regbu.com Open in urlscan Pro
2606:4700:3037::6815:14f4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.detect.cz/
Effective URL:
https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Submission: On December 19 via api (December 19th 2023, 11:02:52 pm UTC) from US — Scanned from US

Summary HTTP 128 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3037::6815:14f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is regbu.com.
TLS certificate: Issued by GTS CA 1P5 on November 15th 2023. Valid for: 3 months.

This is the only time regbu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	46.8.8.200 46.8.8.200	60592 (GRANSY Gr...) (GRANSY Gransy s.r.o. gransy.com)
1 1	44.197.254.96 44.197.254.96	14618 (AMAZON-AES) (AMAZON-AES)
1 1	107.22.53.88 107.22.53.88	14618 (AMAZON-AES) (AMAZON-AES)
45	2606:4700:303... 2606:4700:3037::6815:14f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
1 14	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::65	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::65	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c19::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::63	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:2be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4008:805::2003	15169 (GOOGLE) (GOOGLE)
1	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4004:c0b::8a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4000:45::6	15169 (GOOGLE) (GOOGLE)
1	142.251.167.154 142.251.167.154	15169 (GOOGLE) (GOOGLE)
1	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2199:9200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
128	23

1 46.8.8.200 (Prague, Czech Republic)

ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ)

www.detect.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.254.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-254-96.compute-1.amazonaws.com

blog.manystylesandme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.53.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-53-88.compute-1.amazonaws.com

orvar-mza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3037::6815:14f4 (United States)

ASN13335 (CLOUDFLARENET, US)

regbu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c09::9b (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::65 (Ashburn, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:2be (United States)

ASN13335 (CLOUDFLARENET, US)

g.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4008:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::8a (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:45::6 (United States)

ASN15169 (GOOGLE, US)

r1---sn-q4flrnez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2199:9200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	regbu.com regbu.com	843 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	394 KB
19	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	80 KB
15	gstatic.com fonts.gstatic.com csi.gstatic.com	211 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	138 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r1---sn-q4flrnez.c.2mdn.net — Cisco Umbrella Rank: 160878	949 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	220 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 686	615 B
1	rtbrain.app g.rtbrain.app — Cisco Umbrella Rank: 16355	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	orvar-mza.com 1 redirects orvar-mza.com — Cisco Umbrella Rank: 296216	608 B
1	manystylesandme.com 1 redirects blog.manystylesandme.com	608 B
1	detect.cz www.detect.cz	220 B
128	16

	Domain	Requested by
45	regbu.com	www.detect.cz regbu.com
16	pagead2.googlesyndication.com	regbu.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	fonts.gstatic.com	fonts.googleapis.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
5	csi.gstatic.com	imasdk.googleapis.com
4	fonts.googleapis.com	regbu.com googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	2 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	regbu.com www.googletagmanager.com
2	r1---sn-q4flrnez.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	regbu.com tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
1	cm.g.doubleclick.net	1 redirects
1	d.agkn.com
1	googleads4.g.doubleclick.net
1	ade.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	g.rtbrain.app	regbu.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	orvar-mza.com	1 redirects
1	blog.manystylesandme.com	1 redirects
1	www.detect.cz
128	26

This site contains no links.

Subject Issuer	Validity	Valid
*.detect.cz R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
regbu.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-10-18`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-12-12` - `2024-02-20`	2 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Frame ID: EA2424C88FCF9E4E1B0D0B7054DAEFCE
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 5D4ACF677692CA9422B7BE035E15FC5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&adk=1812271804&adf=3025194257&lmt=1703026965&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965029&bpp=6&bdt=1091&idt=399&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3086417351863&frm=20&pv=2&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=426
Frame ID: DBBB539604D118CB140B4477E3D237A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=600&slotname=3318620291&adk=3504394691&adf=1519853264&pi=t.ma~as.3318620291&w=300&fwrn=4&fwrnh=100&lmt=1703026965&rafmt=4&format=300x600&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965035&bpp=9&bdt=1097&idt=424&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=978&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=431
Frame ID: E6C5859E0BFB79D44A5B89541D571640
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.112091859~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026965&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1998&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600&nras=2&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=40
Frame ID: 55DD4EAFE5F076D06D5E276912AF783D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=3722182905&pi=t.aa~a.149304254~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026965&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1997&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280&nras=3&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=58
Frame ID: DF297FD43BD7A514132C4437545A259A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=3077611433&pi=t.aa~a.816269010~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026966&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1997&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280%2C785x280&nras=4&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=67
Frame ID: 211C97CB5B76B29B8FEE225B32509797
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=2916860797&pi=t.aa~a.381427885~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026966&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1998&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280%2C785x280%2C785x280&nras=5&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=4715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=92
Frame ID: E5B1A735208F76293395CFEFA5292260
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3933C35CD1DDDD73ED0C142DBA7A8CB4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 52E74D516340B2C37F4AE0C913FFE1D0
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=3242617654&pi=t.aa~a.758169383~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026966&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965939&bpp=2&bdt=2001&idt=2&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280%2C785x280%2C785x280%2C785x280%2C128x600%2C1005x124&nras=8&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=4642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&psts=AOrYGslTzsoJj2-5gI8bFLwvAndL-Z6kAUh3PrvPGqWZIn7ZiRMzjARev0-x48wPs4zMxvzpDYSumMTfRF0NrFPMF_nHYH4e3eVihLHHEoRJ&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=7&fsb=1&dtd=609
Frame ID: B9E3F87A0B0B571A79DEEB00D4A4C7BF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: DF5A0BCB5EFFACF5C7BC95C9878A054C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EC59E34579FB08BFC8C00A45B2D24CF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C279FC299A9873BA6A139B97838824C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REGBU.COM -

Page URL History Show full URLs

https://www.detect.cz/ Page URL
https://blog.manystylesandme.com/59241f9f-2e36-429b-84bb-abc82c5edf7f?utm_source=detect.cz&utm_campaign=pavel... HTTP 302
http://orvar-mza.com/detect.cz?adTagId=32640a10-9f80-11ec-83d5-0a918cbcbb97&extclickid=wck69v7u2o... HTTP 302
https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

128
Requests

97 %
HTTPS

69 %
IPv6

16
Domains

26
Subdomains

23
IPs

4
Countries

1977 kB
Transfer

10314 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.detect.cz/ Page URL
https://blog.manystylesandme.com/59241f9f-2e36-429b-84bb-abc82c5edf7f?utm_source=detect.cz&utm_campaign=pavelsimon HTTP 302
http://orvar-mza.com/detect.cz?adTagId=32640a10-9f80-11ec-83d5-0a918cbcbb97&extclickid=wck69v7u2osbhnrtimoi1q6u&fallbackUrl=https://regbu.com HTTP 302
https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://gcdn.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/33262C5DFE6FFFC94D8501F8988F34A494DB61AC.13BDB5D9995F52B0D26924CBC8BA71C026948BA2/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-q4flrnez.c.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/379D99D9486CB532C6EDF053B08B63F8766138A8.445005D1C357BFE858460B06B1584A9360E8D48A/key/cms1/cms_redirect/yes/mh/Mq/mip/2001:550:1d05:1::13/mm/42/mn/sn-q4flrnez/ms/onc/mt/1703026062/mv/u/mvi/1/pl/48/file/file.mp4

Request Chain 120

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhiFk82BAiABMAE&v=APEucNUQWsHukInThLCMqt8NzNZv1cKFeqFlDDZJbxfNPD-kOuXCDev-QfZTi9LgKKtbB0-TzWa0T74PfEwpVTHEyvhVUPx8UxfEZKufUBs-UumPoj6iUk4 HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYIhFxfjyfH5QsZCptE83gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPhVb8sd2jAhPqNanmGklKM&google_cver=1

128 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
www.detect.cz/ 150 B
220 B 2883ms
59ms Document
text/html 46.8.8.200
GRANSY Gransy s.r...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.detect.cz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.8.8.200 Prague, Czech Republic, ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 150
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 23:02:42 GMT

GET
H2

200

Primary Request / Show response
regbu.com/
Redirect Chain

https://blog.manystylesandme.com/59241f9f-2e36-429b-84bb-abc82c5edf7f?utm_source=detect.cz&utm_campaign=pavelsimon
http://orvar-mza.com/detect.cz?adTagId=32640a10-9f80-11ec-83d5-0a918cbcbb97&extclickid=wck69v7u2osbhnrtimoi1q6u&fallbackUrl=https://regbu.com
https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d

98 KB
16 KB

1244ms
1168ms

Document
text/html

2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Requested by: Host: www.detect.cz
URL: https://www.detect.cz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84d414f7ad40d9a0c499c3c50c1cb508190c6762d5cdef720c96bf60529c415

Request headers

Referer: https://www.detect.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 838346555a0cd9a9-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 23:02:43 GMT
link: <https://regbu.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmDJ6%2B6IsLCLGqxQUMS67JUp%2F3OPMZdicS7VQbTvutAJNNX%2FtitGOa6jt4T2IoE3Z5L27VXjKkHGsqcFDJa9WdI6pE0jCUH5eABCEqBwLHoKyqFUu0et1eFF%2BO52YaJU8zYH4OlmccM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 19 Dec 2023 23:02:42 GMT
Location: https://regbu.com?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Server: oQJeVuvM
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H2 200 style.min.css
regbu.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 598ms
588ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-6099ddb9a1147-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEEVSWx%2FW6rJhCzfz6MTHQX8layHeczO%2BrpR7FApB50CcBNXBzO2FEuGHOmdAFqnOHZRPnLZLeGkHYn7tJTGdJWBYOszkZuYPi0sSSIeNttUHrYOXVTZ3agAwYutj1GdRBLHLVYT1Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8383465ccbd8d9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 trp-floater-language-switcher.css
regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/ 18 KB
2 KB 593ms
585ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.6.9
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ce4435d68c21d56cebe0995aedb94ce173653cc983b09c8544a67478af28225

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=22292
etag: W/"5714-60ccc92e3ac3c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9KsXnWsmCUhu7%2Bkik2oOf87o%2FcSfaumCXm9k2YzzstqC87E8voI3643bXBWW8ZcKtaUG49whGkXHudyATg5Ytell5GDNID1pyyLvi0xwyeUJDBkmpn6TiwiEi%2FjgKgI8tkRZxkr0LY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8383465ccbe5d9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 trp-language-switcher.css
regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/ 2 KB
1 KB 557ms
549ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.6.9
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf122fe45ccffe0ed0058d1fb7efae80dc92a8710d8ab18a7d63984bb4aa685e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2843
etag: W/"b1b-60ccc92e3ac3c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcWMt5qI1%2F4oW7QpLBULcRnVrNN99ubUpksw5E01m4RY2UBURSuDoKuDnVOyH5kmTSd9Lp%2BA0XZW3IQ31OLH1pJYPVzMuyf3UFZxCUYlZurEVXWwx9i3635PgoKevzMuA0Y9RhTPTAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8383465ccbe9d9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 trp-popup.css
regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/css/ 8 KB
2 KB 593ms
586ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/css/trp-popup.css?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326637e4c3f86d1f4f4d728a2de2a50d2c59f4a09844e866af8023ac6adcbc22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 30 Jul 2023 05:04:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11683
etag: W/"2da3-601ad3ed2f060-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl%2FZEH8US1veeNUYU1n4WhdiFsFti%2BShYZuI7N9AYqB9PynNalSt9Ze27DO52u%2Bj7aj3mWM03u401BTNf4Al%2B0sjizbp5cMPYZ%2ByYuv6lA56Q5dRhBpkoz5R9zHs75loprhHC4HkN4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8383465ccbead9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
regbu.com/wp-content/themes/bam-pro/assets/fonts/css/ 58 KB
13 KB 562ms
555ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/fonts/css/all.min.css?ver=5.15.4
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e7a9-600664389a3c7-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TzAf%2BVug1Wf%2BQHvQtNJsXZHfrWh9SMA7cpBwtjx%2Fd8YLgWS42pgpeeldgdOFiC73ILHlqYjwUntXbxP%2Fn6kAz86aFXLyGzoGjuuov%2Fwd83ZeSsXO3iZCDx1DR3XMtVJlfRV5QSDfoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8383465ccbebd9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
regbu.com/wp-content/themes/bam-pro/ 68 KB
13 KB 51ms
44ms Stylesheet
text/css 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/style.css?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c34c3277bb9c28f7e9f0b84dfb4a73196c25bb03ca1e887c507ec98ba6587b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2254
cf-polished: origSize=94748
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
etag: W/"1721c-60066438b7883-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V2kya4XG%2BH9gnsCHA1pDUQfvMqBx%2FCBBhWbg%2BTGOBoTYCF4X2WZy%2BUR1H7jjB2B%2BW2uxOI9eGPNbo2eS2lJv8zMTngjSELwj1%2BFZDtuitIFARSbNGrUDUsBZeCEG6GveyotqBEfmug%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8383465ccbedd9a9-MIA

GET
H2 200 css
fonts.googleapis.com/ 68 KB
2 KB 174ms
61ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ba5e0bf235435a81c9479a6c1757c6947fb6460b17f820bc70797a5ff4537f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 22:59:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 23:02:44 GMT

GET
H2 200 jquery.min.js Show response
regbu.com/wp-includes/js/jquery/ 86 KB
31 KB 563ms
556ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 06:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-6099ddba09927-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVKGznCT%2FWcYhFGVIGkypik87WHZt6LycZspSfRr13pnS00PBBovttJFdnqvl%2BxvlxiSd65ZhPrRUhhHu5MYPN4PgeYtudQwK1%2BssMoqO2wEfh3L9Bi0AH%2FrsVloKk6g8HbzhuYExb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8383465ccbf0d9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
regbu.com/wp-includes/js/jquery/ 13 KB
5 KB 187ms
180ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 06:04:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-602773f1f0bac-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbsHJnnZqIzp2pd%2FNe6QTsF0e8sJ7p0VqF%2Fw8bptcDUxugD%2FT09DmTlu%2BVpwu2D1o%2BUNIRvDfu%2Fzm2Nyw0EsJjWxNhPuYNEzt1nAYbQlt4cXUFMLUIBY6lwMlwIvPKNXe7fWJE9MaA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8383465ccbf3d9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 trp-language-cookie.js Show response
regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/js/ 15 KB
4 KB 184ms
178ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/assets/js/trp-language-cookie.js?ver=1.1.1
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd88d63a0b21974210c6097e5ecc5f1b569e288a77085c4b806dadcd6f73ad78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 30 Jul 2023 05:04:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=22110
etag: W/"565e-601ad3ed2f060-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7tfA9F3yyk%2FzmnO8QYfZCjmIKCysN1Slif0Dp75If9CjkzdECY0RKGZ%2BHv2DkeoUTe3HDsDwoq7IVXLMfrnvaVv2%2Bb9HtFGsBDeXj2JV1GDXgs1Y3zKIZjgQE3WeFcuofFATl5sX3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8383465ccbf4d9a9-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 261ms
90ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ba4adc30c3a1a8c4b879da805348fbfc525acca5309e9f6f863323a2a79d5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68945
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 23:02:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 264ms
93ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237&host=ca-host-pub-2644536267352236

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

badbb3191996e18c62e9d31ed1c39e841c63affa69d75a40c12fad46cbbabef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 5055548725929561429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 23:02:44 GMT

GET
H2 200 vyhledavani-google-obrazky.jpg
regbu.com/wp-content/uploads/2022/08/ 95 KB
96 KB 566ms
560ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2022/08/vyhledavani-google-obrazky.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e90d03e5868958c39f668350a8f49c57e42e04e41e0807d7aa967f3c4509ea99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "17c9b-5e77612172570"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B%2FH5ULIBklJFwME2vcz5G36Wf0HQN0Rpj0Q2JQFvTNZ7s33CPRV7xnRKivckyZdBejL%2Br6fdQE4sFVsMd2MgevAbJqeCkDnBiuQ2Jc9JrlXJJU78NQtcA2DSOf1TN3DPpAw5YztwsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8383465ccbf6d9a9-MIA
alt-svc: h3=":443"; ma=86400
content-length: 97435

GET
H2 200 mafia-ceska-legenda-svetoveho-formatu.jpg
regbu.com/wp-content/uploads/2023/08/ 112 KB
112 KB 593ms
587ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/mafia-ceska-legenda-svetoveho-formatu.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c76682e31b1ad1abb3fecbee5bea020e97e249f13db0a0a041a83446a53f5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:16:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1bf33-6037564624e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBX%2F7ntEUG95cdgy7h1Gu1r67aYX3rxqgSWogYTjdQ4QDUTNXDZDgur5fatXd3GHWg7hT8%2FAmfwwRGhjw%2F%2BZBYk%2BwtWqxLBa1nNqme%2FL1sI873oBCEBaOGzlhH8Yp1%2BoQqh6SNC%2FQR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8383465cfc2ed9a9-MIA
alt-svc: h3=":443"; ma=86400
content-length: 114483

GET
H2 200 worms-prevtelte-se-do-cerva-a-bojujte.jpg
regbu.com/wp-content/uploads/2023/08/ 135 KB
135 KB 618ms
612ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/worms-prevtelte-se-do-cerva-a-bojujte.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c54438cdca89ae25314b9a32e0c795a3c6b663825067240005f60c8a435dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:12:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "21b73-60375558e8991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5sgu31ROk0zTf9OsA4MYuiCi1Q3y9zzEmp0S4nbqDAT1mjtX9CXF%2FLd7CbdQ%2Ff4g%2FOM3uAllX6J%2FC1x%2FwaQIW4%2FlWJnSq7GdKxhTNblW4LXPxcOSnKt8K%2B8UK4IiHB%2FUiziUoRABZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8383465cfc2fd9a9-MIA
alt-svc: h3=":443"; ma=86400
content-length: 138099

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 263ms
92ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b9e85f093b965c10ae691f564fea19fd9ed6bd20a8e27f47a279b8c34369e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51350
x-xss-protection: 0
server: cafe
etag: 9464888812667050146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 23:02:44 GMT

GET
H3 200 cs_CZ.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 361 B
825 B 616ms
602ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/cs_CZ.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc61117f652bc846db0c95c5cc7273b6c0484292ed2304168cadd8affd40487

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "169-60ccc92e3bbdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSFqjrx0QvNBUTkJnZC%2BSN%2BD1GGC%2FQ7QZ40U67lgGj59Ez5TQOG3aHQteuCo4ki%2F%2FrTtjuPYu4yoZ1o0cGu9VsTaFX8hVydtbSNGQ1Ws%2FefysZbGt83qc%2BIzgFK%2F3g18myx7%2FBAyK0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d91744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 361

GET
H3 200 en_US.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 502 B
1003 B 94ms
81ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84554ad84b590aa4d161301d4abb95d5d3b7013f38bbb0c02ba0d506ce3c548e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2978
etag: "1f6-60ccc92e3cb7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1VQyqF6ZmxMaB7f8c%2B9h1AXAO9%2B8rqMFsEdYlTsGWf0%2BXs3eareNXQ99F2IHw5MqU8uzvBeHq67r2i3bPKXdrX6xDbqW4%2FMmBhJqmFyQ0VNKKuAyYaKK9%2BXMAjojcMLbgIxMHsrB%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d92744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 502

GET
H3 200 sk_SK.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 370 B
827 B 617ms
603ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/sk_SK.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4b22644990ed0b5f68373075760fa4d987b650a6dd05409ddb4d8002a391b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "172-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5R00dJit%2FLhg16w6AH7D%2BTXbMHKHRThAK0CrleayWavMa188ma%2FT7xtPkymprUZzMd8uBx8Q8jNxXP10YPN8KNpqlxmXB9mfqiNlt%2FuwWj9T4uUlzqQsQyhS%2BJ2RYKbaZbJJ4TcP4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d93744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 370

GET
H3 200 pl_PL.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 235 B
698 B 641ms
627ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/pl_PL.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246e5d2f70b9e2f43901db5f080cf38df03804c235c3009458a9ad59e6f47c98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eb-60ccc92e409fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7Yn8TmNI8r1P67%2BRcZv%2FFSCyINIklRtY1XqjyRaxF5KyGCEtwv5s%2FzVUZp%2B0R%2FqoLCuAT%2BcZy4%2FpDZrB3sklrReGfUHf%2Fia1D9uthllmePL0vDR7z8fpydkNVFPcnFOnjyYDY2DTps%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d94744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 235

GET
H3 200 zh_CN.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 313 B
766 B 614ms
601ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/zh_CN.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1348be98d8f2a8599acfef9767527e164544e1e07cc74279cee0a1bb9a50a395

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "139-60ccc92e438dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEv1VSG4M7ChY6Il0gjxWCTUHhb8SkQk9YXqz3pRjpmoknTsxDG6Tw31mRpG52DrlpBKiopsqXVE4c7iS4JJB9pOVa9VriUmR0jYgyk5wVrGY42vTvqHc5STpRWbtq%2FAIKc5tF5nuQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d96744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 313

GET
H3 200 de_DE.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 250 B
703 B 615ms
602ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/de_DE.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fa-60ccc92e3cb7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhKZKoYXgrJ83jYjwALmRvLnJlztQ2DsmE1UHQIrIFjUoi%2BIhhevFrixYbYQB7dJaZcyFMHTxgj4x9ZmVTwcoEd9cFmlnEQiAChGvcScTuJ5Nw7tfXm9XN3rKy%2F0VIh7tqum181CSuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d98744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 250

GET
H3 200 pt_PT.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 441 B
903 B 97ms
83ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/pt_PT.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17974619f9233fb51fc94a230d109d563093530560a2ac910972020c8cc4209

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2976
etag: "1b9-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f49llCLlVJfEwQwjD%2FvnA5ICyI0fXvKgv4xEje9NWmaJ2ic2ljimuzFQjl0sEGLYKmUJLafGLb5sJGRpmd8hureK2CBfyTmkfRcle8JJbcaMyvFx%2FQiXsz2r2AFN%2FPkxqIeT56%2BYXfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d9a744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 441

GET
H3 200 es_ES.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 325 B
778 B 236ms
222ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/es_ES.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71e440bd8074d59686f35d87b824c16f5310a34bab7fb017b0178bd726e35d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "145-60ccc92e3db1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjtmeIl8t4uk6VoaDQmAzVWAlaNzBe283PyCQKHGFle1iWjPYp%2FyTQaqhmJJPoBobm5tFGY8o13emdrBL%2F6dzhRahGytX6p3xdl866kHcyGaomaL1%2Bx1JZSDjs3DNrKedHc5imKtPWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d9e744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 325

GET
H3 200 ru_RU.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 241 B
694 B 640ms
626ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ru_RU.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc78f50b6e27078e91fe318c8ebdc52bac6cabbe5c298f471bc60292e126e1a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f1-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kG5ZLhTlUoUMeCcoWVheEoNWwGAp%2BBjGfhRZ7ENaY3e40oAZS44i9Jmenb40RLP2pNDm3LKMhxOnATjdr%2FKPoyh5iAJPHg%2B6V0yjRi0sdCA5T0NQu96kjTY5ZsyK23bmoluuQkP8JKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612d9f744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 241

GET
H3 200 fr_FR.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 268 B
726 B 608ms
594ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/fr_FR.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10c-60ccc92e3eabc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1JQsdc0uSof0o2dIoRbahfsyiOes2xmCN8YN7%2FAqRUnvKAxII%2FMfanWFRtnOR%2BOX%2B7Yz0OYttSLt%2BnMLnlme8gqCYphlOw1M8yFWwlXtVrkSNx5aelaAEFbU%2Bk61ZbMCfLQ4VjHt5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da0744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 268

GET
H3 200 bg_BG.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 252 B
708 B 640ms
626ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/bg_BG.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a52d124a5821cde93d0f507ea5b57407ef327189ff07e0496bcd3dc74861948

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fc-60ccc92e3bbdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Fu9KweebGDmqb4UwPyTXuiq8cvBlXpOHYFQznlgjTtj4M6CnTBHAq4z3Miqd%2Bc4%2BGgLdwl6CoCjuFfEUakOKhPx7aQQq9Utiov2nEwNHA9DKRF54m%2Fc1zDZ6ZMc0FVR05wzrPXWL7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da2744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 252

GET
H3 200 da_DK.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 304 B
757 B 606ms
591ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/da_DK.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e21ed35cd4deffee9f308bebff9625437f4ecdead9f39f9f50918c1739337d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "130-60ccc92e3bbdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrAtdTehm7JLHgVH6TieVILaqyxz81JJcUGGsPjc7z07qCldmcZx17qeT6reG6DF7gmJglFW7xE8Oj47RKhp6iofliDyoB4swEv2obKBXjA2G85P847%2BnHRiwEB1g%2FX2BERrHzHlnCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da3744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 304

GET
H3 200 nl_NL.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 282 B
743 B 602ms
587ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/nl_NL.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42495d821ccd0890cf42f1b7ff365069dfbbf2db6a7cd2f58cbff0724153c1a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "11a-60ccc92e409fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUClRI3ORt%2FnyDzwTy5D0PSbLIIizqZR%2FdXje4HUKdDFf%2BKAZYe7W%2B6KvQPmcGTJh1CCes4b%2FpxqsLVMRVp99nooOyLuWaJ6DJn0%2F836YUgpPjUTaheZfv1ReB7N%2F6qzxk5MMENbZK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da4744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 282

GET
H3 200 et.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 278 B
738 B 637ms
624ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/et.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6747b68e5f84363c189fab01f3836b16389ab0259c5cadd4d89827dce5ac4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "116-60ccc92e3db1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TemhbIw6ebI3oSmYFY5Hg227CySMB0eZRX9RDRCak3RF%2F2S%2BzHpjADCqI0D6l%2FZ3LSKU8t5mihmSyY5DUHYpnezBrOJJSFGlu%2FH91gms1J3dKPBTZca%2FpYRFauEI38WKyQH18RVsk1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da6744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 278

GET
H3 200 fi.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 363 B
817 B 606ms
591ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/fi.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb477d4d2e332a08ec4d51f2734ee46ae879d2c0b71fe38da40d03962e3a708

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "16b-60ccc92e3eabc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wgNtXyLfHTSRJR5IfvExG2M0lrLgDYZfyC6UKQiX2VoaXZ2csNR4IatIIjtRgtpZtjqojP%2Ftu9FfGYIg%2FkfYn0fIVo4FbKazwtaSywFrWsgqJN1aE2BDyUMFK1%2BrdbI08HsSDPa6M8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da7744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 363

GET
H3 200 el.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 413 B
878 B 92ms
78ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/el.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3182c6ebc02afdf0ae998303f1ca7ec92a387ebaedc85564eb26425620f8d1ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2975
etag: "19d-60ccc92e3cb7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH%2BXt%2BL6%2FjyBoOMa%2B8h2O%2FLUAdjKmBLwt7AVpN4gxeiTAzQIvfoiCl6Ihjsm%2Fc2IwO5ImR3H3KGjIbdWELyi1FtMfy8zoGyvdmtvrKlV9A00mSkO7kjPtYJZpLyF2zaMeqoWUkliDkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da8744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 413

GET
H3 200 hu_HU.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 276 B
732 B 611ms
596ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/hu_HU.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab50bfb7b50ba43cf03e36facb6431597e46a51adb21f53f04297421494e5b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "114-60ccc92e3eabc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTCNg5iONf2uNHiAdfSYKK%2Fg4haYK6RfVxcVLiNSypbQarB5g4meTBxUkKL0UHst%2FDDOHB8VaaH44KMnASTE0FD43X1d1HPt35hETWt3%2FLrxyZVOVhfpKmYpd%2Fj7Ngczl5J1Dcx0u2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612da9744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 276

GET
H3 200 it_IT.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 267 B
729 B 604ms
590ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/it_IT.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d05871f6315412de38a72c7164fd4917efba135ba06ed9972c502c1fd811ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10b-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6LvqKb%2BIx%2FlB6uMm6brrzV%2FgxjzPdLvIdNS4zRzuEzH0PbL%2Bd8sCy6avK5qw5z0qYPrdqqnZNWrX4g0j8FjO%2B6Q3TyNSRYcmbtmRIn9T%2FJ8s5eqjj9ICAVJzMLS%2BOOeguRE2Uf6KAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612daa744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 267

GET
H3 200 ja.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 301 B
756 B 228ms
213ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ja.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba1ceefb8407a39580dfb8fe55f14e8c4c5e1a20983d741ea218fa2d92e505f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12d-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMvFArTETXTD8JmzCqKM4Y1oak0JAGXPDTf9KvfjXm2OpPWN45XBNHHQrxkRO5UqXtZ1nXUd%2FUlj2KCskaTg1NczgnsdCD1wnnzpMDFL2QMXhYSvKPe%2BOMfGuZ6POT6yKUohTQQiogc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612dab744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 301

GET
H3 200 lv.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 295 B
752 B 635ms
621ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/lv.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3995576a20df12952885a3e7cb3eed68e878874bfba0f250deee0ce15713b2ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "127-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CH0CJHCzjSDQ9glySU89H%2FuReKaxod6%2FoRV3FlpUXN0OS3neIkr7aeFJEgUtd69c3s7YToyRgYSc0bAre40%2B0VPEzoqtLkztk4OLo4a%2Fx3hWdler24U0H5n1x%2FTVb5M8yvW%2BbtKBsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612dac744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 295

GET
H3 200 lt_LT.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 251 B
709 B 636ms
621ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/lt_LT.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4288dc9b3af00a88a91714a222b0dab16f26454e70f9afd110b289e703f616

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fb-60ccc92e3fa5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3t0JjHNExBzyqI1DCQmVcWenZcJ7ZEcpgtlMzVuJzYGVwBQ%2BE0yF0bPFrtrUk%2BffOnEEJEJ%2FHmwhOe%2BMojTShAteNiJsy28X9EWTnnaORrcxOSko%2BwPHbwxuauHIFb4By4Ck2SwMqlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612dad744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 251

GET
H3 200 ro_RO.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 258 B
715 B 228ms
213ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ro_RO.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed66f46f5021700271152106eacb5ddf5802283782498fd360bdcf0478cfa77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:44 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "102-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djcRUbgMe4d6WIGaPPWvHkupx%2BMSOTmAFhdByJJL6Zx9%2BivBDtVME4d5FrHbRgN1ErkF1QaYgsd80Uy6fI0l0UMNYj2Klnbz%2BR2jGnIGHmCL1%2FSZv9vIKcJSiSlxpZ8ce92XvkFZotM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612dae744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 258

GET
H3 200 sl_SI.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 322 B
786 B 635ms
621ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/sl_SI.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a7bc09215d14360eecc613094babf65ce928bd02f08c1d53c2cec2f71a16aa3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "142-60ccc92e4199c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsEH5iFBc13%2F%2BHKs5FYYNw87Ge7TmAZjW7%2FoPi8xUKrw%2FMDv7Z3qfmNJZyWLS6oR8G0RbFqnStKUOl%2FzUluLYG32ejW2xgs81xN%2BEACfvf4NY0urvWRIHxvCCw9%2FQPmnYgRT%2BaA%2FLQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612db0744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 322

GET
H3 200 sv_SE.png
regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/ 436 B
889 B 606ms
590ms Image
image/png 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/sv_SE.png
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490cadd098357152b599430f6364c0a1333e378a0967f1f3ecbe4172c6bbcf84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b4-60ccc92e4293c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUiYs9q3Ojg79X6GkXZUmylDo6dn0uqbkX2vJAyX2lpnf1uVhsh821mCkYxbrQtf17wBGE2bpPkgjiGpaMre72UIf6oqcbRmpb1uNnDi%2Buf%2BIvqh27oDVu2D6ZWazJHOoMFL3VIu3Ww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612db2744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 436

GET
H3 200 main.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 5 KB
2 KB 662ms
661ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/main.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9802fd5b10afab8794b5e9683d79e8aa13cd1ac482bb82abd444d9bd915bb11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7487
etag: W/"1d3f-60066438a6ee6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWgRjSGk0WIRjf0w0c5K2U6FhxGckIqvBaAMRio%2BakmGU1GnY%2BZ6EAMq4IKaSinsmNWbac44fRqcQV3To9o2UV6GI5F7v7YJjmk%2BbJGvrdMNCzNfg680XFHZc21%2FVlVJ1j6SCruVrho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 838346612d8a744a-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 426 B
726 B 652ms
651ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=685
etag: W/"2ad-60066438a6ee6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHgKGUhyM2MwMc6an%2FUGA7fgJv2UgQkuD%2B2mmbThqZY4pgSjPNqZGYrGMb85Cp2VqX3YrpWe9M0xbCWo2Q1WA1ADyzjSLdLDf1Ty00KY0G9quwn%2F%2F%2FCSSY2ExhlfSkEJ1N0qtM%2BMt8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 838346612d8c744a-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sticky-menu.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 2 KB
1 KB 618ms
616ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/sticky-menu.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a15dafa41689cef7df1573e8ca391a01fdd72f09cef27fd9cdc71c887b01c0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3413
etag: W/"d55-60066438a6ee6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLL5Lzu7ZQqiwZO09PMlqzKcecufQ1OrCu7OPZwos29LgYPL%2FKiUQaDzLXzCwNFtiQUkFMK9wVU7ML1ugTMitGpgH93GHWkWXerFvDvrxvtJqe2hvCknqnesroMP2hTiVn5%2B%2ByBOlzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 838346612d8f744a-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 theia-sticky-sidebar.min.js Show response
regbu.com/wp-content/themes/bam-pro/assets/js/ 5 KB
2 KB 621ms
606ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-content/themes/bam-pro/assets/js/theia-sticky-sidebar.min.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9077bd707339a41d2960164348337c63e5e2e114ba70d55d7d677e7b48bba689

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 22:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"155a-60066438a7e85-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6DWH19VoD9Z4QOFB%2FBMLIHL37uCYyBwvpARybqqWgl37XBB8JZRK3DSONQLLzG%2FiKWJajEYGeK%2FIM6t%2Bi%2F%2BzsFnoVTjHwkmUd1XSwp8hjuyTG8Fw2lE%2BNTkZH%2F0MkdZA5zWR8upa%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 838346612d90744a-MIA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 5e514b76-aa2d-49f3-9a5b-3ced54800c03
https://regbu.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://regbu.com/5e514b76-aa2d-49f3-9a5b-3ced54800c03
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 258ms
118ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 06:44:55 GMT
x-content-type-options: nosniff
age: 317869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 06:44:55 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 331ms
194ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 06:07:17 GMT
x-content-type-options: nosniff
age: 320127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 06:07:17 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 259ms
135ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 05:06:29 GMT
x-content-type-options: nosniff
age: 323775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 05:06:29 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 178ms
55ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 05:06:28 GMT
x-content-type-options: nosniff
age: 323776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 05:06:28 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 20 KB
20 KB 194ms
71ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 05:51:25 GMT
x-content-type-options: nosniff
age: 321079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20616
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 05:51:25 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 33 KB
33 KB 288ms
168ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

994961b8f25a0b18f5050694571210c1c5348d6221561dab5f1d72b3182e2778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 05:06:19 GMT
x-content-type-options: nosniff
age: 323785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33584
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 05:06:19 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 20 KB
20 KB 342ms
224ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc56528364598716c3aed2711f3cbdc4036f503be0af787ff3f6b1ac74a0274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://regbu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 08:46:50 GMT
x-content-type-options: nosniff
age: 310554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20428
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 08:46:50 GMT

GET
H3 200 serie-zelda-je-doslova-nesmrtelnou-hrou.jpg
regbu.com/wp-content/uploads/2023/08/ 110 KB
111 KB 586ms
585ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/serie-zelda-je-doslova-nesmrtelnou-hrou.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a642173484d934a88d72be992b7e563e9153c07a36468edadd0e64160a6c94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:09:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b992-603754c8d131a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUXJ1RaUOFt79UDsKmdxdDuU1MV6noAt1vjLbUFgm5NXpksi5BEN%2FNFajzF72Pfvfui143yNX3qmXCEL8BKQKUMgVR2LzhOwuw2hpEdkxKLpon0t8qN6DwCzFqHgBwd8OXa2SNOG3Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612db4744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 113042

GET
H3 200 call-of-duty-je-akci-se-vsim-vsudy.jpg
regbu.com/wp-content/uploads/2023/08/ 153 KB
154 KB 631ms
629ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/call-of-duty-je-akci-se-vsim-vsudy.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd99232193ac694963af153ded0df07b8876de255f020c267c0b22bf7f7ac53f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "26498-603753f544d9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B5ZliuRF%2BtS197aouP%2FdeMADITJr6SDvUd4UJzPvcYUNRdEWiqY4HoVPSLJllqFdsxUSdRsLZ4smBZECt9bFX0YJo8eVlrmKq2EXvdadCvcWNV7hKmvG5g7z2CH%2B063keWDWr4n%2B6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612db6744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 156824

GET
H3 200 age-of-empires-jako-legendarni-strategie.jpg
regbu.com/wp-content/uploads/2023/08/ 103 KB
104 KB 659ms
658ms Image
image/jpeg 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regbu.com/wp-content/uploads/2023/08/age-of-empires-jako-legendarni-strategie.jpg
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a6a34bf175b066c767f76b9bcacb92d788fd908b9d463d212122a236b7185f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 21:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19ca0-6037535cde90f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FPPlXEp3QlAzlS3LAzG9hwbXfm%2Bbnp%2FLEJVFnqvYB0wWqoRgqdZDNQrW2RoAMMEKSHHWma5jDkfDIZv5vgUfpjoeGsgGA38%2BKh6kPyxNMOj7syRqMRjudXITBSFhg9b1WAHz1kM4wA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 838346612db7744a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 105632

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 224ms
118ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137916
x-xss-protection: 0
server: cafe
etag: 1916131603004031834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 23:02:45 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 5D4A 9 KB
4 KB 177ms
69ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6122204646002237&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 69707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 03:40:58 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 03:40:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 70ms
69ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KEQ727RHG2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24ce8b8cdbbbdad08aff58a93da8ce162528078e5a13977e4607a5a882cb459d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81691
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 23:02:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 176ms
51ms Script
text/javascript 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 22:05:16 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3449
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Dec 2023 00:05:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 91ms
91ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M9NGL92EVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40216785-112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a4cf636100eed390c98f19d88d5d14a1c084f89bfa1010baf8f2aaeaea039b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 23:02:45 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 62ms
58ms Ping
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-M9NGL92EVN&gtm=45je3bt0v887525345&_p=1703026964599&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1455390993.1703026965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703026965&sct=1&seg=0&dl=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&dt=REGBU.COM%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2946
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M9NGL92EVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
241 B 203ms
60ms Ping
text/plain 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KEQ727RHG2&_ono=1&gtm=45je3bt0v9134580520&_p=1703026964599&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1455390993.1703026965&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703026965&sct=1&seg=0&dl=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&dt=REGBU.COM%20-&en=page_view&_fv=1&_ss=1&ep.anonymize_ip=true&tfd=2985
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KEQ727RHG2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 201ms
60ms Ping
text/plain 2607:f8b0:4004:c19::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-KEQ727RHG2&cid=1455390993.1703026965&gtm=45je3bt0v9134580520&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KEQ727RHG2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
regbu.com/wp-includes/js/ 18 KB
5 KB 590ms
570ms Script
application/javascript 2606:4700:3037::6815:14f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regbu.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:14f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 06:04:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-5f817dc9edfd0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL4NY1DZbqeY9VCU3ZX%2BX%2Bfn9lgHGAMRKot%2Fi5t9MtHa2ehoorhhVUUrsgmCjOR2PDpCdZrAmFtr1DX5271Uc92FoY00syfwRZCqdtazK3wMRCojtranqaIU5UQvB6fFiDT0ltCFVjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83834665cc75744a-MIA
alt-svc: h3=":443"; ma=86400

POST trp-ald-ajax.php
regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/includes/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 60ms
59ms XHR
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=619589066&t=pageview&_s=1&dl=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ul=en-us&de=UTF-8&dt=REGBU.COM%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1408754792&gjid=1311591538&cid=1455390993.1703026965&tid=UA-40216785-112&_gid=1135747301.1703026965&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1487193544

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://regbu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBBB 235 KB
46 KB 339ms
338ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&adk=1812271804&adf=3025194257&lmt=1703026965&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965029&bpp=6&bdt=1091&idt=399&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3086417351863&frm=20&pv=2&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=426

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

391e19bff9fbdb9261dd3d77cd00d5a1855011093c47b1fe9f5e3e1e47e78692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47160
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:45 GMT
expires: Tue, 19 Dec 2023 23:02:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6C5 714 B
577 B 266ms
265ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=600&slotname=3318620291&adk=3504394691&adf=1519853264&pi=t.ma~as.3318620291&w=300&fwrn=4&fwrnh=100&lmt=1703026965&rafmt=4&format=300x600&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965035&bpp=9&bdt=1097&idt=424&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=978&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=431

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90c0c2576584d3dcfb427b6c622ff82380c243f37d40fa7901c5a668a7a37bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:45 GMT
expires: Tue, 19 Dec 2023 23:02:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 80ms
68ms XHR
text/plain 2607:f8b0:4004:c19::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40216785-112&cid=1455390993.1703026965&jid=1408754792&gjid=1311591538&_gid=1135747301.1703026965&_u=YCDACUAABAAAACAAI~&z=75769651

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://regbu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 23:02:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 189ms
69ms Image
image/gif 2607:f8b0:4004:c17::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40216785-112&cid=1455390993.1703026965&jid=1408754792&_u=YCDACUAABAAAACAAI~&z=1444089913

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 81ms
81ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbfc008530391cea7c31573f92c52c291158481c6c9477c3d49059ee1cbe4667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56000
x-xss-protection: 0
server: cafe
etag: 2301232635138371883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 23:02:45 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55DD 436 B
237 B 335ms
332ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=1603261608&pi=t.aa~a.112091859~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026965&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1998&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600&nras=2&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=40

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0443a45459dd002c8d076dee2aee0ca4b6b4e59a21760006930b2d9f0c3e133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:46 GMT
expires: Tue, 19 Dec 2023 23:02:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF29 436 B
236 B 268ms
266ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=3722182905&pi=t.aa~a.149304254~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026965&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1997&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280&nras=3&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2624&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8638481343055c599a25799ffd5df5d3b393bdd73746e95e73cb8e7ca6027ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:46 GMT
expires: Tue, 19 Dec 2023 23:02:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 211C 436 B
236 B 305ms
304ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=3077611433&pi=t.aa~a.816269010~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026966&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1997&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280%2C785x280&nras=4&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=67

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66d818b0b1c4ef3a05df5354a4e6348e16d2d57640883c150984aed3f2686abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:46 GMT
expires: Tue, 19 Dec 2023 23:02:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5B1 436 B
237 B 275ms
271ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=2916860797&pi=t.aa~a.381427885~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026966&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965935&bpp=1&bdt=1998&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280%2C785x280%2C785x280&nras=5&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=4715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=92

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dda6cc3899a29dbf0b4de9269c8bb941f3288fe69594a2677014d803e3f2ed42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:46 GMT
expires: Tue, 19 Dec 2023 23:02:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
77ms Image
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&hl=cs&pvc=396537717831331

Requested by

Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Fetch
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://regbu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 3933 9 KB
4 KB 55ms
54ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 10:24:33 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 10:24:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 52E7 9 KB
4 KB 55ms
54ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 10:24:33 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 10:24:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3933 4 KB
744 B 67ms
64ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 22:18:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 23:02:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3933 1 KB
537 B 65ms
63ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 21:34:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 23:02:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3933 3 KB
1 KB 180ms
69ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 06:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 06:42:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3933 20 KB
9 KB 165ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 07:22:56 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3933 203 KB
65 KB 170ms
59ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 23:02:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 52E7 23 KB
9 KB 179ms
83ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 09:35:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 52E7 8 KB
823 B 62ms
61ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 21:05:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 23:02:46 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 52E7 15 KB
3 KB 173ms
61ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 00:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 00:51:01 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 52E7 376 KB
131 KB 174ms
63ms Script
text/javascript 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 00:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 00:44:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 52E7 20 KB
8 KB 155ms
62ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 07:22:56 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9E3 436 B
232 B 278ms
276ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6122204646002237&output=html&h=280&adk=4039094136&adf=3242617654&pi=t.aa~a.758169383~rp.4&w=785&fwrn=1&fwrnh=100&lmt=1703026966&rafmt=1&to=qs&pwprc=6717621136&format=785x280&url=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703026965939&bpp=2&bdt=2001&idt=2&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d18f65c59bb72a%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew&gpic=UID%3D00000dabaccd32f6%3AT%3D1703026965%3ART%3D1703026965%3AS%3DALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg&prev_fmts=0x0%2C300x600%2C785x280%2C785x280%2C785x280%2C785x280%2C128x600%2C1005x124&nras=8&correlator=3086417351863&frm=20&pv=1&ga_vid=1455390993.1703026965&ga_sid=1703026965&ga_hid=619589066&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=4642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C95320869%2C95320884&oid=2&psts=AOrYGslTzsoJj2-5gI8bFLwvAndL-Z6kAUh3PrvPGqWZIn7ZiRMzjARev0-x48wPs4zMxvzpDYSumMTfRF0NrFPMF_nHYH4e3eVihLHHEoRJ&pvsid=396537717831331&tmod=1810793532&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=7&fsb=1&dtd=609

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93091a57eb8f6af3b014bb7786fc3ac1ac056dd85bba419c456cdd6507a18dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 rtimp
g.rtbrain.app/ Frame 3933 0
1 KB 155ms
85ms Image
text/plain 2606:4700:20::681a:2be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.rtbrain.app/rtimp?sid=b8cbf719-9ec2-11ee-ad79-9aa08eb0e7d3&d=regbu.com&cr=carmax1__5&gid=&a=imload&p=ZYIhFQAILMoB7o2cAAKmqYLKwZ4LT7S8sbs2rA&r=683637095&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by: Host: regbu.com
URL: https://regbu.com/?clickid=b70646f0-9ec2-11ee-ac8b-0a7fe419e07d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYvsYkk7LBt1VqcdhqlJ8XVzR747LPxAXfQ1rAg90oF%2FF1EtpI4vZgr0xqZdkP7c%2BD8GDXeWEqtExzKg3aiV0iOkYlnEi8JgLIGoQhd7BHU1UIImr1hKv6U0FdkwVocZLl6jBkvEfEkIWaM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8383466d7f0274ba-MIA
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 52E7 0
234 B 456ms
152ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqcya9ex&c=4005147911691&slotId=2002573955845.5&qqid=CIy4y-rNnIMDFZyN7gEdqaYCNA&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 52E7 15 KB
16 KB 53ms
51ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 08:21:18 GMT
x-content-type-options: nosniff
age: 312088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 08:21:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 52E7 12 KB
12 KB 60ms
59ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 02:16:54 GMT
x-content-type-options: nosniff
age: 333952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 02:16:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 52E7 15 KB
15 KB 55ms
55ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 02:18:12 GMT
x-content-type-options: nosniff
age: 333874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 02:18:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52E7 0
20 B 68ms
68ms Image
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cl87oFSGCZczZIJybur8Pqc2KoAOcisnhdP6jpPWtEoncoofUARABIOfo8CJgyYaAgNyjxBCgAf7utrkCyAEFqAMByAObBKoEogJP0ET5VucVGr6CXRM9SnvDVE85BU49jaL9CqtZQyVcNDSouYmyy87Z_QwZrku7nqjHKp4ZMT2sxn9cFrHwcVdtlBJ2XNWEu0ckLBxrM2itcUusrJXug8l3uUcYMFPM0fGTuyaVqypQW3o3HVFRWxZmN-AAN4xl-PrLaVXmHSHxGIHoF4zUIL4m2xxEJddNXz23P3OSMJGPQXm7oic2vovAPDp_R5QlGylwmUdO2jd0TogJqDgHLl-PqWWs3WBAS3DPOF3Ny0o4GYgj0m5B-vjqPTL0_xSbeSZ1YjROOoLj4kMTQs-5cAeUXZhu815GeqC9eqecXKzpZhKRvmWIAguzpdol6JR6AEW3tWPkGN6yg6EpbJt626UZY5zIJ-MabcIUccAE55nWt9IE4AQDiAXF6PjYTZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliMk8nqzZyDA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CVVOwE8Oy-hXIE5vSiOQD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1703026966580&ai=Cl87oFSGCZczZIJybur8Pqc2KoAOcisnhdP6jpPWtEoncoofUARABIOfo8CJgyYaAgNyjxBCgAf7utrkCyAEFqAMByAObBKoEogJP0ET5VucVGr6CXRM9SnvDVE85BU49jaL9CqtZQyVcNDSouYmyy87Z_QwZrku7nqjHKp4ZMT2sxn9cFrHwcVdtlBJ2XNWEu0ckLBxrM2itcUusrJXug8l3uUcYMFPM0fGTuyaVqypQW3o3HVFRWxZmN-AAN4xl-PrLaVXmHSHxGIHoF4zUIL4m2xxEJddNXz23P3OSMJGPQXm7oic2vovAPDp_R5QlGylwmUdO2jd0TogJqDgHLl-PqWWs3WBAS3DPOF3Ny0o4GYgj0m5B-vjqPTL0_xSbeSZ1YjROOoLj4kMTQs-5cAeUXZhu815GeqC9eqecXKzpZhKRvmWIAguzpdol6JR6AEW3tWPkGN6yg6EpbJt626UZY5zIJ-MabcIUccAE55nWt9IE4AQDiAXF6PjYTZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliMk8nqzZyDA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CVVOwE8Oy-hXIE5vSiOQD2BMKiBQE2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 52E7 0
54 B 439ms
154ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqcya9fa&c=4005147911691&slotId=2002573955845.5&qqid=CIy4y-rNnIMDFZyN7gEdqaYCNA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.vp&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 52E7 32 KB
18 KB 182ms
77ms XHR
text/xml 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AOtnNvmUB_MHXqX2BQj2VkDQK-YLTKBZq0E3Cyx0uvsUR4XPb0bC1-X01trQcH0QHId2w91in3xY1TFpsdkl-KWZtaGg&cry=1&dbm_d=AKAmf-BsV-UsDl85_YB-Vxl-apdGjBy8uTAFyDKBKUk_eaaBrRw3_hlU5F5qsec-hd9TfVaEYy3Q_s3Wz2UODG8mHFuhLmOsqXwfmQQramJjvs9BshnU8E_woggMGsWXjxXsxuOnSfc0ukQZH-r7832F7W6dH1sDL0ZoElYHq5UAQ7z14xvpNJ9k2eOpMHA9VjQ3fFpZC-vX6YieUz6AUzhxF-_Sz2THmWTyz52m8zduejnvdZn3JDOLkY0jOOBwv1EbMdPErLe7AoD4Z2GGHcOjVZyDjYiUVE-RsyJ7KoJ4CY1e9clWAf-1pQFHbygetOkG0E7I6hHBmIztLq1cwPnWMuZCci2J5WJYGKKRJtzVwo2NB6fev0aw35Kv-tdlj9AiELOf6oqzPg7yMfSy3YmAWR32WQ0u3cZcd6dKwmuSCTfjHJpdFPYQ2fIaJADk0NPh9rdzlI4oW029DItUAO9RLmR4rDGWGOSaXqAWeM9xZGffugjM4t23-yB9GAkGcR-uGW5dkXAYN-6jQui3yf-QhrW3_P09St_fov0xyZzA8wcm_0pL0k3PKYVgS6AKCUdzLgsKdgqLF7UH3e6YLGyQU6Sev3c23pGSeEPlZY7Hks4IonBYBYNPPjlactSW7sccuHE0vXG50muz39S2zCPTYYbnD0gdoPU6Bd0XnBf_QgqQOTUdCra--CZVgjINaZDnZWOcoSCt1FMbVy0Nqr6aCSxXHZ1kJXhM1c5rQ0HVdI9C97Dx_F6XDd3cP-LBw6oksgH5WtJxeszwKZUZeFAIG_SCDgGRSKTvNmCQJpAsitFgeXsOx2xAE29OXexl5Grz1Lt1NuIzUpQhsVsjSHCFVzTp7rQTK07Jrfb0nTf7uFa6_rIvb6PoD_qBJIFT1yaQAmLio-ez8WOw0koQf6fzOcnRPTu7_OZjo7JtX1aSE-n08iivheQLPjC4Mjy11oivvC8z6LiTFw4VuhCkhLJpSFLfJgSxmlD9Ao7-Cme2EEq741o2SIULkk5Vut3ZLpFhnOMF2FL7VEgwACR_XQ32PGdimB_w5Jp7QDRyb29bkYsgg6uwPuEZF_q2VrT9z0bAz-qkbzYCNXeluQYq64CdKwPgJ3yAcCaR4JWbpUVGVQQ9Ha9zQdhAz69HuHq1KKfwL4kpy7hGpWEi1IMlCjBQaJbpvUHS-XJrcOXA0tJ5kq5JNGfE6BiS1Dc3YJBRSzlocmaGV35nK9ak99gyUKt6bqAhxp46i366dXqQjDbNqxCmilcojcq2NcbRlxiMz8lGCEYl8hkAbIbhjYIBG3p7kIW62W-5iwFo2n5EeuixRbjUXtbJJOj15mejndQ8HhMLVwIxYbDKD5AAEy0Gq3LJLVZYnKxiqOCe3Ikhl6TssOQQBUQEd3osdlvZhE-tfTdVTao3mM6b_7B1kLA8kjzZQ0ssRX4J4frNRodfhklCACAquBr3HhSaNli17h8uCUwXSZrP_v-2X8ZqNwQH-nfVAHpc1gKmrDTUuMRJIrAVNFULtptZkeNbwoON7kojoHz_6vszgTjxT9-8KmGAYyV9ULlwGeXjuFbFV_BhqG8p7AgtdXLLJinrGN5bPf7dDyXfuGrfKetjuBdSzFrSSjBxKZaLrCGYqZJwnIaTkUqZ-1Bg2j0sFlIJPCrdw2aT7WNdGzI94A671Kgdurt8zANMevP1OVYzHvxrXCw023I2YxFx8O0U60pknchoDbcMgOCMlNtQCT0kDpyx8CLs5-hNHzO893UPNY-7RSDh2qIVKakxIqTnZIuJkHphST8disWl2u1AcPaj5aA13FDl3CaVNZJji1RZyarp3mAQtaPSgyky13uVFDpH7Uidxac5_yVpF8e8WjSGto3FN7616zKjwpwV1VlPfIKGg9LDQ41NyAjWZKzfd1eCasgKhgxTGuixZqh2sfh4MVUQIbMdRPOcGtMFvbXg39tOPidQJg60DJgSci40J26YmCGWTTv_G4kbZxyIFBB27xlB9stGnjSg2AHXNNr42Z0SKAKAwckf4COe7fjydAHxy3x57DCySXTf9t1g8QpwUAFyT2eowCKzF8TLU3k_iGykIqAsNWOhlvtJx3g529vmmEoFIjxFVPgyWSJtazUMkhabMPn3G_irfUI_Ybp_5ReXADn5ervWDBJLWdCac0ywtRLOobcVm_XtlU3wC5opuTDL2MgSWB9elqvcPs0KHxQDieU4hPKmqk_iz5KryUK_mmHGmJU1ZP4hYSj1knvcyFqoviQnWsVtGMs3gOIb832I_WBM64Rz3tenR8lwBgyuoQ6bwi5NDON8RpzLCBUWx949AFPordMadH2Afp_RsxIGJFunqszNXobuuXgdV6qcPnQrW-vZ3GjWU7TR1IG6sdr6hUapYSnLEKUhkdPBukxo910bdLOqNXFk1X1aSkY2w1fVkmAxBbCRKFE1_W6eeYU6HU__6cSljWRg0dxpktuXzHNTCGpQ7s_lBPYIRhiEE3jJC6HY-D5cDA25L9DWfrPbzw6S3s166uyy3k082wqSkeVn1OFdRx-5qHr4k-SqGY0qJTS-of0wMEil5Va5WwRcMK6yJFAcapd9g9reRUEIj8BVo68mySRajj85i_284yCpT6XPwAov30ijklTC5AAOz1H4vYO5q8pLa9XXxOwcUtLSEKPhMLl91IEDtEbBl66_0k3tSV0lQZlCX4lA1uISUQqx43cK2r_aP_POMm5c0JkeJy-WRDGbwwKFfeStfSfGOmeiJ2Z3E9KNBMuhlDW4Q3a4-4TSzJv4o7NGoX6S11acOTIZOfQ_ZlaFxELUbDUtOSU5nS_QIp28aV3dy9mQEuY2OWaa0921CNFo_y9Zrc0R5elEpBKKJTKxcLR5mJ6g9O1sQ1Yap6GV4spI39se0tUzki39t_FeqIu1TSDf9JZr0h89cZXCAjr2oHL8ZT5FWRQDsEGGOxYKiRqVUqRBOoe1zO7v-XDA4MclgWVojBeJU1v866OJEZHzy1MI1B8Z2AMwO3lJNw68tNWcf_mSM61zVXO6oWjhQTFHZRQAnUVcgQt5ML7lfYbvqzJqtUEN4NFLoxdgjrAyn3LfDdJAWNZjSi3B6Xl9ceJccdjZ3VewRMq7PrmLmLx0ZFe9dft4bVRF6PbB2WaN34x3OyiGj2G9HH4zAMWLksN_Cw6zNvUS_Zs-xVWxzlj4Rqf4u8z_mXTtKdW6gpnf0TuakmMzF8ZNd3-gZ3pmK-Uny-K2MyR1P08NO5wlMw3qQ_dIf2MSFlncs-5rAIMlMpPJ_ICt0FxwTifu33NEnm1R5K_giimeNayPPrfTN6U--TcP15RjzcQByq9mVw8uYyhf6iGvQpMB9l3A-4-ZlsZqWu1xvG8-BDKlGBhziOjXP6aC6DSUzd0x8DsTDhQX15HBqmJzu3Bf2sNEBwIyI8djR6wIziFH2UEqiB70PFHN7o_9ykVqnjr05yPKvJY_nIplBU9wZfGjBy45c3nM6XaZUdWGZiJzVa51gWQlmSpyQEZDfGy3yJsy4OD_9FS8ZfeQLXcKbiJo_aVoZcj-b8pIRurqd3JuVloLgr_QekltQd8p-akzNTNTyPZIAByaV63dfuo---I5XvIzxabmr3_l7k7b66a9mUMMKILjhynHYIQ&cid=CAQSTgAvHhf_SYWduyRkDdQO9qGhHAEyy6nWhea4EW9JQvo0dQGRTH-8OGOVDJQWaJBWupTiuv9SGuhq3Vc_S8fuIY7_OJJhR2f265_5_Lms-BgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

6a4b6ef22396bdddaa4f7abdf2342e10c54bf87c12c2d889e3353c16f6c64689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18006
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 52E7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cc0a6268639a7d726a8b113f3355679e316be4ec005b9ada7617ee9769f3a6c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 52E7 0
0 72ms
71ms Fetch
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C038qFSGCZczZIJybur8Pqc2KoAOcisnhdP6jpPWtEoncoofUARABIOfo8CJgyYaAgNyjxBCgAf7utrkCyAEFqAMBqgSfAk_QRPlW5xUavoJdEz1Ke8NUTzkFTj2Nov0Kq1lDJVw0NKi5ibLLztn9DBmuS7ueqMcqnhkxPazGf1wWsfBxV22UEnZc1YS7RyQsHGszaK1xS6ysle6DyXe5RxgwU8zR8ZO7JpWrKlBbejcdUVFbFmY34AA3jGX4-stpVeYdIfEYgegXjNQgvibbHEQl101fPbc_c5IwkY9BebuiJza-i8A8On9HlCUbKXCZR07aN3ROiAmoOAcuX4-pZazdYEBLcM84Xc3LSjgZiCPSbkH6-Oo9MvT_FJt5JnViNE46grvj8XlK5VlClRO3VVI8k3G7McaLNpriMpHZpJ6YbwwLIqtWQaOQK8aLapmt7TeRpUMwVAdAg_8EcCWspG69uyjbwATnmda30gTgBAOIBcXo-NhNkgUGCAMQARgBkgUGCBsQARgBkgULCCIQARgBSKCWmwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB-qQycYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ_p8RGIWTzYEC0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliMk8nqzZyDA4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2gwRCgsQwIWtqvCepsT7ARICAQOwE8Oy-hXIE5vSiOQD2BMKiBQE2BQB0BUBgBcBshccChoIABIUcHViLTYxMjIyMDQ2NDYwMDIyMzcYAOgXBQ&sigh=bqc-fovci5c&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_SYWduyRkDdQO9qGhHAEyy6nWhea4EW9JQvo0dQGRTH-8OGOVDJQWaJBWupTiuv9SGuhq3Vc_S8fuIY7_OJJhR2f265_5_Lms-BgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 23:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 52E7 0
54 B 239ms
154ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqcya9ft&c=4005147911691&slotId=2002573955845.5&qqid=CIy4y-rNnIMDFZyN7gEdqaYCNA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 52E7 41 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 05:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 05:38:11 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-q4flrnez.c.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 52E7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r1---sn-q4flrnez.c.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

187ms
59ms

Fetch
video/mp4

2607:f8b0:4000:45::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-q4flrnez.c.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/379D99D9486CB532C6EDF053B08B63F8766138A8.445005D1C357BFE858460B06B1584A9360E8D48A/key/cms1/cms_redirect/yes/mh/Mq/mip/2001:550:1d05:1::13/mm/42/mn/sn-q4flrnez/ms/onc/mt/1703026062/mv/u/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4000:45::6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 23:02:47 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 8318980
Last-Modified: Fri, 15 Dec 2023 18:32:42 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 19 Dec 2023 23:02:47 GMT

Redirect headers

date: Tue, 19 Dec 2023 23:02:46 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-q4flrnez.c.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/379D99D9486CB532C6EDF053B08B63F8766138A8.445005D1C357BFE858460B06B1584A9360E8D48A/key/cms1/cms_redirect/yes/mh/Mq/mip/2001:550:1d05:1::13/mm/42/mn/sn-q4flrnez/ms/onc/mt/1703026062/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 52E7 0
54 B 230ms
153ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqcya9ld&c=4005147911691&slotId=2002573955845.5&qqid=CIy4y-rNnIMDFZyN7gEdqaYCNA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2018&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.11g~videopreviewvisible.11m&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
77ms XHR
application/json 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d463c0ed6bbd2822bb32fe6d38a210d302657548e933f9a26dfd3482d04538c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12165
x-xss-protection: 0

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame DF5A 23 KB
8 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 65424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 04:52:22 GMT
expires: Wed, 18 Dec 2024 04:52:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
72ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 23:02:46 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame DF5A 39 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 16:23:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EC5 13 KB
5 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 6077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 21:21:30 GMT
expires: Wed, 18 Dec 2024 21:21:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C27 829 B
998 B 71ms
70ms Document
text/html 2607:f8b0:4004:c17::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba8b5831380f9b5c31aee40bdf84003d5a0ff9a33d04e39736633108814c73c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-szxAvLbKkA2WpmspvmIuVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://regbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-szxAvLbKkA2WpmspvmIuVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:02:47 GMT
expires: Tue, 19 Dec 2023 23:02:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EC5 39 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 16:23:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C27 0
0 67ms
66ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=396537717831331&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF5A 0
20 B 69ms
69ms Image
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BxqjMFiGCZemmLZClnboPurW_-AcAAAAAOAHgBAI&bg=!WlmlWRbNAAY3kmNgF5I7ADQBe5WfONqhJRQWIMSO8j0YTbGskMGA1wuD3VWQRIKkg1tiSJbx62f7iHg4yIyvW6s9sqUHAgAAAFZSAAAAA2gBB5kC_uN7ILoqGvdQdQFo6GCdqDiZG0JZocKzv4hnP97aWfJGz1QTud9dPXv0BXlf5S8NImhdLbWDxXd1Df9TmytuSP5M5EBbqKGq3zOoZE5UvwaDhZRBiaW1rQsB4zPszuIMsZkn9wCiCT7tirpK4kGBjMCbYpP2QHGmsjBCL92Io6A0Q19HyybcAbqfTgrX5zt63texRYhmikmZoWIiGlHazCtrTsRniPp3dOgfdId3wtjZZERKyE8yKCgEop-cs9rKd_Nym0teYMyJxNQ7EZ5_ruf2Js6peg6mYBg4U1P9SGQCYgUsi9DB0VATlY6Chq-64JowpTsYeceoxS1hlZB95mHs2vyvYkNJQMf7OQqscPPXn8zSSqTXSyejjbWVVNNr4EWgBkiX82zxwGYM-oZBmQGx7gnKgrp0m-LO73fqpB1qxrOybzPp_ycDHa2Hq3CyzEODfbJkD0QAujNYi5Wt6D5PEwx_BaVKFp4MD26GKw_YN13ysqMrABipwqEYNL_1tPqcUrkugWLFQ58RAq3XP2XPnaHnfE5PTOptQfVC_UyqZhgTl2sBJQRPAbUJ73NuSpV_PI6s7S04siQvG9dA9mE_Cnl0KkBHqcoK-Reoak_A9hstmvhMkDybP3Bv8GXHwjE9bMhcfz6-ogWny_WOLnwvPdeAm6X7iOjB-HUuREMLG9AWWgEWfy2I5ueyImHFkE-rChAtTcDMOAnDiWrJeD56CIXWYZ2oLF4kLMTBjJSiKjN8cgRNEFlsbuktNZParCs5dBujw7sJOUy7Np3s_qTioyAJ0AquHo1agRnEZ0-S71uQqrNq_FSkD5Xv0qrt4neEi-skIFQV8VK6ErDeS1iEzIEteja1KV8p4ybpBaWHYF1spAyFz8Ha6cs5lMgShqZY88hXLr0ZKTxlkknv5sCYs7GFAzViyA7_kRwvDrc05NvbE_s8u-SOrUZ6jCwWoaNmko08e27iWv2_JRNFUxVFXnEO8vQhuedtQ9ljr_x5QxDqIIuZLkZ8ibHvZS0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r1---sn-q4flrnez.c.2mdn.net/videoplayback/id/b7676c45aba5c3f2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847113363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 52E7 6 MB
0 119ms
58ms Media
video/mp4 2607:f8b0:4000:45::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:45::6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 19 Dec 2023 23:02:47 GMT
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-8318979/8318980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 8318980
last-modified: Fri, 15 Dec 2023 18:32:42 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8EC5 0
10 B 52ms
52ms Image
text/plain 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nWLquQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:02:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dc_oe=ChMI6YmV682cgwMVkFJHAR262g9_EAAYACCg8NNiOhoI-I_4xgEQ55nWt9IEGJvSiOQDIP6jpPWtEkITCIy4y-rNnIMDFZyN7gEdqaYCNA;dc_rmcid=CAQSTgAvHhf_SYWduyRkDdQO9qGhHAEyy6nWhea4EW9JQvo0dQGRTH-8OGOVDJQWaJBWupTiuv9...
ade.googlesyndication.com/ddm/activity/ Frame 52E7 42 B
401 B 169ms
65ms Image
image/gif 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6YmV682cgwMVkFJHAR262g9_EAAYACCg8NNiOhoI-I_4xgEQ55nWt9IEGJvSiOQDIP6jpPWtEkITCIy4y-rNnIMDFZyN7gEdqaYCNA;dc_rmcid=CAQSTgAvHhf_SYWduyRkDdQO9qGhHAEyy6nWhea4EW9JQvo0dQGRTH-8OGOVDJQWaJBWupTiuv9SGuhq3Vc_S8fuIY7_OJJhR2f265_5_Lms-BgB;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOliMk8nqzZyDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D179264737%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1703026967460;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 52E7 42 B
64 B 72ms
70ms Image
image/gif 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl87oFSGCZczZIJybur8Pqc2KoAOcisnhdP6jpPWtEoncoofUARABIOfo8CJgyYaAgNyjxBCgAf7utrkCyAEFqAMByAObBKoEogJP0ET5VucVGr6CXRM9SnvDVE85BU49jaL9CqtZQyVcNDSouYmyy87Z_QwZrku7nqjHKp4ZMT2sxn9cFrHwcVdtlBJ2XNWEu0ckLBxrM2itcUusrJXug8l3uUcYMFPM0fGTuyaVqypQW3o3HVFRWxZmN-AAN4xl-PrLaVXmHSHxGIHoF4zUIL4m2xxEJddNXz23P3OSMJGPQXm7oic2vovAPDp_R5QlGylwmUdO2jd0TogJqDgHLl-PqWWs3WBAS3DPOF3Ny0o4GYgj0m5B-vjqPTL0_xSbeSZ1YjROOoLj4kMTQs-5cAeUXZhu815GeqC9eqecXKzpZhKRvmWIAguzpdol6JR6AEW3tWPkGN6yg6EpbJt626UZY5zIJ-MabcIUccAE55nWt9IE4AQDiAXF6PjYTZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliMk8nqzZyDA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CVVOwE8Oy-hXIE5vSiOQD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=0zAhHvdTuBU&label=part2viewed&ad_mt=7&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D179264737%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1703026967460

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 52E7 0
557 B 186ms
74ms Image
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-Ngi3NZ21OGgWNMMS1Q6VvNnwztNSBq9wuvDnT0c1hEmLrGJwG_kxkZFnKqQ6cpEXy7PbJQBAGe27Yy6JZI2cpeG3B2Xf81ZH0DyqWEHGzYs-qsIfhdTTarDgorcZ5HU5Ww2hJu0jUfXHAILvlyeb-X6otPAZ2HXzm-n0xbYkYyLBjbt9byIr3TcvnyHsVBdcgi72owqCXgEnPE8yA5-bEh00Z-uU3EoEhItXkZ9DpWxGVp_8JmjA8ZOs6Vr4JHQ61Q8AHM_G6oTCDtwR-F9WxEcKSx4P_razN0FsWMmYak2_kVInk60jfz-9bWxHFsIiVEnVoWLdVjPFPNP1BUGJfOoh6cbfftqZjk26MQaKWQRTDNBPQqf44WNH95bxcijrf5DLaAXVsPVdO2sYulBa7ndMqvGQnmT2UAt2d3kxDswveIeKoMo0oV_0sDSvpJAbrpalGdhq-DYrdKU50w1vMyx3U6MwYHOaTNvaJXvXu04eSTYkc4Pv9enbBjb-H7GqIrmsKJHRZIzAutMoa1A8XKsmEEjUTRtVg1aJ-Hn4qSdBgwxbsj-BiSB_Q0bYw5ysv9mefAHr_VnSVlRgi2Yl7cuWhQtsNxqPLpGwsdsGWkFfiIn4veY9PH3MoKgzetyoWndBkmjprlxJ6912xEf0SMBBMcrNO0L-WhJyp1pcP6ouVvgoSsd9hs4IVyYbQJXxYi_v4ipsLAQjz-8Sc6k8u_lS76W9GQ_6u5jtcUiD7V_EStG8pFGQps1BNN3YBMXwSf3RLO_dFrtJgGy5UuEnOV_TUfljnfD-Vo70i4o8oEGCVWiefSGmKEGZcIdcvkOYxDun8nn6Sa6rfup02Xekn7kwL5Q3GbMKq-GKpBQoCRZV7OdKnSHlz1YHpfQastYv20ECsvHQmJE9WMcSlo6zM8yLV546uxiGJANLKgzfNgrOe9jXB9za-dhOB7S9oJ8eDbespZaudT8VRStf6K40CKwq0Tly5zJM-OHtJYRFoF9QmjnS0q3a6rXwDitB4qADUt8hydl-dhzksTAWy1-BjzNR56xbSSKydNyJLKXp5IOJ-HlUZBLHA1FZ4NIlbEgsM7HxA06XBGOvoCYfcVanYAS8pTwwM7rVIczQ3p88hPvxmEbeKN7dlc45zeIE08X1Dwi0tPXcGYd2G8f_p36vkVlErMLru4BMrteZyXMPghXmFdIO4Mm8dkAKg-rRqR_h2uGQqoZRx9r10MwqKSlgJrG5tE0BMNUmZYLWkl4314AwpLLRItFldezxbbnuYK2NmzCgeZYcayPYOahh9zc1bUf7cET8YA9S1Lb_kLYEqG1FdzFwD5KQutOLGFn504zmjEj0941aiAI7NEHChZsDgE2v-mXHpixuv6SmFhTi8YxWjgz0rXTVo6ijh3aMNlJpAIRFCTVMIB_2k0yQap1_lAewZ7E8faqj3gh5&sai=AMfl-YSE7KeucE2h3tQ7DkDXzZKkwRHcE9mzhFSh8JpV4-AAF4YWWTDZNI2XimjsMjj_q8a4QKIw83SSlsti0-cPN1TQX41-ciT3O8dG5CDKw8YEUnAQtmv_M16QSz-53-QQlsycu-1i59_gMuBFn2XzDM9k8hzklh06IKVGgc3UET9Y1FS0doLwKrImmqlHXaX1BZTh6imYFlhie5GGXDyxgoEAYF79ITe1SSCtxfn4CxfyuFH4T41KXd5gZHU08UYAXDLWZfzeVULM2EZXtOUbDzfNxM9HY2IJO3nwr-TIZXWNKOwIQ2TGIw5ml7UQquU&sig=Cg0ArKJSzBPSGi1O8j1NEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
d.agkn.com/pixel/10690/ Frame 52E7 43 B
615 B 197ms
59ms Image
image/gif 2600:9000:2199:9200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=1928138739&cmid=31175537&sid=6031710&pid=383852786&cgid=574950807&cid=206895136&aid=9902108&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2199:9200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
via: 1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: D7Rz59IXyV9NXO_qPzMOM7-GIqc8QuBQUm6E_Lxpbqd7sbiZlm3Ukw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 52E7
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhiFk82BAiABMAE&v=APEucNUQWsHukInThLCMqt8NzNZv1cKFeqFlDDZJbxfNPD-kOuXCDev-QfZTi9LgKKtbB0-TzWa0T74PfEwpVTHEyvhVUPx8UxfEZKufUBs-UumPoj6iUk4
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYIhFxfjyfH5QsZCptE83gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPhVb8sd2jAhPqNanmGklKM&google_cver=1

43 B
770 B

72ms
71ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPhVb8sd2jAhPqNanmGklKM&google_cver=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw8BuuX5vLg0ZiPe4nCyHfRTTQGGpm63bUET7Qq4VJqTCIhnUHRj1bpf8vRP4zdhhNQAOhikX6ZXlk%2BcJy%2F9EPbu5XsR8EYPXtdE%2FMdPIKhpnowcWBCM0c1XUUVmcUQ7fipVnUanRU7p6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838346759d2b9aba-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPhVb8sd2jAhPqNanmGklKM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52E7 0
20 B 69ms
67ms Image
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 52E7 42 B
64 B 72ms
70ms Image
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKnNNM6gAXxC5jJmHokV3G-59Vw1kfufAQLJn1y562OLIY_hmOtQzb_zfhHOLM2fMAhLk79x3lwAXomB2X-QuPkVgy2UwqE9xFWRcAghq5OYzaWhvjwKxjRPMR8Aa3gzJOU5a5vjWG_npB6Hm7hvQYXeI8&sai=AMfl-YT_hKL_g0C59yU-si0-AkSsG3KsKTDPQnJQ8Y0O9aSJubuF3hlE3VCCekp2PPSoli6VGLxW_AXNsoNZQwaNoRFp0o154wfa-2Kj43evx2nQoytMrpmaj95-Hgshi5PP9AgTsrEBGPb2TySvF8De&sig=Cg0ArKJSzDKay7j_K40hEAE&cid=CAQSTgAvHhf_SYWduyRkDdQO9qGhHAEyy6nWhea4EW9JQvo0dQGRTH-8OGOVDJQWaJBWupTiuv9SGuhq3Vc_S8fuIY7_OJJhR2f265_5_Lms-BgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D179264737%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1703026967460&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 52E7 42 B
64 B 73ms
71ms Image
image/gif 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl87oFSGCZczZIJybur8Pqc2KoAOcisnhdP6jpPWtEoncoofUARABIOfo8CJgyYaAgNyjxBCgAf7utrkCyAEFqAMByAObBKoEogJP0ET5VucVGr6CXRM9SnvDVE85BU49jaL9CqtZQyVcNDSouYmyy87Z_QwZrku7nqjHKp4ZMT2sxn9cFrHwcVdtlBJ2XNWEu0ckLBxrM2itcUusrJXug8l3uUcYMFPM0fGTuyaVqypQW3o3HVFRWxZmN-AAN4xl-PrLaVXmHSHxGIHoF4zUIL4m2xxEJddNXz23P3OSMJGPQXm7oic2vovAPDp_R5QlGylwmUdO2jd0TogJqDgHLl-PqWWs3WBAS3DPOF3Ny0o4GYgj0m5B-vjqPTL0_xSbeSZ1YjROOoLj4kMTQs-5cAeUXZhu815GeqC9eqecXKzpZhKRvmWIAguzpdol6JR6AEW3tWPkGN6yg6EpbJt626UZY5zIJ-MabcIUccAE55nWt9IE4AQDiAXF6PjYTZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliMk8nqzZyDA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CVVOwE8Oy-hXIE5vSiOQD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=0zAhHvdTuBU&label=vast_creativeview&ad_mt=7&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D179264737%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1703026967460

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 52E7 0
54 B 154ms
153ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lqcya9lm&c=4005147911691&slotId=2002573955845.5&qqid=CIy4y-rNnIMDFZyN7gEdqaYCNA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2018&mt=video%2Fmp4&vs=1280x720&dm=30000&ple=0&umsem=0&event_name=first_play&asset_bytes=199066&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1jn~ff.1k1~videopreviewstarted.1k3
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=396537717831331&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfONePdt5CEWfOb8w7qo6CkmXaBYD86wLlW1WS0QLfTYyICQJHMKdzj65zSlQtBwvvAgAAAExSAAAAA2gBB5kC5u7LvGt1PJBZN-WX0lURhCjcEgMz7JGVbDcL-DybWaaMjk9r1CSnDNmLH0FDr76t0mah73Cfcs5FCDy6Oz7ufixvxnULr7Q0XZl4LiTATW_ZXJoLRZR1SjqeBpgTiowf2oLEva7AI6YWaSgBNu6AWy6xqzZJeEu6nyV3HHfX8GsH7WLBkPyIJ0L1aA2c12cYB-7InuMd3eBcnSDVzsE4CJpUIdKGofZF63PCLjk2aUoclzDf3jeaFzzSVR6D9VzeECcaLAVc8YJxdVOS92RVqplsj7z2P2A2M-T3PpZs001lPSpEyrSOyEVVRLvHpgi21JmY6z5aMG19hAgf9J7EbEh_EmS8wDKLLTT4k92UpNGm0LYElpSqAuIIcGk6tjOeWjeluSTmcdjOLmWT1btTqdqOikqtYdU8CYqhymvXeSZaWU056pabizo-kUFh1AByRAVZ5OdnzzqQ9z2isTJf7p5JvGbzNJ3_9gNaNqZdmzbsLWFRFN7azDNT-J3b5SUhr1nIM1yBpvpFPdgSrdBSNDfxBlNcAZK1NQl_J1VL8UY-EAguBVWZnckLtVbbw0AArTBf97WSu7eEZRAqpzgrEB2iIkPS08ktcon-W-QPqGTPpwKFu1xIpBYGMutLIOBOQT5ShIFOLhPa4GcthlHcPCSO42K51ZOMRiFNyCbN46OLHtl0Y9M57X-Y2OhEOSxm5b4MDn5g2rdfgvgpIVHWQw0ZCWhCm2y2_ojmxRV_grruwFlasE6c2A6UG7wJP-MFQqHNT8WfNMnIuERMiwC2Kw0bhMxgZM52yxwqJCxF46yh8t8kdQXlDCCDe7lamG3GJ8Sb2TgIxZ6nW8VZtfSTB02duBRcL379FTP8OkkIMeEkes0unbschgwNvWvgIVePV_Y5iutIP1Fgb_Fmk5FPQXbuMbR_s46q9OX1T-tFMy9pcbXd6GT7mNc8xIWvaBhMWEwOTM2V6Zhw2e-MsH6iJIf_yF_mshE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://regbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 52E7 42 B
64 B 70ms
69ms Image
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKnNNM6gAXxC5jJmHokV3G-59Vw1kfufAQLJn1y562OLIY_hmOtQzb_zfhHOLM2fMAhLk79x3lwAXomB2X-QuPkVgy2UwqE9xFWRcAghq5OYzaWhvjwKxjRPMR8Aa3gzJOU5a5vjWG_npB6Hm7hvQYXeI8&sai=AMfl-YT_hKL_g0C59yU-si0-AkSsG3KsKTDPQnJQ8Y0O9aSJubuF3hlE3VCCekp2PPSoli6VGLxW_AXNsoNZQwaNoRFp0o154wfa-2Kj43evx2nQoytMrpmaj95-Hgshi5PP9AgTsrEBGPb2TySvF8De&sig=Cg0ArKJSzDKay7j_K40hEAE&cid=CAQSTgAvHhf_SYWduyRkDdQO9qGhHAEyy6nWhea4EW9JQvo0dQGRTH-8OGOVDJQWaJBWupTiuv9SGuhq3Vc_S8fuIY7_OJJhR2f265_5_Lms-BgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,156,119,365%26tos%3D2004,0,0,0,0%26mtos%3D2004,2004,2004,2004,2004%26amtos%3D0,0,0,0,0%26mcvt%3D2004%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2166%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D201%26dur%3D30037%26vmtime%3D2174%26dtos%3D2004%26dtoss%3D1%26dvs%3D2004%26dfvs%3D2004%26dvpt%3D2166%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D179264737%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2004&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1703026967460

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 62ms
61ms Ping
text/plain 2607:f8b0:4004:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KEQ727RHG2&_ono=1&gtm=45je3bt0v9134580520&_p=1703026964599&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1455390993.1703026965&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1703026965&sct=1&seg=0&dl=https%3A%2F%2Fregbu.com%2F%3Fclickid%3Db70646f0-9ec2-11ee-ac8b-0a7fe419e07d&dt=REGBU.COM%20-&_s=2&tfd=9067
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KEQ727RHG2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://regbu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:02:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://regbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: regbu.com
URL: https://regbu.com/wp-content/plugins/translatepress-business/add-ons-pro/automatic-language-detection/includes/trp-ald-ajax.php

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.manystylesandme.com/	1970-01-20 17:05:13	Name: 59241f9f-2e36-429b-84bb-abc82c5edf7f-v4 Value: Us4WiB1pWjJ7kd-Vp-zf6mcYch5CNJ9OvGiu2VFl_IM
.blog.manystylesandme.com/	1970-01-21 01:49:22	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22wck69v7u2osbhnrtimoi1q6u%22%2C%22caid%22%3A%2259241f9f-2e36-429b-84bb-abc82c5edf7f%22%7D
orvar-mza.com/	1970-01-21 02:39:46	Name: 604f7b6f-0cd4-4d20-93c1-e91664c5b996 Value: b706e332-9ec2-11ee-ac8b-0a7fe419e07d
.regbu.com/	1970-01-21 02:39:46	Name: _ga_M9NGL92EVN Value: GS1.1.1703026965.1.0.1703026965.0.0.0
.regbu.com/	1970-01-21 02:39:46	Name: _ga Value: GA1.2.1455390993.1703026965
.regbu.com/	1970-01-20 17:05:13	Name: _gid Value: GA1.2.1135747301.1703026965
.regbu.com/	1970-01-20 17:03:47	Name: _gat_gtag_UA_40216785_112 Value: 1
.regbu.com/	1970-01-21 02:25:22	Name: __gads Value: ID=28d18f65c59bb72a:T=1703026965:RT=1703026965:S=ALNI_Maegiez-M4zCGz82uqI7KBBk-9Uew
.regbu.com/	1970-01-21 02:25:22	Name: __gpi Value: UID=00000dabaccd32f6:T=1703026965:RT=1703026965:S=ALNI_Ma38kpbMOIX8B4bgxAx5Slv9emDMg
.doubleclick.net/	1970-01-21 02:39:46	Name: IDE Value: AHWqTUk_LltMt_y32SuXH3gy_4j3zTZVnXHonut6hf3EnUg2tBC-WdkKirbWJ_ZqNQU
.regbu.com/	1970-01-21 02:39:46	Name: _ga_KEQ727RHG2 Value: GS1.1.1703026965.1.0.1703026966.59.0.0
.rtbrain.app/	1970-01-21 02:39:46	Name: uid_cross Value: b96b7e06-9ec2-11ee-be5f-ce2ac79a43db
.rtbrain.app/	1970-01-20 17:03:54	Name: sid_cross Value: b8cbf719-9ec2-11ee-ad79-9aa08eb0e7d3
.doubleclick.net/	1970-01-20 21:22:58	Name: APC Value: AfxxVi4yN4xuQLI5CLxPIpqSRyj95DPrb9BbXL4amW2OZbXh3qxi1g
.agkn.com/	1970-01-21 01:49:22	Name: ab Value: 0001%3AtP2JtK8%2BUmaOuY5zT7F3mplzQHZKWn%2Ba
.agkn.com/	1970-01-21 01:49:22	Name: u Value: C\|0EAAtFN2XLRTdlwAAAAAAAQAHAAAAAAHbs3H__x4AAAAAAFwJXgAAAAAW4SDyAAAAAAxU-CAAAAAAIkUNlwA
.casalemedia.com/	1970-01-21 01:49:22	Name: CMID Value: ZYIhFxfjyfH5QsZCptE83gAA
.casalemedia.com/	1970-01-20 19:13:22	Name: CMPS Value: 1506
.casalemedia.com/	1970-01-20 19:13:22	Name: CMPRO Value: 1506

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
analytics.google.com
bid.g.doubleclick.net
blog.manystylesandme.com
cm.g.doubleclick.net
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
g.rtbrain.app
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
orvar-mza.com
pagead2.googlesyndication.com
r1---sn-q4flrnez.c.2mdn.net
regbu.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.detect.cz
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
regbu.com
104.18.36.155
107.22.53.88
142.251.167.154
172.253.115.156
172.253.122.155
172.253.63.155
2600:9000:2199:9200:19:fc2c:a140:93a1
2606:4700:20::681a:2be
2606:4700:3037::6815:14f4
2607:f8b0:4000:45::6
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::65
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c0b::8a
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::63
2607:f8b0:4004:c17::65
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::9d
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1d::84
2a00:1450:4008:805::2003
44.197.254.96
46.8.8.200
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1348be98d8f2a8599acfef9767527e164544e1e07cc74279cee0a1bb9a50a395
14c54438cdca89ae25314b9a32e0c795a3c6b663825067240005f60c8a435dff
1ab50bfb7b50ba43cf03e36facb6431597e46a51adb21f53f04297421494e5b8
1bc61117f652bc846db0c95c5cc7273b6c0484292ed2304168cadd8affd40487
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
246e5d2f70b9e2f43901db5f080cf38df03804c235c3009458a9ad59e6f47c98
24ce8b8cdbbbdad08aff58a93da8ce162528078e5a13977e4607a5a882cb459d
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a15dafa41689cef7df1573e8ca391a01fdd72f09cef27fd9cdc71c887b01c0e
2a7bc09215d14360eecc613094babf65ce928bd02f08c1d53c2cec2f71a16aa3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3182c6ebc02afdf0ae998303f1ca7ec92a387ebaedc85564eb26425620f8d1ee
326637e4c3f86d1f4f4d728a2de2a50d2c59f4a09844e866af8023ac6adcbc22
391e19bff9fbdb9261dd3d77cd00d5a1855011093c47b1fe9f5e3e1e47e78692
3995576a20df12952885a3e7cb3eed68e878874bfba0f250deee0ce15713b2ca
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
3ce4435d68c21d56cebe0995aedb94ce173653cc983b09c8544a67478af28225
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
42495d821ccd0890cf42f1b7ff365069dfbbf2db6a7cd2f58cbff0724153c1a0
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
490cadd098357152b599430f6364c0a1333e378a0967f1f3ecbe4172c6bbcf84
4ba4adc30c3a1a8c4b879da805348fbfc525acca5309e9f6f863323a2a79d5d6
4cc56528364598716c3aed2711f3cbdc4036f503be0af787ff3f6b1ac74a0274
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5a4b22644990ed0b5f68373075760fa4d987b650a6dd05409ddb4d8002a391b8
5e4288dc9b3af00a88a91714a222b0dab16f26454e70f9afd110b289e703f616
5ed66f46f5021700271152106eacb5ddf5802283782498fd360bdcf0478cfa77
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66d818b0b1c4ef3a05df5354a4e6348e16d2d57640883c150984aed3f2686abe
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a4b6ef22396bdddaa4f7abdf2342e10c54bf87c12c2d889e3353c16f6c64689
6b9e85f093b965c10ae691f564fea19fd9ed6bd20a8e27f47a279b8c34369e5b
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7cc0a6268639a7d726a8b113f3355679e316be4ec005b9ada7617ee9769f3a6c
84554ad84b590aa4d161301d4abb95d5d3b7013f38bbb0c02ba0d506ce3c548e
85c34c3277bb9c28f7e9f0b84dfb4a73196c25bb03ca1e887c507ec98ba6587b
85d05871f6315412de38a72c7164fd4917efba135ba06ed9972c502c1fd811ff
8638481343055c599a25799ffd5df5d3b393bdd73746e95e73cb8e7ca6027ed2
8a4cf636100eed390c98f19d88d5d14a1c084f89bfa1010baf8f2aaeaea039b0
8a52d124a5821cde93d0f507ea5b57407ef327189ff07e0496bcd3dc74861948
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9077bd707339a41d2960164348337c63e5e2e114ba70d55d7d677e7b48bba689
90c0c2576584d3dcfb427b6c622ff82380c243f37d40fa7901c5a668a7a37bbc
93091a57eb8f6af3b014bb7786fc3ac1ac056dd85bba419c456cdd6507a18dc7
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
994961b8f25a0b18f5050694571210c1c5348d6221561dab5f1d72b3182e2778
9ba5e0bf235435a81c9479a6c1757c6947fb6460b17f820bc70797a5ff4537f8
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274
abb477d4d2e332a08ec4d51f2734ee46ae879d2c0b71fe38da40d03962e3a708
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17974619f9233fb51fc94a230d109d563093530560a2ac910972020c8cc4209
ba1ceefb8407a39580dfb8fe55f14e8c4c5e1a20983d741ea218fa2d92e505f4
ba8b5831380f9b5c31aee40bdf84003d5a0ff9a33d04e39736633108814c73c5
badbb3191996e18c62e9d31ed1c39e841c63affa69d75a40c12fad46cbbabef5
bc78f50b6e27078e91fe318c8ebdc52bac6cabbe5c298f471bc60292e126e1a5
bd99232193ac694963af153ded0df07b8876de255f020c267c0b22bf7f7ac53f
c0a642173484d934a88d72be992b7e563e9153c07a36468edadd0e64160a6c94
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbfc008530391cea7c31573f92c52c291158481c6c9477c3d49059ee1cbe4667
cf122fe45ccffe0ed0058d1fb7efae80dc92a8710d8ab18a7d63984bb4aa685e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2c76682e31b1ad1abb3fecbee5bea020e97e249f13db0a0a041a83446a53f5f
d463c0ed6bbd2822bb32fe6d38a210d302657548e933f9a26dfd3482d04538c7
dd6747b68e5f84363c189fab01f3836b16389ab0259c5cadd4d89827dce5ac4c
dda6cc3899a29dbf0b4de9269c8bb941f3288fe69594a2677014d803e3f2ed42
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0443a45459dd002c8d076dee2aee0ca4b6b4e59a21760006930b2d9f0c3e133
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e21ed35cd4deffee9f308bebff9625437f4ecdead9f39f9f50918c1739337d
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
e84d414f7ad40d9a0c499c3c50c1cb508190c6762d5cdef720c96bf60529c415
e90d03e5868958c39f668350a8f49c57e42e04e41e0807d7aa967f3c4509ea99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a6a34bf175b066c767f76b9bcacb92d788fd908b9d463d212122a236b7185f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71e440bd8074d59686f35d87b824c16f5310a34bab7fb017b0178bd726e35d3
f9802fd5b10afab8794b5e9683d79e8aa13cd1ac482bb82abd444d9bd915bb11
fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd88d63a0b21974210c6097e5ecc5f1b569e288a77085c4b806dadcd6f73ad78

regbu.com Open in urlscan Pro 2606:4700:3037::6815:14f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

97 %HTTPS

69 %IPv6

16 Domains

26 Subdomains

23 IPs

4 Countries

1977 kBTransfer

10314 kBSize

19 Cookies

0 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

regbu.com Open in urlscan Pro
2606:4700:3037::6815:14f4 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

97 %
HTTPS

69 %
IPv6

16
Domains

26
Subdomains

23
IPs

4
Countries

1977 kB
Transfer

10314 kB
Size

19
Cookies

128 HTTP transactions
1 data transactions