urlscan.io logo urlscan.io
SecurityTrails logo

frs.registrea.com Open in urlscan Pro
172.67.171.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://frs.registrea.com/
Submission: On May 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 33 HTTP transactions. The main IP is 172.67.171.104, located in United States and belongs to CLOUDFLARENET, US. The main domain is frs.registrea.com.
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2024. Valid for: 3 months.
This is the only time frs.registrea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    172.67.171.104 (United States)

ASN13335 (CLOUDFLARENET, US)
frs.registrea.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
4    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
it.cabanit.com
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
9 cabanit.com
it.cabanit.com
78 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
242 KB
5 registrea.com
frs.registrea.com
58 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
343 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
2 gstatic.com
fonts.gstatic.com
71 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
33 7
Domain Requested by
9 it.cabanit.com frs.registrea.com
7 pagead2.googlesyndication.com frs.registrea.com
pagead2.googlesyndication.com
5 frs.registrea.com 1 redirects frs.registrea.com
4 www.googletagmanager.com frs.registrea.com
www.googletagmanager.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com frs.registrea.com
33 9

This site contains links to these domains. Also see Links.

Domain
it.cabanit.com
m.me
Subject Issuer Validity Valid
registrea.com
GTS CA 1P5		 2024-04-02 -
2024-07-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cabanit.com
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://frs.registrea.com/
Frame ID: 7D925AD515C8AE3CF6697ED4B8EAE520
Requests: 28 HTTP requests in this frame

Frame: https://frs.registrea.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 31A7F646617EB7E85A69ED8594B4491C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240515/r20110914/zrt_lookup_fy2021.html
Frame ID: 8D97C84E818C53E71E16E5C9763FFB41
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9974689965787868&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715932820&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Ffrs.registrea.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715932820169&bpp=3&bdt=257&idt=316&shv=r20240515&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=8739639892453&frm=20&pv=2&ga_vid=2004629243.1715932820&ga_sid=1715932820&ga_hid=1884555906&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083587%2C31083588%2C31083636%2C95331982%2C95330887%2C95331711%2C95332416&oid=2&pvsid=2249425239851350&tmod=1201614346&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=330
Frame ID: FF67894A7AD6B3377662DA3AD4A93970
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0872280A7109A0BB34E8509A34B4AC00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

it.cabanit.com -

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

33
Requests

94 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

814 kB
Transfer

2260 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://frs.registrea.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://frs.registrea.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
frs.registrea.com/ 		173 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frs.registrea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b323fc7bc8cf0230ac88da8a67bc65dd3bc2cd8eafd014631e3ee9e2f70914a3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
885212bbfd748ed5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 08:00:19 GMT
link
<https://it.cabanit.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQmgOO6RMPjSr2%2FPVqiXuFmeoXLeEvhrXBUB12MpYDI4hpHe4ZTxzYwk7qQh72ZZSFa3QWdcoexje5JdPnMZF%2Flz8oVxoV2XFY7JYe84ft3L9tJzVZiswz%2BQT2hKpe%2By28gktw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
x-turbo-charged-by
LiteSpeed
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3Aregular%2Citalic%2C700%7CRaleway%3Aregular%2Citalic%2C600&subset=latin%2Clatin-ext&display=auto&ver=2.0.47
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae7a5db95667235e74a5d7a9702c66a7ea24f4ff613963b49ce0fa0b5175b86e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 May 2024 08:00:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 May 2024 08:00:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9974689965787868
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8760d0144910c1b7323c25b34dd559f0047c0d88952245d2f758c476431d3901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Origin
https://frs.registrea.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52451
x-xss-protection
0
server
cafe
etag
14061034457615315207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 17 May 2024 08:00:20 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-817244261
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0996ad9cd07d9e5386d19b3bbef1cb7d574115895cf434cc623b5220237934ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93290
x-xss-protection
0
last-modified
Fri, 17 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 May 2024 08:00:20 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-56396427-77
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7322f0da2b446b82b6430535ffabdb9efdf4ace0ecfc482bd6aad8a21b8940fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75024
x-xss-protection
0
last-modified
Fri, 17 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 May 2024 08:00:20 GMT
descarga.png
it.cabanit.com/wp-content/uploads/2023/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.cabanit.com/wp-content/uploads/2023/08/descarga.png
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d6d6da2545d3b3402855b8e721b779abaa87d113e69d9329ea6ea6325a83ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
57703
x-ezoic-cdn
Hit d2;mm;f64789fb5e77b6263cdfa42887aa388a;2-365291-137;53d03d8f-9ea3-43e6-7c78-23440262457d
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Fri, 11 Aug 2023 10:44:39 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BQAhqxKZmDj3v4QGyM4juRwYSuvLKXXZBiBuTxxpBDlcZjOTOxfThy%2FdutMMcJ5ElWW4NoVqaPsoVBiq7%2BrRBwIyMElV2eEXXlOcyUUk9yFk%2F%2F0vvQifousP1W%2F9gL3s6Mez8LWUnwwxxjZ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
cf-ray
885212bd79752c6a-FRA
jquery.min.js
it.cabanit.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
321634
x-ezoic-cdn
Hit d2;mm;bd3d7375b4d506bb65143df713c18b11;2-365291-137;08428655-9e23-4d87-785b-3c9ecf6bed36
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Fri, 11 Aug 2023 10:41:47 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x58emR4i3Nr9qu7V7Z5%2Bhv0NLB1rSG5bxsDRsRZJh7IKAtmUZmma7SbXfdHExpfD84l5YkDm8jnveiMDdcaia7k6g14pYVd71WDisAppcNo4Twr3EY45lu9TEhOSV8D%2FconhPzJyVoCT2aGn1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
885212bd79722c6a-FRA
jquery-migrate.min.js
it.cabanit.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
163827
x-ezoic-cdn
Hit d2;ms;7afe5c5bc50780a321911f098b2074a5;2-365291-137;8099c4b5-fb0f-4083-4238-293e208b194f
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Fri, 11 Aug 2023 10:41:47 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMSfOM2C8%2Bid8uG78yVCXs2wTwP6nU436OA79vdZTQSzDpjaU6mnkbob9bEqGOy3uqwTvH5PO29rCvTqhyrA7vV6EEfM%2FeUUKozINKwoSUPMt8QXRyPSGiHfEflHAUhK20TdUjvGbahnW1jahw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
885212bd797d2c6a-FRA
lazy-load.js
it.cabanit.com/wp-content/themes/wasabi/build/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-content/themes/wasabi/build/js/lazy-load.js?ver=2.0.47
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75669ea154ae778ca44e4a48717a989d59ba43d8a299e8d164d2bf35797ae14e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
MISS
x-sol
pub_site
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-ezoic-cdn
Hit d2;mm;17755eec06528700c507c33292119290;2-365291-137;ae0e727d-cc65-445c-6085-32f5064dbb54
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Fri, 11 Aug 2023 10:41:39 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ax5UpvcgVAQNCrlO9cO2qDRRBCArEHpw84YV%2FEDXrTo0TotbcInVt3pSd7SI3yHDUX2C6kIJzvNcFcZOFCT2Jn9508krj%2F%2FVMirGsZ%2FSXtVLkDxlw4vGXbBAv6DmyBL7Py2fg9m9u2jCrTJFTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
885212bd79792c6a-FRA
menu.js
it.cabanit.com/wp-content/themes/wasabi/build/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-content/themes/wasabi/build/js/menu.js?ver=2.0.47
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe6c1dd2b22983e4a44ac6e5eebb5908c9415b229d7d3120fda297d1ee07b55

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
MISS
x-sol
pub_site
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Fri, 11 Aug 2023 10:41:39 GMT
x-ez-proxy-out
true 2.4
x-ezoic-cdn-debug-orig-vary
Accept-Encoding
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDJCsJGCMXwtrRs3vbs9MkjCynBZgStwjdmFzOzpUQRIW2ZOgKewYZ6m%2BViPN108TtNvANwzmXTutR5eKM96sa6KX1xoHFAuAAhzZflzsuVJxdptkx2PrJj8aUuqxyjkA2vqeLr9QqS6uNPWjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
885212bd79762c6a-FRA
expires
Fri, 24 May 2024 08:00:19 GMT
cht-front-script.js
it.cabanit.com/wp-content/plugins/chaty/js/ 		138 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-content/plugins/chaty/js/cht-front-script.js?ver=3.1.71696098268
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bcebb4029cb59f201df45a143f3775c057c8f66b5fe099a6a8e987ee611e957

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
pub_site
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
71650
x-ezoic-cdn
Hit d2;mm;89966365dff449f0f3d6e6aee5b42548;2-365291-137;d134bbaa-cd26-4ed0-7f6e-1fec3972f7f6
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Sat, 30 Sep 2023 18:24:03 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BY5saDoNfq4L4Yc47RHapm7zDANJKObyWaMuonTOlCOM2Gndtp%2BeWEcYOCK%2FPQVUvyEK4qik52f7njJQopNCCN8Ow5kdBKVzJAJmPpspR1eNb0pxjYzl%2FMevA2KKBYoNJkLJUMbsrnpKcCATEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
885212bd797c2c6a-FRA
index.js
it.cabanit.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
MISS
x-sol
pub_site
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-ezoic-cdn
Hit d2;mm;43f451d942a06fbc1ba15adcbf930022;2-365291-137;97d70757-abd7-41bf-4a22-3d483abb0876
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Fri, 11 Aug 2023 10:41:33 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FE5XUAwDAH%2BvbdkT%2BU689c8%2FyQhkUUyRQMYFOljivEAEtjkPC6GgG0tDV%2BPFTxYGsynkk9o6A82FKcjSSzBgQgdUQka3W9aLn%2BSkOf7sVP8o93t9HcY3SbklSKAzPu%2F4pSJYg3rN8q%2BF8e9y0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
885212bdd9e62c6a-FRA
index.js
it.cabanit.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
pub_site
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
163827
x-ezoic-cdn
Hit d2;ms;21c2e20fbfe280c8c032d47a1a8e81cc;2-365291-137;cdc652a9-d68c-4c47-4adf-dc309839a321
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Fri, 11 Aug 2023 10:41:33 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0HkSQr09Ku%2Bi7Na9b55Cm6kRZ%2B2BM%2Bhw6PDtjRZ65gxOgwvQDwaVDsPC%2Fg5R%2BiCVw3zh1NUbUYhZPksfJNL%2FMjUVC%2FyE14NSXzPmtdkEvUzf4JdaXFneAtfyyG6GAuVUZsIpPUt049uLJ81mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
885212bdd9ea2c6a-FRA
obfuscated-links.js
it.cabanit.com/wp-content/themes/wasabi/build/js/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://it.cabanit.com/wp-content/themes/wasabi/build/js/obfuscated-links.js?ver=2.0.47
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ebd7938ddd26b9afcffc072e3762557b760010a7baf90c208a2795a9e62dec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
MISS
x-sol
pub_site
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-ezoic-cdn
Hit d2;mm;9901364144693aafe6e89beb32ed186c;2-365291-137;6b62bcd4-1c2d-41f5-7b94-d034bffcbb5c
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Fri, 11 Aug 2023 10:41:39 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XoT5S0qUTth62Au33dqrpdlxH%2BDSrli%2BU7kqwvzQi5ic1AKId7kV%2FHOMMnX2d8YfigSQdYUq%2Fq6O5CAFfPavkeRsMHi9Zt1I3HyHk%2FYZ70cS%2FVk2VIj0nfQSluoN5fq%2FZWKZvQKrHbNtUEXmDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
885212bdd9ed2c6a-FRA
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2Citalic%2C700%7CRaleway%3Aregular%2Citalic%2C600&subset=latin%2Clatin-ext&display=auto&ver=2.0.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://frs.registrea.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 00:15:47 GMT
x-content-type-options
nosniff
age
27873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 May 2025 00:15:47 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2Citalic%2C700%7CRaleway%3Aregular%2Citalic%2C600&subset=latin%2Clatin-ext&display=auto&ver=2.0.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://frs.registrea.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 03:42:10 GMT
x-content-type-options
nosniff
age
15490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 May 2025 03:42:10 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9974689965787868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
913d11bdf24c81efc0c2a004eaec811eb171347bf1d20e966f46f3de6d9f78a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32390
x-xss-protection
0
server
cafe
etag
14234856779559455241
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 May 2024 08:00:20 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/ 		416 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9974689965787868&plah=frs.registrea.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9974689965787868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
20f643bf526f2db804720fd749564f2a3716a9896fac91d8df13ce05afd77869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143776
x-xss-protection
0
server
cafe
etag
7755836178528624528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 May 2024 08:00:20 GMT
main.js
frs.registrea.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 31A7
Redirect Chain
  • https://frs.registrea.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://frs.registrea.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frs.registrea.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/
Protocol
H3
Server
172.67.171.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f2c6bdd5e419ef1d2e093b88be6de5d72cd57915e9f64d5746d7e8ac26a970
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjY69D8KYqSwo%2FFF1LS4Qk7dtm5BpSvmBUvsZ3biBJQaXpm4u%2F71IQRfDj30TMSadPxvYwvD1dMdLvXg5nO3HIICpHOPzdqOKDsfUAx6crk9nc8y7O3qRDNPgdJ40pOpl4eR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
885212bed9a38ed5-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 17 May 2024 08:00:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8l7JXI0%2Ft5uYovgLvU9sB0diUrAhdhK%2B6tkVB3940bkrsYXtFlrunDyhvJVtMXJdJNL5FNf9ObTtLyEUKx2HMllP5QLGTmNE4UjqdUf4to909MqnuhLxzxB77l85xltFU1iWw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control
max-age=300, public
cf-ray
885212be894d8ed5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ 		245 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BNY830FHVG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56396427-77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2fef99ce21876a84f590c4ce3357fe3cb53abd7633eac26bec24d317336166a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88781
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 08:00:20 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-817244261&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56396427-77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18531d7707e0e78b1bab02aa52a1f8039e6b1122677963420468b036f2b0f9fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93201
x-xss-protection
0
last-modified
Fri, 17 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 May 2024 08:00:20 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56396427-77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 May 2024 06:20:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5993
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 17 May 2024 08:20:27 GMT
885212bbfd748ed5
frs.registrea.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 31A7 		0
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://frs.registrea.com/cdn-cgi/challenge-platform/h/g/jsd/r/885212bbfd748ed5
Requested by
Host: frs.registrea.com
URL: https://frs.registrea.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=myhW5BdWMtCjlAPw8wquE4eNtZHBF7Hx%2BQ%2FlvtdpJyotOXaxpIgRgCvKx1ramCkoOPQLnXGXD8wK2S2uNIhyAruhwOJWLfQLhYE0lAZYwtRxo7hOVo0rqT9JxyHf7O1OncuKoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
885212bf9aea8ed5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BNY830FHVG&gtm=45je45f0v9108809445za200&_p=1715932820051&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2004629243.1715932820&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715932820&sct=1&seg=0&dl=https%3A%2F%2Ffrs.registrea.com%2F&dt=it.cabanit.com%20-&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=751
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNY830FHVG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 08:00:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frs.registrea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240515/r20110914/ Frame 8D97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240515/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9974689965787868&plah=frs.registrea.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frs.registrea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
19946
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 02:27:54 GMT
etag
5035419970550746386
expires
Fri, 31 May 2024 02:27:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame FF67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9974689965787868&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715932820&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Ffrs.registrea.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715932820169&bpp=3&bdt=257&idt=316&shv=r20240515&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=8739639892453&frm=20&pv=2&ga_vid=2004629243.1715932820&ga_sid=1715932820&ga_hid=1884555906&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083587%2C31083588%2C31083636%2C95331982%2C95330887%2C95331711%2C95332416&oid=2&pvsid=2249425239851350&tmod=1201614346&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=330
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9974689965787868&plah=frs.registrea.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frs.registrea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 08:00:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1884555906&t=pageview&_s=1&dl=https%3A%2F%2Ffrs.registrea.com%2F&ul=de-de&de=UTF-8&dt=it.cabanit.com%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=17749158&gjid=740819215&cid=2004629243.1715932820&tid=UA-56396427-77&_gid=615526380.1715932821&_r=1&gtm=457e45f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1869131520
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 May 2024 08:00:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frs.registrea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9974689965787868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240515&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9974689965787868&plah=frs.registrea.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8e4f0d2563ba8b176ad9f4fb2e6ffa0c338ab3384079079ba6a472ce73ac3c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12315
x-xss-protection
0
favicon.ico
frs.registrea.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://frs.registrea.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2fe4921477f1da9e9cef640fdabaaad03a7de00b53ebd48f0bd46f07d09498

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDDt9Gyo%2FTWV04Yu3F4oSxm11C%2BvMYswabL2%2FStNbDd0sKYHvvj4HTu7T7wbNXNBmEhNaQRuXrPQRMO%2FU8MENFoxAQkM2lr7Tl16hc0NALavfBMGHo3AjvHMRqipjz%2BLCPvSuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
885212c1de1a8ed5-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9974689965787868&plah=frs.registrea.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://frs.registrea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 May 2024 08:00:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0872 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://frs.registrea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
4623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 06:43:18 GMT
expires
Sat, 17 May 2025 06:43:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240515&jk=2249425239851350&bg=!Y2ClYC_NAAaTdHvKs3Q7ADQBe5WfOLDWpOu8W98QD7mPwGPDdOxxen6NFO3XUiYMEcGm_1N0a9w46HHs25jjXzFwjBeyAgAAAENSAAAAAWgBB34ANX_Td4d0YbsRUaVLAxS61lCFoIACFTuq9T3MbzBwu4zQWs1BaOjCmEHUZ7iytNO5jGe9EiJOmQKQLeEBW6YvoVEryDBdQVjKSHiljMk8_s1BnznBB8Kywb8TAqF_FmWw3Gq8ytNS27YT5EprOFQm84uFZhl2Rl-JJfJEMHjnERXYmkehGGt_iBNgWlNgy-KLqLrmbBhCH5n5XM6vX_PPm1DSEXzPAec59EQTLDFk5qpOkqJtKd7_SWshzNYhy-gcQkgC0Kw9bD_yEPxvWl3FpnPwNF2LRXgOZPnptvfr5zilQrc_6BrSG4rRLewkyxKJt7kb09BEg_kVsm5xHRGltv_a-Sfnef6np-hDvctzzn0yd9xV5D7QA1CoiC4ufqRCvAfGM44Ff-9aWprP7TyJL14hLTqNCAUuKlNbpBkR1aPC77PQPgLfB8OI3rlBaV4vTUUlOg37fXDJzW1PUYofEMjpUGeQbTIsnbp9ZvXg044SjEh6EMGf-yoCzYHY_lDwaVCIIRyf3ArWq53Bk3RQwbrpBzal3etuNnrKcWnTO6ID-tLCaTV9a4OWC_ky40O6LzYL_hlCBhFpsmUzB9B-MryuX6IBef_dnSkPTEklofHirlcETaIoZ8l-5rfZQxnccbi5GLFBeOtgJat-s6KnIq3tnqU1sAJ7jmMDGej7BmhN35YGn_EmmNiuPWrGyzFp3uZv4fMFoFPMZlTOklfWV8IiBwMxla-1_ecmENRPmDYboOo3IHgngMH47ZNDm7oTVff-nxCqtk6BcwS8fTkTeBpkjS4odtOsYKVNJnSHbOKjnJQ5rJjUOfEOsVCmiGJL6Wb0yh3GeE_VoZA1TFvZAnzDaadby8lDaSdG6U-cppgJKSAjo-CkCJRw5kiU1hjA3e0_O8-1Inx9Ua-6FGEaJ7S0ZS6-4QYFpqLFTd9bJAkm7gilw27pci0

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer undefined| $ function| jQuery object| tpGatewayBackground object| tpGatewayBackgroundBlackout object| tpGateway object| tpGatewayButton object| customText boolean| versionPixelFired function| __tp_init_gateway function| setInitCookie function| checkGwd function| __tp_show_gateway function| firepx function| scrollEventThrottle function| getCookie function| getPageLength object| gatewayURL boolean| tpGwjsonpg object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| chaty_settings function| launch_chaty string| googleV3Token function| onloadCallbackChatyV3 function| refreshG3Token function| onloadChatyCallback object| swv object| wpcf7 function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists function| ai_run_821955974867 boolean| ai_js_code object| wasabi_menu object| wasabi_obfuscated_links function| ai_document_write string| selector_string object| google_tag_manager string| GoogleAnalyticsObject function| ga function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

8 Cookies

Domain/Path Name / Value
.registrea.com/ Name: _gcl_au
Value: 1.1.291307072.1715932820
.registrea.com/ Name: cf_clearance
Value: NrXaJPNHALEvHFB5pfhr0yD22oTM34SG2FXkKt8Equg-1715932820-1.0.1.1-56v2mmmGCiyJA8U9GAhzjoKKykRawe0QfeqKZuMtCYSpy2gnXQedb68K8PT7VCNyakTzdbM8ULHKZcMPH7o1gQ
.registrea.com/ Name: _ga_BNY830FHVG
Value: GS1.1.1715932820.1.0.1715932820.0.0.0
.registrea.com/ Name: _ga
Value: GA1.2.2004629243.1715932820
.registrea.com/ Name: _gid
Value: GA1.2.615526380.1715932821
.registrea.com/ Name: _gat_gtag_UA_56396427_77
Value: 1
frs.registrea.com/ Name: activechatyWidgets
Value: 0
frs.registrea.com/ Name: chatyWidget_0
Value: [{"k":"v-widget","v":"2024-05-17T08:00:24.234Z"},{"k":"v-Facebook_Messenger","v":"2024-05-17T08:00:24.234Z"}]

1 Console Messages

Source Level URL
Text
network error URL: https://frs.registrea.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
frs.registrea.com
it.cabanit.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.184.226
172.67.171.104
2001:4860:4802:34::36
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:830::2001
2a06:98c1:3121::3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d6d6da2545d3b3402855b8e721b779abaa87d113e69d9329ea6ea6325a83ce
0996ad9cd07d9e5386d19b3bbef1cb7d574115895cf434cc623b5220237934ef
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
18531d7707e0e78b1bab02aa52a1f8039e6b1122677963420468b036f2b0f9fe
20f643bf526f2db804720fd749564f2a3716a9896fac91d8df13ce05afd77869
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
5c2fe4921477f1da9e9cef640fdabaaad03a7de00b53ebd48f0bd46f07d09498
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcebb4029cb59f201df45a143f3775c057c8f66b5fe099a6a8e987ee611e957
7322f0da2b446b82b6430535ffabdb9efdf4ace0ecfc482bd6aad8a21b8940fb
75669ea154ae778ca44e4a48717a989d59ba43d8a299e8d164d2bf35797ae14e
79ebd7938ddd26b9afcffc072e3762557b760010a7baf90c208a2795a9e62dec
8760d0144910c1b7323c25b34dd559f0047c0d88952245d2f758c476431d3901
8e4f0d2563ba8b176ad9f4fb2e6ffa0c338ab3384079079ba6a472ce73ac3c94
913d11bdf24c81efc0c2a004eaec811eb171347bf1d20e966f46f3de6d9f78a8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
ae7a5db95667235e74a5d7a9702c66a7ea24f4ff613963b49ce0fa0b5175b86e
b2f2c6bdd5e419ef1d2e093b88be6de5d72cd57915e9f64d5746d7e8ac26a970
b323fc7bc8cf0230ac88da8a67bc65dd3bc2cd8eafd014631e3ee9e2f70914a3
bfe6c1dd2b22983e4a44ac6e5eebb5908c9415b229d7d3120fda297d1ee07b55
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2fef99ce21876a84f590c4ce3357fe3cb53abd7633eac26bec24d317336166a