 296216	608 B
1	manystylesandme.com 1 redirects blog.manystylesandme.com	611 B
1	freenet.cz freenet.cz	221 B
128	13

	Domain	Requested by
45	regbu.com	freenet.cz regbu.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	regbu.com pagead2.googlesyndication.com googleads.g.doubleclick.net freenet.cz tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	regbu.com googleads.g.doubleclick.net
4	www.googleadservices.com	regbu.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	regbu.com www.googletagmanager.com
2	www.google.com	regbu.com tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
1	mts0.google.com	googleads.g.doubleclick.net
1	analytics.google.com	www.googletagmanager.com
1	orvar-mza.com	1 redirects
1	blog.manystylesandme.com	1 redirects
1	freenet.cz
128	18

This site contains no links.

Subject Issuer	Validity	Valid
*.freenet.cz R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
regbu.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Frame ID: 3337EE6F8DF710C62DE53983DDCA7F2E
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: B8458ECC384518FEC1DCBACCDF360FD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&adk=1812271804&adf=3025194257&lmt=1702998310&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998309665&bpp=3&bdt=987&idt=426&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1218695890939&frm=20&pv=2&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=447
Frame ID: CB8C1E4248FBD0ADCF8C8CE51C88D61B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=600&slotname=3318620291&adk=3504394691&adf=1519853264&pi=t.ma~as.3318620291&w=300&fwrn=4&fwrnh=100&lmt=1702998310&rafmt=4&format=300x600&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998309668&bpp=2&bdt=990&idt=448&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=978&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452
Frame ID: 8AAF0D4E274E09BE2A76863E7456F10A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.758169383~rp.4&daaos=1702912143377&w=785&fwrn=1&fwrnh=100&lmt=1702998311&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998311224&bpp=1&bdt=2546&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=2&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=5182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=14
Frame ID: 60E80C4AE339295A89E20623C36756C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.381427885~rp.4&daaos=1702912143377&w=785&fwrn=1&fwrnh=100&lmt=1702998311&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998311224&bpp=1&bdt=2546&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C785x280&nras=3&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=4135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=30
Frame ID: 3E21D845FF86E8612325E41D79CBF566
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.112091859~rp.4&daaos=1702912143377&w=785&fwrn=1&fwrnh=100&lmt=1702998311&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998311224&bpp=1&bdt=2546&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C785x280%2C785x280&nras=4&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=37
Frame ID: C875514C0156EF321C580B8F4EAE8F73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 68F633B6D0812CE87E438E8E61EE982B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 55C37487230AAB8EE051DDE4856F1B4D
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 519C9A74DD67DF88E99C2703EE126A0C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 3B5C611BE90A4BB3E730AA90AB8E64D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: B80D81522CEE7BBDB0AD182C760A2040
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: BBDBCE94FFCEB42338C5FC839D069F3C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E092590DBDE2326CB3465E8869836D35
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0379CA8FC19569E537454AF0B0EF860F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REGBU.COM -

Page URL History Show full URLs

https://freenet.cz/ Page URL
https://blog.manystylesandme.com/59241f9f-2e36-429b-84bb-abc82c5edf7f?utm_source=freenet.cz&utm_campaign=pave... HTTP 302
http://orvar-mza.com/freenet.cz?adTagId=32640a10-9f80-11ec-83d5-0a918cbcbb97&extclickid=w68qi5qua... HTTP 302
https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

128
Requests

97 %
HTTPS

78 %
IPv6

13
Domains

18
Subdomains

17
IPs

2
Countries

2282 kB
Transfer

4907 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://freenet.cz/ Page URL
https://blog.manystylesandme.com/59241f9f-2e36-429b-84bb-abc82c5edf7f?utm_source=freenet.cz&utm_campaign=pavelsimon HTTP 302
http://orvar-mza.com/freenet.cz?adTagId=32640a10-9f80-11ec-83d5-0a918cbcbb97&extclickid=w68qi5qua1akrfrt2p8j7qrs&fallbackUrl=https://regbu.com HTTP 302
https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://googleads.g.doubleclick.net/pagead/adview?ai=C3v4MJrGBZduBIJvOoPMP8uaY8ATEsuHqdIGKv5qjEvrPm6PpDhABIOfo8CJgyYaAgNyjxBCgAcPU8-UDyAEJqAMByAPLBKoE-wFP0EE7nT7ICvmAkCoWsddax5mGA4_uFFaW6al6xj1MhNQ0eJY3cYalU0BJ8zIKGRSBLjEp8zQRSo2MsgL2ZU9zEfZd0C4WtntxGTjaGzYbWK7kwNRkQMgy9DOwW4lNK3QXjCGuBWrAJlOZQAzHugzOWxX4HLPY9fUMd2iA-Qskv_NqcTcojviPVGK_9vElsTdOZnHRy38k1yDTLShDW9dRwPn8-dhMe26PidIV7fF0BJXTEKFiK4nQRq2AQdOzgTn1l_MhHBz5oY5zbLnU7EVZuliPJni5b75YuBygsHm6hf2HPYbkbm8exFU-AEuzuhLlfF-GnnIgVxPPKMAEyMHWrcUEiAX24umtTZIFBAgEGAGSBQQIBRgEoAYugAev5fk8qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ_9QN0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljQk-iK45uDA5oJYGh0dHBzOi8vd3d3Lm5pa2UuY29tL3JldGFpbC8_Y3A9NjI4OTQyODM3NDVfc2VhcmNoXy0teC0yMDc2MTgzNDAxMC0tLWMtLS0tLTkwMTE4NTgmZ2Nsc3JjPWF3LmRzJoAKAcgLAZgM96rqgNEEogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwRCgsQ8J2NyMq53JOsARICAQO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTYxMjIyMDQ2NDYwMDIyMzcYAA&sigh=PKec8SwM9Oo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_bAcA4Va1ycc2t0z1fTYh6d-uMpPAjANtaGqeo_OvI7qRJalprowk5cma9OB9zTFYVxQZknRffMoqoKLolieE73sYjsZMIe6x9RgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x376eb93c0f5e4e780000000000000000%22,%222%22:%220xb6f7721883e0d83d0000000000000000%22,%223%22:%220xe673aaea93023af90000000000000000%22,%224%22:%220x40dc8785cda560640000000000000000%22,%225%22:%220x8d1213820b11b51b0000000000000000%22},%22debug_key%22:%225089314992032286405%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221019013699%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2254905897878204753%22}&andc=true

Request Chain 118

https://googleads.g.doubleclick.net/pagead/adview?ai=CPA6tJrGBZfuPINfKoPMPtM-muAGx9o3ydIKI6v2cEmQQASDn6PAiYMmGgIDco8QQoAH545TNA8gBCagDAcgDywSqBPcBT9BzWEhmK39Nd-O9kEauhvbgQbbuD40aW0QGGTqEhum2hjCsIKDz3gC0JObsKaPM_zcu4rJYhgkgKbTEtX8b3aSDu_FoqPHqCqDzDK0GRk_9hKB3kleCsfhOBNq0yZThUaRwuWmdsuFNYcDXwr2K4edzjLQBDasuUeUTJilsyaVSEIJ9wKm0N96iH3rSwD8GLc9zoUOtughZ5g7C0LyzkbnuW18BLiRoGBKsLqh8NpMPGmyhYD-I_dgEPZ9temAhP0aRM1d73Wd8DqfKAG9bBw6THnB2kLEAYi1GevrQuMzwq_8N_v3NZtzEdTTFFqCHR7vkVFCBdMAEzruru7cEiAW61aqUTZIFBAgEGAGSBQQIBRgEoAYugAeLguI2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ-fwK0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlidmOiK45uDA5oJG2h0dHBzOi8vd3d3LmZyZWVwZW9wbGUuY29tL4AKAcgLAZgMx_CIrs8EogwQKg4KDOS0sQLutbECtbixAtoMEQoLEIDkl5zt_IvqpAESAgEDuBODBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi02MTIyMjA0NjQ2MDAyMjM3GAA&sigh=7fgFmvfWlNY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_jHYbgD0gaWrV6Bk_RxQ0-6RjHwJNEc_GWJaL9TdD0mF823zYv9YX-RqQwyQDireTlWBb5yUUnyPkNKshFKNcAEyED1AgQZoLPOcYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9602dd3aff295e190000000000000000%22,%222%22:%220x2dc2bcc4a5f6a4f90000000000000000%22,%223%22:%220x68fed70ea4daf4330000000000000000%22,%224%22:%220x7bea70a762be00110000000000000000%22,%225%22:%220x987954b0d6f54f5a0000000000000000%22},%22debug_key%22:%2212263478250294015187%22,%22debug_reporting%22:true,%22destination%22:%22https://freepeople.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967127545%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222870648359860609489%22}&andc=true

128 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
freenet.cz/ 151 B
221 B 1818ms
63ms Document
text/html 46.8.8.200
GRANSY Gransy s.r...

General

Check archive.org

Show headers Download Go to

Full URL: https://freenet.cz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.8.8.200 Prague, Czech Republic, ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 151
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 15:05:06 GMT

GET
H2

200

Primary Request / Show response
regbu.com/
Redirect Chain

https://blog.manystylesandme.com/59241f9f-2e36-429b-84bb-abc82c5edf7f?utm_source=freenet.cz&utm_campaign=pavelsimon
http://orvar-mza.com/freenet.cz?adTagId=32640a10-9f80-11ec-83d5-0a918cbcbb97&extclickid=w68qi5qua1akrfrt2p8j7qrs&fallbackUrl=https://regbu.com
https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

98 KB
16 KB

1534ms
1434ms

Document
text/html

2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Requested by: Host: freenet.cz
URL: https://freenet.cz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9bec2197bf2f3d11918f09b7d922ffa04e4ac7b1dc3ee998c0658984cf24f93

Request headers

Referer: https://freenet.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 83808abc5bd47479-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 15:05:08 GMT
link: <https://regbu.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=764r4AmsQ6uSivVheVM%2Bsq7oeFWo3kKWM6j5%2BkUOK4sSSqLnPA2wx0YUvbpLo73jwmCeigdLw31Cm7SfF3TLvXK4OQbpzTWiapBMavtEValuE6Y3kT%2Fyzdf3Sr0%2FNbwIgbNUK%2B6SucE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 19 Dec 2023 15:05:07 GMT
Location: https://regbu.com?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Server: RNmetcYX
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H2 200 style.min.css
regbu.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 48ms
45ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4028
etag: W/"1add3-6099ddb9a1147-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQxXU%2FFJXiJc0BSy%2F3ME6bsndBU9hO1amDJq5q4z%2B%2FAEwZ%2Ffgj5nSv5NzSYqMPrbUFxi9mjZ4hq7CzySt1%2FK3QM4kMeuUrj%2FH0jZ%2BLWRAwyWKWQD63LMd2DD6n5Tf2PV64oh9In4%2F30%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83808ac56cc77479-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 trp-floater-language-switcher.css
regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/ 18 KB
2 KB 47ms
44ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.6.9
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ce4435d68c21d56cebe0995aedb94ce173653cc983b09c8544a67478af28225

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4028
cf-polished: origSize=22292
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
server: cloudflare
etag: W/"5714-60ccc92e3ac3c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJnBTj1e3KW2zMwMxwF1l5%2B52h5poW8yuCZZOJAGD6%2B%2BvKINDhbjgMpNkI%2FdhTMtW60mujGM3nCYo2mD7sxJHSYxZ8MfOYpVOXwqWYioDpNCgZHvYAdQbsyNTc13B1Jq7XEMd0UkR5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83808ac56cc87479-MIA

GET
H2 200 trp-language-switcher.css
regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/ 2 KB
1019 B 48ms
46ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.6.9
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf122fe45ccffe0ed0058d1fb7efae80dc92a8710d8ab18a7d63984bb4aa685e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5431
cf-polished: origSize=2843
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
server: cloudflare
etag: W/"b1b-60ccc92e3ac3c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uw6cTEhPaApV9hGsSDZaKgzLuc%2FYD5bQb7dVjOy4OqIt%2FnEKM4SnAXONyqKz1qsV8SVpk62d63x0%2F%2BTRIuIt%2FQZw9RAjBDhGSVw3Qb45%2FoERoFGYYTwZAawxGWwWb1lSZqPntZyU5Y0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83808ac56ccd7479-MIA

GET
H2 200 trp-popup.css
regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/css/ 8 KB
2 KB 571ms
568ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/css/trp-popup.css?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326637e4c3f86d1f4f4d728a2de2a50d2c59f4a09844e866af8023ac6adcbc22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 30 Jul 2023 05:04:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11683
etag: W/"2da3-601ad3ed2f060-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m49JfZJZ%2Fz1oo6VXucFHw7e4qL81Whee2yYXM%2B9xtXaZ7dTRXJhRsQU1RAyWnvmDljrCr6kaPdgU97ZaLUV%2Br1VWQvYPXpKEMKJXceJwGjF52024UrxCxtxu%2BQXNA3xsmlp7e8wD3Ec%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83808ac56cd17479-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
regbu.com/wp-content/themes/bam-pro/assets/fonts/css/ 58 KB
13 KB 562ms
559ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/fonts/css/all.min.css?ver=5.15.4
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e7a9-600664389a3c7-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNN2DzhDg6UHLhycQzUYh8cDniUP1YW0oIYoEHUbjJ8hh27L9Kca20H59gj2AyHqjAmiVkqgnuu5kHkVZhkKAlR0M6qJsb47bSYplRHU5zl6yWk98CN93KbmO2NTNRBn%2FuxueJRfyaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83808ac56cd57479-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
regbu.com/wp-content/themes/bam-pro/ 68 KB
13 KB 565ms
563ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/style.css?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c34c3277bb9c28f7e9f0b84dfb4a73196c25bb03ca1e887c507ec98ba6587b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=94748
etag: W/"1721c-60066438b7883-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FioqVXJ46WbbGhtjVB0diJK%2F5p2PXmS8FXAG9uR8QyD382Mdooi0Sm%2F3dbXPFyfkoNeQasa%2BLsLodp6JOJoeMVhnOlxbQSxjNRHYGFi%2FuPRaQQCOqxiTS%2BncLlYxyS4Hi2i%2BZeK3ie8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83808ac56cd77479-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 68 KB
2 KB 209ms
78ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ba5e0bf235435a81c9479a6c1757c6947fb6460b17f820bc70797a5ff4537f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 15:02:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 15:05:08 GMT

GET
H2 200 jquery.min.js Show response
regbu.com/wp-includes/js/jquery/ 86 KB
31 KB 52ms
50ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2363
etag: W/"15601-6099ddba09927-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQnc66XaqvExp6%2BAnsFux%2FQufSs1MdqWpc5Ufl5pZHNIrbVMrLMi83mmFbSWpO5jhlpIgT0Rv6H8TgvchN8WUJKa6i1HtS4b118xJNnl7ZVxtkys6cUJs6%2BqpKeUw99jl%2FHUqaCxFEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac56cd87479-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
regbu.com/wp-includes/js/jquery/ 13 KB
5 KB 49ms
47ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 06:04:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4481
etag: W/"3509-602773f1f0bac-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D9dZwd6%2FQzTYaCaC1Oy2j%2FrOGC2Gb1wXIq7iuejkUHiosLPFevdOa6cUBfQw1kTgM6lenIEOf1tMLnN%2F7WcmiF7%2F8KZrhVuIzGOdFJiLEWFIy536gIRHMRSqybKok6UF2j07mNQ3%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac56cda7479-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 trp-language-cookie.js Show response
regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/js/ 15 KB
4 KB 56ms
54ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/js/trp-language-cookie.js?ver=1.1.1
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd88d63a0b21974210c6097e5ecc5f1b569e288a77085c4b806dadcd6f73ad78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72
cf-polished: origSize=22110
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 30 Jul 2023 05:04:15 GMT
server: cloudflare
etag: W/"565e-601ad3ed2f060-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDre6REtOT1ewX86bWUiBNn0h2CsRXfOuqV%2FHVdb8ki0L1cB0okMgUKXXdT6WhLr6G%2BhPCRqt05NH54o3Py2kGdxWIElPe68PtWgxhwItn6%2FIt0aXOiAM%2Bss7zYoCQxOKsbg7wjIvBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac56cdb7479-MIA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 245ms
112ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f18a2fd755cced45aa875a30a29bb553a53561519cf2f9250d7c8f9b040e7762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68944
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 15:05:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 319ms
163ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237&host=ca-host-pub-2644536267352236

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fe6c89a2f98668ff7e6a71ba13a58799fa926f6737d1d02c9ad72bb05b4cad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 17254793518032315123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:05:09 GMT

GET
H2 200 vyhledavani-google-obrazky.jpg
regbu.com/wp-content/uploads/2022/08/ 95 KB
96 KB 193ms
191ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2022/08/vyhledavani-google-obrazky.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e90d03e5868958c39f668350a8f49c57e42e04e41e0807d7aa967f3c4509ea99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "17c9b-5e77612172570"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWU2O2mrvIu9L7MQ6%2FHXGSB1HRVXyQZg%2FvOpongpNNeLbR1%2FIq%2B1bSlJ3zJg%2F5Y3Qf1A8sS6lDo04Du4HYrUoDkNZo54kX7OwqxAQ4%2FcAjvqp47ew5Q7t7hEA0cuM8ug6KfmzQIA5B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac56cde7479-MIA
alt-svc: h3=":443"; ma=86400
content-length: 97435

GET
H2 200 mafia-ceska-legenda-svetoveho-formatu.jpg
regbu.com/wp-content/uploads/2023/08/ 112 KB
112 KB 605ms
604ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/mafia-ceska-legenda-svetoveho-formatu.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c76682e31b1ad1abb3fecbee5bea020e97e249f13db0a0a041a83446a53f5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:16:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1bf33-6037564624e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lE%2BNahkGa13myzetui16zpizzcELjPeWg2hSGiS%2FQuEhQDNSf9S%2B5y5igxuFWuzhV7v4BdfBgmG9qJr3PyCp%2BxXaivqOn1%2FqATfueZa84GwIvtngm%2FmhzYEZH9%2BGX3p7Sugu5v7XTC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac59d3c7479-MIA
alt-svc: h3=":443"; ma=86400
content-length: 114483

GET
H2 200 worms-prevtelte-se-do-cerva-a-bojujte.jpg
regbu.com/wp-content/uploads/2023/08/ 135 KB
135 KB 225ms
224ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/worms-prevtelte-se-do-cerva-a-bojujte.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c54438cdca89ae25314b9a32e0c795a3c6b663825067240005f60c8a435dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:12:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "21b73-60375558e8991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v79Xxx%2BpJHKTAcicYyluLauOti%2BuLHvh9nbxE8FzP%2BXIgxZFQyGb4F69%2B23UAtsDy2Bpm8wPfFNWTRRaLf41F4fWbxfoDd%2Bx6Pq8CYcLkZtvQL2MDwV8hJSgftu4hHHEPjjqvZDCKoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac59d3f7479-MIA
alt-svc: h3=":443"; ma=86400
content-length: 138099

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 248ms
93ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52751a6236299003d6f9161b254374149546dcab3d1bddb56babe9342cec3f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51350
x-xss-protection: 0
server: cafe
etag: 9798177109925149973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:05:09 GMT

GET
H3 200 cs_CZ.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 361 B
823 B 48ms
44ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/cs_CZ.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc61117f652bc846db0c95c5cc7273b6c0484292ed2304168cadd8affd40487

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3368
etag: "169-60ccc92e3bbdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQ9voafMNnTloPs8rsmLpdcqRYaUJt4LpHsTR5Iblsg2fIZDHmu%2FlNnvRacsqMs%2FipMpO7A%2FfF8VPKBsLedvz%2FmdZFvxPhC9T1Zxfxcnv8XxhOA80q2%2B2IjK32h5W18oz6wlX6hkJlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91dcedaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 361

GET
H3 200 en_US.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 502 B
962 B 57ms
53ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84554ad84b590aa4d161301d4abb95d5d3b7013f38bbb0c02ba0d506ce3c548e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3365
etag: "1f6-60ccc92e3cb7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTaSmAT8z8dw9vUJT%2F1uND%2FGXAbRYgCBCBEIekfWdiItqOhfwrdxVKr71X4NUbt3yCfMlgxwv1LOzWCvLmcFJwV0HCE9kn7gyZpnzf9ZC64cEt7R46pqJoYn8IY%2BBGniWts8Icivsr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91dd1daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 502

GET
H3 200 sk_SK.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 370 B
832 B 48ms
45ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/sk_SK.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4b22644990ed0b5f68373075760fa4d987b650a6dd05409ddb4d8002a391b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3365
etag: "172-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BOn8tMrjf95QOaUOR41CaoZ6g3Lpz96jkQk6Flq1E7ys9epud%2FUItVU9%2Bngg7F6gvMLR8eEXYO3DL5CI2V%2Fw5RsQfTLVimyEXCjre3Y2LTAdEV5M4yEBr5gEANBYsCGfvKkgKxU6NQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91dd5daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 370

GET
H3 200 pl_PL.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 235 B
695 B 79ms
76ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/pl_PL.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246e5d2f70b9e2f43901db5f080cf38df03804c235c3009458a9ad59e6f47c98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3365
etag: "eb-60ccc92e409fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdfxSrYSXNomkfou4LQj5yAE5oSMOVAwL5yEslcHy2xl33%2BPdC4dsMsNADXvVumpwPSr4y%2FU2OJKs%2FvnOXgqtpkAdV2M50G8vDMK2RyPp6CpPGJp98d2NwFaap0LjZRsIoJ82DQndn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91dd8daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 235

GET
H3 200 zh_CN.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 313 B
782 B 82ms
79ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/zh_CN.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1348be98d8f2a8599acfef9767527e164544e1e07cc74279cee0a1bb9a50a395

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3364
etag: "139-60ccc92e438dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIHC8YYBE7CUHcNA0ZTmSRCMMlQS0bPxKSx2u5%2B7ziM%2Bh1WZeUla%2FhVbtQSzrnwB53Ix8F2LQWpB%2FhXyht%2BOIz503Hdhid%2BBmuGDZu%2Bd%2Be0yYfwVLzmaShxiHbVSFdHYOiNNjy1BqkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91ddadaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 313

GET
H3 200 de_DE.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 250 B
710 B 80ms
76ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/de_DE.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3364
etag: "fa-60ccc92e3cb7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lR4Vo0YyB8qkaI38csTbjNe2iWcA5AigXqESuXvG4zgfMjQbKUiS4PB4VdWHHywRwnlwjBcL%2FPl4oZ5sAIRZh19TCj9cYnzxif0%2BXG%2Fk2jKgx9Eayxm1ooQaljRvkptiCqLL4S%2F0wKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91ddddaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 250

GET
H3 200 pt_PT.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 441 B
905 B 49ms
46ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/pt_PT.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17974619f9233fb51fc94a230d109d563093530560a2ac910972020c8cc4209

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3364
etag: "1b9-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqWYaqrM2EKGSM4wSvgbzZ5yAnvXkeHoIOIrRIVXu%2F2VhsWOHXjL1hazQqvtww2hzyPLW985Ru8l0xD6%2BXYb1uR8qciBf5092Hzm4WRuqW8K0zF5kpZKP7vwMGkPLoMw7%2BxVvGrrmG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91ddfdaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 441

GET
H3 200 es_ES.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 325 B
792 B 50ms
47ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/es_ES.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71e440bd8074d59686f35d87b824c16f5310a34bab7fb017b0178bd726e35d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3364
etag: "145-60ccc92e3db1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgGswX6BRKW3upHHEnxkAZbew7MXvsM9I4WW%2B0W%2FrI6pO9n%2Buw7zK%2Bnv3k66d7UQQeNV33XhQzC5ZRchz4%2Bp4hUmS7fZ5KAeegBS3R9WSGqSRxIZpnBrt5A%2FRRvYDsGQP9B9SoziPU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91de2daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 325

GET
H3 200 ru_RU.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 241 B
704 B 54ms
51ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ru_RU.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc78f50b6e27078e91fe318c8ebdc52bac6cabbe5c298f471bc60292e126e1a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3364
etag: "f1-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t4EPDI%2Fmjdaueg9EHwwzjVK%2B6eJHYnJ%2BqR1fqej7rVL5XoQPOFt4XHQtY%2BfIKOr4ntG7cmitvbrabyqKENLa14ZrMwhkAZnqtHTs2JshmrTSq2TjNnYHjxxfXvjw1%2BShW0PAVc%2BkmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91de5daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 241

GET
H3 200 fr_FR.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 268 B
726 B 52ms
49ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/fr_FR.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3363
etag: "10c-60ccc92e3eabc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUkKTe0icXfSFmuN04yA4mDYgexb3ZPiIx8ePXJ98HXVN532z%2BXyqH4udhqsSJowxp66UCWOFzjNX3yVq2rCcBVv4F85uafEyGdt7EfEg9Y7GeWnFvnq%2BHnPlu1rdIiKjiKaJ2Oip88%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91de6daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 268

GET
H3 200 bg_BG.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 252 B
713 B 84ms
81ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/bg_BG.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a52d124a5821cde93d0f507ea5b57407ef327189ff07e0496bcd3dc74861948

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3363
etag: "fc-60ccc92e3bbdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2kn54L1qm%2FqHL6GLePpSx9HqLEKr7uT2IpkLjrw29ULVotD72fXcx82XFpIvhKap825k7GAbsloXQMwiIUiB9C%2BsI6GONaXAEuqb5NVbysm2WZ1Z%2F3JUBVacp0aX%2F%2FaweQqC1lVqRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91de8daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 252

GET
H3 200 da_DK.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 304 B
769 B 55ms
52ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/da_DK.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e21ed35cd4deffee9f308bebff9625437f4ecdead9f39f9f50918c1739337d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3363
etag: "130-60ccc92e3bbdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ryt1PyfNY%2FFOL1tK81lY2gavrXU%2Bz6EWu2rbSQn1GW219WJapNsowtnf4FyDkvqZ5ookJqHL2QSa1%2FZRYxEt%2BHKWBAgBAy5xCvqX1AMpel75E6g6mXFk7%2Bq01GVVr6yoMQ%2BRlvWtI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91deadaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 304

GET
H3 200 nl_NL.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 282 B
740 B 56ms
53ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/nl_NL.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42495d821ccd0890cf42f1b7ff365069dfbbf2db6a7cd2f58cbff0724153c1a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3363
etag: "11a-60ccc92e409fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RQMB52kG7ONFPlQE%2Figsa2YudyiDZFUvzcfG9YkxCAnRPubtXiPIj%2BvfqHaG8r7jBDWCFbPChZyDcmtepjRzTmrZcepH70uSfkeKtz8v5pCN458PUbwGMrEhTEHIWUXBfeIcSxF03E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91debdaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 282

GET
H3 200 et.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 278 B
739 B 51ms
48ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/et.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6747b68e5f84363c189fab01f3836b16389ab0259c5cadd4d89827dce5ac4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3363
etag: "116-60ccc92e3db1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs%2FcISa2clGgj4eyhq6vniLVbEYaFfn%2FNeFwmdG3PLENVl3FwaKoWiiCw9Ta2dUby36CK8Toe3dHYJU1T%2FPf2ui6aODu2LfP%2FJNUnacB4lOnfKrHyGHP%2BnnWnJW8ha1BYyLHy5LXpgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91decdaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 278

GET
H3 200 fi.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 363 B
827 B 50ms
48ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/fi.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb477d4d2e332a08ec4d51f2734ee46ae879d2c0b71fe38da40d03962e3a708

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3362
etag: "16b-60ccc92e3eabc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efSAI4rIXhXVyDtN8QLHgrt8xlQTyb0%2Fa0CP%2FoE2QUv%2BaTcAxLAOcd1INcEsuiLbLXsLVXbwKdKC%2FSitXnaWKpl%2BMzPlr5I359%2FtmUmETtKIlUliuxAkqNxisvZSYvQCuaq6BT9rWWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91deddaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 363

GET
H3 200 el.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 413 B
877 B 52ms
50ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/el.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3182c6ebc02afdf0ae998303f1ca7ec92a387ebaedc85564eb26425620f8d1ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3362
etag: "19d-60ccc92e3cb7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEeBLLc61VagxbMx%2BJeYowI0SG1JcV3aG7THQ0K6iGAC1lIdbVP325ferzp%2FMBAXE8Zun%2F6WwHt6tzjYjd05UA6SwPTUgTkqChSwqvsLw8%2Bkg0D4hzlnWISRR%2FSJar8hIm9PH7wDb8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91deedaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 413

GET
H3 200 hu_HU.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 276 B
739 B 53ms
51ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/hu_HU.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab50bfb7b50ba43cf03e36facb6431597e46a51adb21f53f04297421494e5b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3362
etag: "114-60ccc92e3eabc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKUHm6VEkE9t%2FLygJ5o5gunauyLwKspn3jRR3ZsMYGQiHmp7RNz3v%2FjFCfKMFl3hSTKfjXKCga%2FLXsIBtZHFKIfvLTS4rphURGa4snoRdoPTFGq6xLJuXMK1rOHEb7v1RvifEwIe%2BTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91df0daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 276

GET
H3 200 it_IT.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 267 B
725 B 56ms
53ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/it_IT.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d05871f6315412de38a72c7164fd4917efba135ba06ed9972c502c1fd811ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5430
etag: "10b-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TDrImbwKM9eKdEHWiDuyhxGxHEprYKKUtFaXe2IxGPjV0YEQgeRiduhf4RGCap2i7CSkoqtDXBv9HvViXgqzxBhrt4yvCNE6iOG5kmXAhJZsTWQUAwAc%2BFLFQq3xpoays75IuLqVoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91df3daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 267

GET
H3 200 ja.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 301 B
761 B 78ms
76ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ja.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba1ceefb8407a39580dfb8fe55f14e8c4c5e1a20983d741ea218fa2d92e505f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3362
etag: "12d-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEmREzXsGsIhdS8Xj6nzaG367Wqj73HG6zXZ1fmGppEQW5kQpUg8NoM9UJJuy8ybpCnOGFK%2B9%2B%2B9zu30JnSed2rqe9WDgmiOA3IsWbbQRySU0FqaTB7%2BEpTaLEkmiszUb029HQMXlt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91df4daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 301

GET
H3 200 lv.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 295 B
756 B 56ms
54ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/lv.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3995576a20df12952885a3e7cb3eed68e878874bfba0f250deee0ce15713b2ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3362
etag: "127-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FU3euD7x%2BuQOYKUApZhtcW5SbRX%2FqIZov1OV9GU8xb40qi6qtWftcIS%2FoZ6k9i2Jtt3VdRpWHzojbxWyihizh7TtzsF3pNs4cxv0ucRo4YJUSLKUGBVSITYGx6sFeYKt8EhaVuIw7ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91df6daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 295

GET
H3 200 lt_LT.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 251 B
709 B 80ms
78ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/lt_LT.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4288dc9b3af00a88a91714a222b0dab16f26454e70f9afd110b289e703f616

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3362
etag: "fb-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSCxMaRjkdvCSpdTKi6ZMRV2A79tqa7KFS8kBNSNjoSlHQyexJZCs65MK%2B1f8rgjF4ufZpaL70hXjuQdqw19sBWW7WxP458iUgPSEDiiWrOc%2B53GewJXZn7UJxdpL88OTgJgi1EYek0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91df7daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 251

GET
H3 200 ro_RO.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 258 B
729 B 81ms
79ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ro_RO.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed66f46f5021700271152106eacb5ddf5802283782498fd360bdcf0478cfa77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3361
etag: "102-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdFNxK3B8gAWunuyVHE%2Bwf77YKKIwE5sUB7UsyI1UwF%2F8067OQBOuRodXXtx2z1inDb%2F%2FY0qyl1HTaSDFz7%2BpZKgeOYWmWkm24wQpPlqIIlh7mVuqaU%2F%2FHT%2FG9HwlOMQ%2B4zN%2BnQUrhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91df8daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 258

GET
H3 200 sl_SI.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 322 B
782 B 81ms
79ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/sl_SI.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a7bc09215d14360eecc613094babf65ce928bd02f08c1d53c2cec2f71a16aa3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3361
etag: "142-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehAs2%2FTrSLwuqr%2BgtjZ9pI1qnq7pWyII9vFG2pVpDtTBvvfuj82ywyQvO6TMvYDfcTK33hnLRgxyzb0mY6YYtn8x6FVZdXkx6p%2F630wtcJDnygMEomNRgnsCFY0iKbB5B%2Bssl3sbGls%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91df9daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 322

GET
H3 200 sv_SE.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 436 B
899 B 82ms
81ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/sv_SE.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490cadd098357152b599430f6364c0a1333e378a0967f1f3ecbe4172c6bbcf84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5429
etag: "1b4-60ccc92e4293c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEF1jt1ggnyBbF5aKWUb1P2yY1505X3IxoGbQ1hETMg6RKB5cCsLndHCitKXLGFUgT1XTIQu5D27UvKJT2vQOSxm7IUrQ%2FnlSs1SvtXyPl%2FPnfJyktsuMJKEAvU586CDRzeYV0VrhD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac91dfadaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 436

GET
H3 200 main.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 5 KB
2 KB 45ms
45ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/main.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9802fd5b10afab8794b5e9683d79e8aa13cd1ac482bb82abd444d9bd915bb11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3367
cf-polished: origSize=7487
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
etag: W/"1d3f-60066438a6ee6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BS586KoGY0ps4duiN5VHMeJkzUSL%2BX9Mlko8kdoNC1Ls3qY1QDfGewiZsKzE0gij4k2hXrdvBg3o%2BebuluXZa6lm%2FHhwoKKref9orRtYzsalShSjnboMvjSMs2O5zf8k%2BunrkwDp73M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac6d95fdaf1-MIA

GET
H3 200 skip-link-focus-fix.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 426 B
730 B 44ms
43ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3367
cf-polished: origSize=685
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
etag: W/"2ad-60066438a6ee6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vQINPr4TnKb1CL1mVR5JSD8BHPdzzArTTOCuH%2FsV7k%2FPiYP7O%2B5uWAiF3p8WGGwF2IhSdGIr%2B7qWN3zBM9chLDhJuza6IJzkb9xk65khDA%2FNoCQ4aWIkh4hGhmR9EiPa6u4NY6wjWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac71a13daf1-MIA

GET
H3 200 sticky-menu.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 2 KB
1 KB 43ms
43ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/sticky-menu.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a15dafa41689cef7df1573e8ca391a01fdd72f09cef27fd9cdc71c887b01c0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3368
cf-polished: origSize=3413
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
etag: W/"d55-60066438a6ee6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIFSJZAFWs3LkpR8FB7YqSZBys4voJIqw0QddjthI07jVBk5iIJoiLQstG6tZlzDzmyu%2FC0jvSz6ltONZ%2Fjk48JtGhxuaPdcFG5w7%2FEqz5INasPICot5jG7DIavNGg6M59npHhNL8oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac76a91daf1-MIA

GET
H3 200 theia-sticky-sidebar.min.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 5 KB
2 KB 45ms
44ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/theia-sticky-sidebar.min.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9077bd707339a41d2960164348337c63e5e2e114ba70d55d7d677e7b48bba689

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3368
etag: W/"155a-60066438a7e85-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhiT1Q%2FxoYXy31Cn3OjolH8yWVowzDk8wEIaPRiW5QYHErOwmt7D5T3oUixqCTovdlP2n9BqtOd4U63C%2BmlKVcVwyEn0BMn0Zj1YB5U8UbpUBmCo4V7iWb8F12Sfl8OGjuXfTbHwpqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac7ab38daf1-MIA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK ac0f411e-6698-4310-aad0-cda3b4e75dbb
https://regbu.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://regbu.com/ac0f411e-6698-4310-aad0-cda3b4e75dbb
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 362ms
227ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 02:40:27 GMT
x-content-type-options: nosniff
age: 303882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 02:40:27 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 336ms
202ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 02:40:29 GMT
x-content-type-options: nosniff
age: 303880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 02:40:29 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 300ms
167ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 06:29:04 GMT
x-content-type-options: nosniff
age: 203765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2024 06:29:04 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 347ms
214ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 10:19:22 GMT
x-content-type-options: nosniff
age: 362747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:19:22 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 20 KB
21 KB 195ms
66ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 12:31:29 GMT
x-content-type-options: nosniff
age: 9220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20616
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 12:31:29 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 33 KB
33 KB 246ms
123ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

994961b8f25a0b18f5050694571210c1c5348d6221561dab5f1d72b3182e2778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 22:17:46 GMT
x-content-type-options: nosniff
age: 233243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33584
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 22:17:46 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 20 KB
20 KB 361ms
239ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc56528364598716c3aed2711f3cbdc4036f503be0af787ff3f6b1ac74a0274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 22:38:06 GMT
x-content-type-options: nosniff
age: 318423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20428
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 22:38:06 GMT

GET
H3 200 serie-zelda-je-doslova-nesmrtelnou-hrou.jpg
regbu.com/wp-content/uploads/2023/08/ 110 KB
111 KB 601ms
600ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/serie-zelda-je-doslova-nesmrtelnou-hrou.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a642173484d934a88d72be992b7e563e9153c07a36468edadd0e64160a6c94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:09:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b992-603754c8d131a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qilyK5FoYOf10anmKZTesleijfp7Dmf2N3RMcUZc6zw5bXTGfNcEryLWCuO48MqCPJb540PUtkr9VSuNqxWPQ%2BAmjoz9cCj8c69DFnhREQSzSIgqo36IBWAOk9B9CF83mgQ5RjBGYFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac93e29daf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 113042

GET
H3 200 call-of-duty-je-akci-se-vsim-vsudy.jpg
regbu.com/wp-content/uploads/2023/08/ 153 KB
154 KB 568ms
567ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/call-of-duty-je-akci-se-vsim-vsudy.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd99232193ac694963af153ded0df07b8876de255f020c267c0b22bf7f7ac53f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "26498-603753f544d9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wioOISkJ9LfcVwEtFgCI%2FWwpuu5xfNdD7nYUskiNuLZ8gYCTNTfuwaNG3ew230crfeCN%2BER%2B%2F57O2RA5iPa3aIkiemSTB8SE9k%2FrUAUFNcppEzJL8c7Sj9%2FwAcGKbefgeoO5CXycGDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac93e2adaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 156824

GET
H3 200 age-of-empires-jako-legendarni-strategie.jpg
regbu.com/wp-content/uploads/2023/08/ 103 KB
104 KB 182ms
181ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/age-of-empires-jako-legendarni-strategie.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a6a34bf175b066c767f76b9bcacb92d788fd908b9d463d212122a236b7185f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19ca0-6037535cde90f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woX0ilosoKGUKTnWVXH4p%2FiCNobJat40XIrUzzGXy57KsHUzYGpNeEcFFfWDGn5qEKIOweWcH2CH4RDNrdIRcXH4FhnEUMln43eKJIvwcM45Kg%2FL88K9bFouDTQeKC%2FCIv9rJDoxcRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83808ac93e2bdaf1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 105632

GET
H3 200 wp-emoji-release.min.js Show response
regbu.com/wp-includes/js/ 18 KB
5 KB 54ms
54ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 06:04:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3361
etag: W/"4904-5f817dc9edfd0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1tY3XS8yobil%2FSxlzWf2gXdMFNfubqpOTEWJGlpzWuoBL2idYLz6DG0WPqDixKPBFLCYJCrk%2B6pNEV6b%2FgHYTJ0ddkkPoVOgqAq5H%2BJCpu%2B0vKytCDcIvLQ%2BzU6UZSq0Ib9sf0j%2FrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83808ac93e2cdaf1-MIA
alt-svc: h3=":443"; ma=86400

POST trp-ald-ajax.php
regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/includes/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 87ms
86ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KEQ727RHG2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e8286fa755b5f043b89c9aaec4c4603ba3d4102bb0eb2e041c26fb4484f26cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 15:05:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 195ms
63ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:48:55 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4574
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Dec 2023 15:48:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 103ms
103ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M9NGL92EVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaf7814449178be411b4cb15fc45eda757c8f135bfc90d0cb1712db4852b83d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 15:05:09 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 268ms
144ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 10942279955400410868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:05:09 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame B845 9 KB
4 KB 194ms
62ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 44690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:40:19 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 02:40:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
241 B 128ms
50ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KEQ727RHG2&_ono=1&gtm=45je3bt0v9134580520&_p=1702998309268&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1110066439.1702998310&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702998309&sct=1&seg=0&dl=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&dt=REGBU.COM%20-&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=true&tfd=3103
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KEQ727RHG2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 182ms
65ms Ping
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-KEQ727RHG2&cid=1110066439.1702998310&gtm=45je3bt0v9134580520&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KEQ727RHG2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 78ms
77ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-M9NGL92EVN&gtm=45je3bt0v887525345&_p=1702998309268&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1110066439.1702998310&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702998309&sct=1&seg=0&dl=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&dt=REGBU.COM%20-&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3136
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M9NGL92EVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 77ms
77ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1563720156&t=pageview&_s=1&dl=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ul=en-us&de=UTF-8&dt=REGBU.COM%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1565096108&gjid=1793570516&cid=1110066439.1702998310&tid=UA-40216785-112&_gid=1489215737.1702998310&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=485369928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://regbu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 66ms
65ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40216785-112&cid=1110066439.1702998310&jid=1565096108&gjid=1793570516&_gid=1489215737.1702998310&_u=YCDACUAABAAAACAAI~&z=1513433051

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://regbu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 15:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 491ms
79ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40216785-112&cid=1110066439.1702998310&jid=1565096108&_u=YCDACUAABAAAACAAI~&z=1039758362

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB8C 396 KB
90 KB 570ms
568ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&adk=1812271804&adf=3025194257&lmt=1702998310&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998309665&bpp=3&bdt=987&idt=426&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1218695890939&frm=20&pv=2&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=447

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70d527e962e93a3f065bda79625210f54708616c2b30fcfee1be774502155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 91611
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:05:10 GMT
expires: Tue, 19 Dec 2023 15:05:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8AAF 159 KB
47 KB 489ms
488ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=600&slotname=3318620291&adk=3504394691&adf=1519853264&pi=t.ma~as.3318620291&w=300&fwrn=4&fwrnh=100&lmt=1702998310&rafmt=4&format=300x600&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998309668&bpp=2&bdt=990&idt=448&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=978&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc0d4750878c952fb6f99e86a7194380afab9fb1c18554037552aeeb0b3617b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48285
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:05:10 GMT
expires: Tue, 19 Dec 2023 15:05:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 8AAF 14 KB
1 KB 79ms
78ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=600&slotname=3318620291&adk=3504394691&adf=1519853264&pi=t.ma~as.3318620291&w=300&fwrn=4&fwrnh=100&lmt=1702998310&rafmt=4&format=300x600&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998309668&bpp=2&bdt=990&idt=448&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=978&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 13:52:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8AAF 2 KB
903 B 281ms
121ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 07:26:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8AAF 23 KB
9 KB 221ms
71ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 21:10:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8AAF 3 KB
1 KB 233ms
83ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 12:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 12:51:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8AAF 20 KB
9 KB 213ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:05:47 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AAF 203 KB
65 KB 238ms
90ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8AAF 37 KB
16 KB 197ms
63ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 23:24:01 GMT

GET
H2 200 data=g_RVQcf27NvQsI7nbWzbty06KptVGGZyQvat0l92AEno_lHUzsRrgmgmJayqb2GBqGJj2C61s2RbXA8IASBMzeLY8L7znZGZKDvIhhudJMaysX2rmjJ4vO-mzjE
mts0.google.com/vt/ Frame 8AAF 79 KB
79 KB 259ms
84ms Image
image/png 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=g_RVQcf27NvQsI7nbWzbty06KptVGGZyQvat0l92AEno_lHUzsRrgmgmJayqb2GBqGJj2C61s2RbXA8IASBMzeLY8L7znZGZKDvIhhudJMaysX2rmjJ4vO-mzjE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0d21c346a0903204a78b79141b78578f548af92bd49115b6d35cb7fb095370f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Tue, 19 Dec 2023 15:05:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80629
x-xss-protection: 0
x-server-version-bin: CggIBBDd2OmrBg==
server: scaffolding on HTTPServer2
etag: 0538571f971601d75
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3531
expires: Tue, 19 Dec 2023 16:04:02 GMT

GET
DATA 200
OK truncated
/ Frame 8AAF 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8AAF 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 103ms
102ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b07bffbf21142fa51120eb03293d0d27d8e76099c8f55bb23d951ceca89bc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56000
x-xss-protection: 0
server: cafe
etag: 5801105394885294221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 60E8 714 B
379 B 190ms
190ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.758169383~rp.4&daaos=1702912143377&w=785&fwrn=1&fwrnh=100&lmt=1702998311&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998311224&bpp=1&bdt=2546&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=2&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=5182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f7e3a09caa17d8358f84ca0f9cae7705a10e63beeef0e27cf68f97ce516d94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:05:11 GMT
expires: Tue, 19 Dec 2023 15:05:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E21 714 B
383 B 280ms
279ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.381427885~rp.4&daaos=1702912143377&w=785&fwrn=1&fwrnh=100&lmt=1702998311&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998311224&bpp=1&bdt=2546&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C785x280&nras=3&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=4135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd29b9e2eb5766ff6825bbaff247e005547fb1b3b51999e24c11935ee80f8a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:05:11 GMT
expires: Tue, 19 Dec 2023 15:05:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C875 714 B
383 B 248ms
248ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.112091859~rp.4&daaos=1702912143377&w=785&fwrn=1&fwrnh=100&lmt=1702998311&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Dfefcf551-9e7f-11ee-b7b3-121cef7193c9&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702998311224&bpp=1&bdt=2546&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C785x280%2C785x280&nras=4&correlator=1218695890939&frm=20&pv=1&ga_vid=1110066439.1702998310&ga_sid=1702998310&ga_hid=1563720156&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&oid=2&pvsid=2219339697084051&tmod=478389035&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=3&fsb=1&dtd=37

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfd3b9bea78eb5c8475dae6fb932f30a57c6787c2dbd936807bb0b14cc27e11d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:05:11 GMT
expires: Tue, 19 Dec 2023 15:05:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 89ms
88ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C31079965%2C31080103%2C95320884&hl=cs&pvc=2219339697084051

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8AAF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42b88a5af0dbe248355dfa4a306240692a010bff145bef54223a12b64c66210c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 68F6 9 KB
4 KB 64ms
63ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 39834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 04:01:17 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 04:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 55C3 9 KB
4 KB 63ms
62ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 39834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 04:01:17 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 04:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 68F6 4 KB
671 B 77ms
76ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 14:32:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 68F6 205 B
520 B 66ms
63ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 10:32:33 GMT
x-content-type-options: nosniff
age: 361958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 14 Dec 2024 10:32:33 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 68F6 604 B
696 B 65ms
64ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 02:40:29 GMT
x-content-type-options: nosniff
age: 303882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 15 Dec 2024 02:40:29 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 68F6 16 KB
7 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 68F6 22 KB
9 KB 62ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 21:52:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 55C3 14 KB
1 KB 78ms
78ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 13:42:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 55C3 2 KB
856 B 62ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 07:26:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 55C3 23 KB
9 KB 62ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 21:10:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 55C3 3 KB
1 KB 68ms
68ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 12:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 12:51:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 55C3 20 KB
8 KB 72ms
71ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:05:47 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 55C3 225 B
355 B 78ms
77ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:12:47 GMT
x-content-type-options: nosniff
server: cafe
age: 24744
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:12:47 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55C3 203 KB
64 KB 111ms
111ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 55C3 37 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 23:24:01 GMT

GET
H2 200 1594987872807997462
tpc.googlesyndication.com/simgad/ Frame 55C3 2 KB
2 KB 76ms
75ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1594987872807997462?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca4741e822000d626357ffaa8cfa7cb37ed7df9cab498d23c101c41f2e518be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 23:12:50 GMT
date: Fri, 15 Dec 2023 23:12:50 GMT
x-content-type-options: nosniff
age: 316341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1657
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 17:06:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 55C3 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55C3 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55C3 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8AAF 33 KB
33 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 20:01:24 GMT
x-content-type-options: nosniff
age: 241427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 20:01:24 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8AAF 19 KB
19 KB 72ms
72ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:25:55 GMT
x-content-type-options: nosniff
age: 351556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19700
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 13:25:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 519C 14 KB
1 KB 79ms
79ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 13:29:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 519C 2 KB
822 B 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 07:26:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 519C 23 KB
9 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 21:10:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 519C 3 KB
1 KB 89ms
87ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 12:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 12:51:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 519C 20 KB
8 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:05:47 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 519C 203 KB
64 KB 92ms
91ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:05:11 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 519C 37 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 23:24:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8AAF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C3v4MJrGBZduBIJvOoPMP8uaY8ATEsuHqdIGKv5qjEvrPm6PpDhABIOfo8CJgyYaAgNyjxBCgAcPU8-UDyAEJqAMByAPLBKoE-wFP0EE7nT7ICvmAkCoWsddax5mGA4_uFFaW6al6xj1MhNQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x376eb93c0f5e4e780000000000000000%22,%222%22:%220xb6f7721883e0d83d0000000000000000%22,%223%22:%220xe673aa...

0
0

187ms
90ms

Fetch
text/css

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x376eb93c0f5e4e780000000000000000%22,%222%22:%220xb6f7721883e0d83d0000000000000000%22,%223%22:%220xe673aaea93023af90000000000000000%22,%224%22:%220x40dc8785cda560640000000000000000%22,%225%22:%220x8d1213820b11b51b0000000000000000%22},%22debug_key%22:%225089314992032286405%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221019013699%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2254905897878204753%22}&andc=true

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=fefcf551-9e7f-11ee-b7b3-121cef7193c9

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x376eb93c0f5e4e780000000000000000","2":"0xb6f7721883e0d83d0000000000000000","3":"0xe673aaea93023af90000000000000000","4":"0x40dc8785cda560640000000000000000","5":"0x8d1213820b11b51b0000000000000000"},"debug_key":"5089314992032286405","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1019013699"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"54905897878204753"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 15:05:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 15:05:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x376eb93c0f5e4e780000000000000000","2":"0xb6f7721883e0d83d0000000000000000","3":"0xe673aaea93023af90000000000000000","4":"0x40dc8785cda560640000000000000000","5":"0x8d1213820b11b51b0000000000000000"},"debug_key":"5089314992032286405","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1019013699"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"54905897878204753"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 55C3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d73d0bc2718dd57f81a2ebb84f3ea7affaf04e8430b6d25c35d241cfd3873e86

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B5C 51 KB
19 KB 62ms
61ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 349677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:57:14 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 55C3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPA6tJrGBZfuPINfKoPMPtM-muAGx9o3ydIKI6v2cEmQQASDn6PAiYMmGgIDco8QQoAH545TNA8gBCagDAcgDywSqBPcBT9BzWEhmK39Nd-O9kEauhvbgQbbuD40aW0QGGTqEhum2hjCsIKD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9602dd3aff295e190000000000000000%22,%222%22:%220x2dc2bcc4a5f6a4f90000000000000000%22,%223%22:%220x68fed7...

0
0

215ms
91ms

Fetch
text/css

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9602dd3aff295e190000000000000000%22,%222%22:%220x2dc2bcc4a5f6a4f90000000000000000%22,%223%22:%220x68fed70ea4daf4330000000000000000%22,%224%22:%220x7bea70a762be00110000000000000000%22,%225%22:%220x987954b0d6f54f5a0000000000000000%22},%22debug_key%22:%2212263478250294015187%22,%22debug_reporting%22:true,%22destination%22:%22https://freepeople.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967127545%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222870648359860609489%22}&andc=true

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9602dd3aff295e190000000000000000","2":"0x2dc2bcc4a5f6a4f90000000000000000","3":"0x68fed70ea4daf4330000000000000000","4":"0x7bea70a762be00110000000000000000","5":"0x987954b0d6f54f5a0000000000000000"},"debug_key":"12263478250294015187","debug_reporting":true,"destination":"https://freepeople.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["967127545"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"2870648359860609489"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 15:05:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 15:05:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9602dd3aff295e190000000000000000","2":"0x2dc2bcc4a5f6a4f90000000000000000","3":"0x68fed70ea4daf4330000000000000000","4":"0x7bea70a762be00110000000000000000","5":"0x987954b0d6f54f5a0000000000000000"},"debug_key":"12263478250294015187","debug_reporting":true,"destination":"https://freepeople.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["967127545"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"2870648359860609489"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 55C3 33 KB
33 KB 62ms
62ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 20:01:24 GMT
x-content-type-options: nosniff
age: 241427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 20:01:24 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame B80D 51 KB
19 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: freenet.cz
URL: https://freenet.cz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 349677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:57:14 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 260ms
114ms Preflight
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 15:05:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 94ms
93ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5ee8d37a4256fff48aeb40180693fb6593565859bd6e2e8d16deddc0774d9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12254
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 212ms
87ms Preflight
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 15:05:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame BBDB 51 KB
19 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: freenet.cz
URL: https://freenet.cz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 349677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:57:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 15:05:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E092 13 KB
5 KB 63ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 44724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:39:48 GMT
expires: Wed, 18 Dec 2024 02:39:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0379 829 B
996 B 83ms
82ms Document
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0803fc49aa8b8e2b1e3874eec91786d6132afdb5f45bba3d44a298b758ab453

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--oeGElgL66gsJaxnZLtxXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--oeGElgL66gsJaxnZLtxXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:05:12 GMT
expires: Tue, 19 Dec 2023 15:05:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E092 39 KB
15 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 02:40:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0379 0
0 89ms
88ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2219339697084051&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E092 0
10 B 63ms
62ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FEbmDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:05:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8AAF 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNfCQlIDv_ypOy2cuSsZujIVoqUmGMNKAIoNOdFXj8kOH5DhIYVzp2wKCBp4c2UImDNCDdHlddC1jW2ePw-8GIJ006BsySN3dSR-YGocRXm9NMEHxwSWrYCtMiDItPXbAWH1p5B4KEcxZltxbDn4_67ebmIEp_JvnzduYg4ZedokSN3lybAhPtqAceWAVpwZATjVRQWEcXuht64BT24CKHYthRHEJnkrPMXHcQNBN_MDu4nNm00UXwoxIjIYXFlYLc4dptsOmKD7GK989Eoi5a2JCZFo8WJUtQ7fbHzPM8f1gNnwD2r-zQxeiQmsARpqBUPlj_3KTq2wx2VLeZqmNLUs2DNP2YnvAdu_e1_hgOOZ11xfISbb2cnbdok8f98RS_bCnMG6SeufOISlGWnZs1zuKIIvp4XjHdF9isDnYiheK09ZVQ6zrenHR45C00MCbyXiZ_zKVd3XnITMqSlg39FHUuC7MEtCjmalmXjwGeNMODOns1HOXOVNpq8kkY0mBfs06DkWlrcll66idpqqRvko1u000Tx57BdfgZFvmatBuwcVTfoh4A3n-3Ce2Dt2G4_QIt9v8fLxIsrOK1D_x9-43GScQuLtUHyPNB1oX80ACvasTI3-IBo0h4vDJY0OxMXlkEQfqua1l3RLvQCKfck_i75vTUpX3yvdFEiKiOMFzWHA6sfpHYvOCIT5bPuiMsSW36z6Z953JtdywdSfPIzFqnwOZM4S7RSAFRELaYVtbM9cr8P8eQhIB1iTjZOO25aU6-4u9CjeyyZ0s9i_HzQOtU1MChFMWC6qlIWCJB1juKlZdyLMetXbNrgyIIXk90n1vsPBNphGbgaMqdJxDdQn426nIJGe2bgbm1-mBdvwXoxtHN2jDDeF-4xg09TBxkUyBiLgER70H6MxhdaTR9o-XCTli-1-vqeRglEaURZxwkakqYK-WPXf4uWauzBVVLpzcPnQyD6KNcHQJmfgOH-F7jASQ550j3ENhBSQ4oP_DlE9runij4Ycqn5nCaTGRkbhhtidSSsD1DPU4Hj473cEL0kZjlVfuQ_H3HhQNWtDNxSWCv1Qb1Dm7Y3uhsMKUaH6RsZmLopZqjTiaoOaDRoCWCecoFPLr0dbfkXMdFtZ2jrnSDt_OH_yt0-pYoj2kiHiIDuwMo6b2-6KPNXexfG9W877TQEKKgf0qh2J63bhak-OUR-1Tnu9dcTKTL1i6QrLe9Uxx9qwEtnE9F1yp-n9tuhU1Q_wtrazBJfjb60q0uRSoWNmXH_dUOcgXwE1DhJb-eCMvillrIBtyr6mgH_-FiTvXoUmQ6AG61HnhOaROWCq0PN0aT8k_tA6JDHOtOW4QxApNK4p0AMs-zZSGFEs7OX66bmW69uxydM_asEatDi5vtt4mz1gsZhnDvWYQae30NDbQhUQ1Q7vJFUbo&sai=AMfl-YTVsvsbBrB3bj8J2VXRBftIywfvWBNCBtJjvfomCWjnPYwp0GbF5qkuebnmC7JJ-oduS5PmaJm-W2JepfJ0ApvIS1FbBgH9ni2knZziuKrewRZ5zgMxeOxlh15B1C6H1mUnsCrw1IWdIoObRHLT8PGKl738IPVbPGtThw&sig=Cg0ArKJSzCYpIr9Z8pNqEAE&cid=CAQSTgAvHhf_bAcA4Va1ycc2t0z1fTYh6d-uMpPAjANtaGqeo_OvI7qRJalprowk5cma9OB9zTFYVxQZknRffMoqoKLolieE73sYjsZMIe6x9RgB&id=lidar2&mcvt=1094&p=0,0,600,300&mtos=1094,1094,1094,1094,1094&tos=1094,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3504394691&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702998310121&rpt=1536&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 55C3 42 B
64 B 94ms
94ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvv3Sakb8P_fGPDozks9bAp8M83xt993aEprJiqHMVzlns431dbeQ_S5cLaAY5T4O0LN7eqiD5oN6nph-seUOPXtw1-da4iepL0q0myk0aLufh55ISFr1037BWTp45ppZTSrQruOKXTqlD4PAmZrUZoGuuWIsMjUx0VA7LDdSJ0kN2qlEzqfmSST024kn_11P_923OKvxUGyBdbSU4-E7qXsHvy8JvTmP-8IxEu-Q7U9gR8aABEKMTFkVtUCBwL6DenU5GNx92vFe_yq-so1FNhdkXLfIsnhOuEQrRUwrIzBUZlz6pTc-tTkJAn0wU7KgFEDEoOAzZwgDI8GywOhD8Lj5wIDVgCm568HNq1YoZgk88QGjPzdm8wXbp2G8nNEO2NRMVQIWzVIYZ_vpPfBLksdFDfe9txZFk4ge15lYTWhee1Gbi2TFCAE1-WO-YiorbcbcOEI3Iz0YbKYB2PYCUoknPtiBz3b4C79q0cKK9SZo4tUpfdtC7QKHXCReF_mEDhYE5m0RONXbhtSl_Y9kwwmk9_S0G588yBjAkNpwffv7GitxUlqYcnnn0v6JaxF9MA5M9wsXq_s72UEhB42fPCjQtr1IvYqZwS7oZYBYNE7mCLUXjBI37ZnZXDIeQHeu1CivIprbeZzFBaFGDMrPvtraXjw-w1TG0a3WrXLmOk1qrL8_-WgzcwP0_gphxgLP3a7NPpoOjUcdF1bIUEUsaOClnj7YgYLEOkHb7qWbMOGES7vgtCE83N46KyECWnB8MCHnac1gpMwgPWEOFQpN8gMUyD7vgm5ppDuc7VWHzpQn9cYF0VwIBeot1j81_TczY2nOVXfAUIPxlrmWS_MalEhiYJHe6ZPA-bm2AOalDxWEMwpgc5XV1V933kZMW5aatsiWEDCR9K_GOzPLKzUfyoc6516BiRc2nNoIQkhhloQkEhrr_QTiPY1qK3cLUg0PpFL28npTuGdjj7vPDsmSMKBki2ugln_nGUbJRw_FLPPWAxboHlcBKqcrSJw1dV_XJCcV1iAn59QvDPM0E3zEihDasYD29n--WAfTBqH3QDIbUWjqnTc4nKy-HcLOuWPMhzYf-u0RYvIDMm2vVRiXVs0p61TeqMR_Iq850hoN6Rbhtj8bxGs3pDxesywAOR_0SalOE-kiNYlBjYkIkS6XPLd9ddr20mafkxqCA3RmAAz4D55XdfNMKXvOR6w5OzjA5iCAfCbfik7-W-jme22s00GFeYiP_onjBsms5WGGmds0Q&sai=AMfl-YQrx8znl7iXSIR643XIy9B_KYzU1ed9HI00r4mPbANfUDkSx_IaOnVNaVFgmOaILEvR98Espi7k_aKFZEzS0jllPcyepPCWn_22ImBwTFqwTQxVaS7v7kLFwdhg8ECuNDbaatof9CeqlXslRsJxnrLFSX6Yjwd9BcVbL_U&sig=Cg0ArKJSzOeX8LloGtWdEAE&cid=CAQSTwAvHhf_jHYbgD0gaWrV6Bk_RxQ0-6RjHwJNEc_GWJaL9TdD0mF823zYv9YX-RqQwyQDireTlWBb5yUUnyPkNKshFKNcAEyED1AgQZoLPOcYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=73,876,1000,1000,1000&tos=73,803,124,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702998311341&rpt=488&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 15:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2219339697084051&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfOBq1GLjwWRm76XIMectJABn9qiYLNuLOwWkClz7YUZMHpQfcjHNMAWWQegITOJzIAgAAAi1SAAAAAmgBB5kDGV2PAuw0pDTSLNxoRTJ7xuCyI1_QepQtve-jxQLo4IFItYnrABQafAesC7BzsWVlaRta0lOwbD9ArW5cj8qGiLRX-VwAlhUDiaD484ERwjb_-8AaA58N1k2YByUQsMluEzVZKS7SS3EVKBpKxBGPzIKVpnUuCtY75Gjj3qkJtXHn83cK3xWxJiumq3m-cuzly1CVHcB-eekfmtxGQU_LlURCzkVVj2j0lUxxOC7P10T3jWaWE1f1PU2CR920zFT67WjOGtDICoNQXJh7A2p428n_szTPTITDW-uFc23ZmF_r4NrIzOZBdIhx_Gh3JKVBngJguXbfmwnlZAQ53YCTcX5W1IoOaeJ-p_kQ8hAFn9e0Fz9hUhAXZfBC0OJqTCocLECTm3fHw603pKvWahCLEUX94phlBZQGIjwxu-tuOX3o_Z0RbxmlhNKsF-AXR-JAz0roTQbgJGyCwE5UMWjLk31EepKq_mVLw8Y_UrFGrR8dWcf-oIr5VVTvj3lGzWBynHtzfS21XSUi5ChTtf4j5Cs6IrxWZieEM27oRqpBZJYWvUJjFOo_nx98STXiWJu5aZwG20pdpNimTZIOyCvIe5Bx--_VuvyX-RHnpLiCkfNwvtsfMADKW7xRR2_6vXUCJfGovjwF6Rql9lccETWAazKMHk4RA5SEykgf3uWJHZWx9tm8cUess1KZEWWKgbydPr_ZNWV8Y0ktyad4Kq_4GlEf5h0V5RZH4vsjsJQdVDI3ZJdqjOoJpjXNok8CtZjKr3LVkwMVWLp1pwrMPKE2EybDvQQ3Qab1NFTd1cB72vbmSUpq0Oof1uBcvmf59eG8s-WXAV8XxkW1_ZJEAEPG-91FiaKRtFFXcRk0IdCbjLXI4y2kA3qa7bpzvpcBJRRbOxxKmpqMXqgmiv2mQ-AcVyJlrOoISPe5qa2SyhvPkJIzYD1kSkNjpHOTQXHwEFdTUJ8S6vz8MWeHsQJIx4ihzHkKC0jiG0DVs7I0t2yep0oLsx6Gf43KKar2aWx8Qt2EfstvioFlYrJlZwK5RE2z_yccMlLfcCjaCzc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: regbu.com
URL: https://regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/includes/trp-ald-ajax.php

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.manystylesandme.com/	1970-01-20 17:04:44	Name: 59241f9f-2e36-429b-84bb-abc82c5edf7f-v4 Value: 9BgAeBmWoC7q_E0bGg9SlAppRb4-m1RMGJe9vKc62iw
.blog.manystylesandme.com/	1970-01-21 01:48:54	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w68qi5qua1akrfrt2p8j7qrs%22%2C%22caid%22%3A%2259241f9f-2e36-429b-84bb-abc82c5edf7f%22%7D
orvar-mza.com/	1970-01-21 02:39:18	Name: 604f7b6f-0cd4-4d20-93c1-e91664c5b996 Value: fefd9190-9e7f-11ee-b7b3-121cef7193c9
.regbu.com/	1970-01-21 02:39:18	Name: _ga_M9NGL92EVN Value: GS1.1.1702998309.1.0.1702998309.0.0.0
.regbu.com/	1970-01-21 02:39:18	Name: _ga Value: GA1.2.1110066439.1702998310
.regbu.com/	1970-01-20 17:04:44	Name: _gid Value: GA1.2.1489215737.1702998310
.regbu.com/	1970-01-20 17:03:18	Name: _gat_gtag_UA_40216785_112 Value: 1
.regbu.com/	1970-01-21 02:24:54	Name: __gads Value: ID=11d251dfa3d6dab6:T=1702998310:RT=1702998310:S=ALNI_MZiZrepgL9fZ3Rdmjz3CSaXUwaA0A
.regbu.com/	1970-01-21 02:24:54	Name: __gpi Value: UID=00000dab0fe2f787:T=1702998310:RT=1702998310:S=ALNI_Mb73e3YjcCUh06Lxmfsz3F1Iqrfmg
.doubleclick.net/	1970-01-21 02:39:18	Name: IDE Value: AHWqTUliYA7k3Z6RsmUG4fgfZiVeO6bZm8vQ_W_XouNiVnYbHBE7cPN5jiRx4RWnY6k
.regbu.com/	1970-01-21 02:39:18	Name: _ga_KEQ727RHG2 Value: GS1.1.1702998309.1.0.1702998311.58.0.0
.googleadservices.com/	1970-01-20 19:12:54	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
blog.manystylesandme.com
fonts.googleapis.com
fonts.gstatic.com
freenet.cz
googleads.g.doubleclick.net
mts0.google.com
orvar-mza.com
pagead2.googlesyndication.com
regbu.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
regbu.com
107.22.53.88
142.251.40.194
2001:4860:4802:36::181
2606:4700:3037::6815:14f4
2607:f8b0:4004:c06::9a
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2004
44.197.254.96
46.8.8.200
08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d21c346a0903204a78b79141b78578f548af92bd49115b6d35cb7fb095370f5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1348be98d8f2a8599acfef9767527e164544e1e07cc74279cee0a1bb9a50a395
14c54438cdca89ae25314b9a32e0c795a3c6b663825067240005f60c8a435dff
1ab50bfb7b50ba43cf03e36facb6431597e46a51adb21f53f04297421494e5b8
1bc61117f652bc846db0c95c5cc7273b6c0484292ed2304168cadd8affd40487
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
246e5d2f70b9e2f43901db5f080cf38df03804c235c3009458a9ad59e6f47c98
2a15dafa41689cef7df1573e8ca391a01fdd72f09cef27fd9cdc71c887b01c0e
2a7bc09215d14360eecc613094babf65ce928bd02f08c1d53c2cec2f71a16aa3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3182c6ebc02afdf0ae998303f1ca7ec92a387ebaedc85564eb26425620f8d1ee
326637e4c3f86d1f4f4d728a2de2a50d2c59f4a09844e866af8023ac6adcbc22
3995576a20df12952885a3e7cb3eed68e878874bfba0f250deee0ce15713b2ca
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
3ce4435d68c21d56cebe0995aedb94ce173653cc983b09c8544a67478af28225
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42495d821ccd0890cf42f1b7ff365069dfbbf2db6a7cd2f58cbff0724153c1a0
42b88a5af0dbe248355dfa4a306240692a010bff145bef54223a12b64c66210c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
490cadd098357152b599430f6364c0a1333e378a0967f1f3ecbe4172c6bbcf84
4cc56528364598716c3aed2711f3cbdc4036f503be0af787ff3f6b1ac74a0274
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e8286fa755b5f043b89c9aaec4c4603ba3d4102bb0eb2e041c26fb4484f26cb
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe6c89a2f98668ff7e6a71ba13a58799fa926f6737d1d02c9ad72bb05b4cad7
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52751a6236299003d6f9161b254374149546dcab3d1bddb56babe9342cec3f7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a4b22644990ed0b5f68373075760fa4d987b650a6dd05409ddb4d8002a391b8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e4288dc9b3af00a88a91714a222b0dab16f26454e70f9afd110b289e703f616
5ed66f46f5021700271152106eacb5ddf5802283782498fd360bdcf0478cfa77
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
70d527e962e93a3f065bda79625210f54708616c2b30fcfee1be774502155871
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
7b07bffbf21142fa51120eb03293d0d27d8e76099c8f55bb23d951ceca89bc31
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
84554ad84b590aa4d161301d4abb95d5d3b7013f38bbb0c02ba0d506ce3c548e
85c34c3277bb9c28f7e9f0b84dfb4a73196c25bb03ca1e887c507ec98ba6587b
85d05871f6315412de38a72c7164fd4917efba135ba06ed9972c502c1fd811ff
8a52d124a5821cde93d0f507ea5b57407ef327189ff07e0496bcd3dc74861948
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9077bd707339a41d2960164348337c63e5e2e114ba70d55d7d677e7b48bba689
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
994961b8f25a0b18f5050694571210c1c5348d6221561dab5f1d72b3182e2778
9ba5e0bf235435a81c9479a6c1757c6947fb6460b17f820bc70797a5ff4537f8
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9f7e3a09caa17d8358f84ca0f9cae7705a10e63beeef0e27cf68f97ce516d94c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf7814449178be411b4cb15fc45eda757c8f135bfc90d0cb1712db4852b83d5
abb477d4d2e332a08ec4d51f2734ee46ae879d2c0b71fe38da40d03962e3a708
b0803fc49aa8b8e2b1e3874eec91786d6132afdb5f45bba3d44a298b758ab453
b17974619f9233fb51fc94a230d109d563093530560a2ac910972020c8cc4209
ba1ceefb8407a39580dfb8fe55f14e8c4c5e1a20983d741ea218fa2d92e505f4
bc0d4750878c952fb6f99e86a7194380afab9fb1c18554037552aeeb0b3617b0
bc78f50b6e27078e91fe318c8ebdc52bac6cabbe5c298f471bc60292e126e1a5
bd99232193ac694963af153ded0df07b8876de255f020c267c0b22bf7f7ac53f
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c0a642173484d934a88d72be992b7e563e9153c07a36468edadd0e64160a6c94
c5ee8d37a4256fff48aeb40180693fb6593565859bd6e2e8d16deddc0774d9fd
ca4741e822000d626357ffaa8cfa7cb37ed7df9cab498d23c101c41f2e518be6
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf122fe45ccffe0ed0058d1fb7efae80dc92a8710d8ab18a7d63984bb4aa685e
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d2c76682e31b1ad1abb3fecbee5bea020e97e249f13db0a0a041a83446a53f5f
d73d0bc2718dd57f81a2ebb84f3ea7affaf04e8430b6d25c35d241cfd3873e86
d9bec2197bf2f3d11918f09b7d922ffa04e4ac7b1dc3ee998c0658984cf24f93
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dd29b9e2eb5766ff6825bbaff247e005547fb1b3b51999e24c11935ee80f8a4e
dd6747b68e5f84363c189fab01f3836b16389ab0259c5cadd4d89827dce5ac4c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd3b9bea78eb5c8475dae6fb932f30a57c6787c2dbd936807bb0b14cc27e11d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e21ed35cd4deffee9f308bebff9625437f4ecdead9f39f9f50918c1739337d
e90d03e5868958c39f668350a8f49c57e42e04e41e0807d7aa967f3c4509ea99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18a2fd755cced45aa875a30a29bb553a53561519cf2f9250d7c8f9b040e7762
f2a6a34bf175b066c767f76b9bcacb92d788fd908b9d463d212122a236b7185f
f71e440bd8074d59686f35d87b824c16f5310a34bab7fb017b0178bd726e35d3
f9802fd5b10afab8794b5e9683d79e8aa13cd1ac482bb82abd444d9bd915bb11
fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f
fd88d63a0b21974210c6097e5ecc5f1b569e288a77085c4b806dadcd6f73ad78

regbu.com Open in urlscan Pro 2606:4700:3037::6815:14f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

97 %HTTPS

78 %IPv6

13 Domains

18 Subdomains

17 IPs

2 Countries

2282 kBTransfer

4907 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

regbu.com Open in urlscan Pro
2606:4700:3037::6815:14f4 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

97 %
HTTPS

78 %
IPv6

13
Domains

18
Subdomains

17
IPs

2
Countries

2282 kB
Transfer

4907 kB
Size

12
Cookies

128 HTTP transactions
7 data transactions