register.content-tab.co Open in urlscan Pro
2606:4700:3036::6815:2be Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.lpdreamforge.com/3wbz8f/nlcjpbb/0.8651925187806826
Effective URL:
https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMz...
Submission: On March 18 via api (March 18th 2024, 10:48:24 pm UTC) from US — Scanned from US

Summary HTTP 43 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3036::6815:2be, located in United States and belongs to CLOUDFLARENET, US. The main domain is register.content-tab.co.
TLS certificate: Issued by GTS CA 1P5 on February 7th 2024. Valid for: 3 months.

This is the only time register.content-tab.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	34.117.79.165 34.117.79.165	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.251.100.56 34.251.100.56	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700:303... 2606:4700:3036::6815:2be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3035::ac43:8192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
7 20	54.75.164.45 54.75.164.45	16509 (AMAZON-02) (AMAZON-02)
2	23.88.8.123 23.88.8.123	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2607:f8b0:400... 2607:f8b0:4004:c1b::54	15169 (GOOGLE) (GOOGLE)
2	178.63.248.57 178.63.248.57	24940 (HETZNER-AS) (HETZNER-AS)
43	9

2 34.117.79.165 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com

www.lpdreamforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.100.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-100-56.eu-west-1.compute.amazonaws.com

router.onthego.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::6815:2be (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

router.content-tab.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
register.content-tab.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3035::ac43:8192 (United States)

ASN13335 (CLOUDFLARENET, US)

register.content-tab.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.content-tab.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.75.164.45 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com

vw7r8nm3.xfgoozmrek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.8.123 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu7.1push.io

push-sdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::54 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.63.248.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub6.1push.io

uidsync.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	xfgoozmrek.com 7 redirects vw7r8nm3.xfgoozmrek.com	2 KB
18	content-tab.co 1 redirects router.content-tab.co register.content-tab.co api.content-tab.co	382 KB
4	gstatic.com fonts.gstatic.com	32 KB
3	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 62	2 KB
2	uidsync.net uidsync.net — Cisco Umbrella Rank: 37600	713 B
2	push-sdk.com push-sdk.com — Cisco Umbrella Rank: 34544	15 KB
2	lpdreamforge.com 2 redirects www.lpdreamforge.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	956 B
1	onthego.lol 1 redirects router.onthego.lol	777 B
0	Failed function sub() { [native code] }. Failed
43	10

	Domain	Requested by
20	vw7r8nm3.xfgoozmrek.com	7 redirects register.content-tab.co
15	register.content-tab.co	register.content-tab.co
4	fonts.gstatic.com	fonts.googleapis.com
3	accounts.google.com	2 redirects
2	uidsync.net	register.content-tab.co
2	push-sdk.com	register.content-tab.co push-sdk.com
2	api.content-tab.co	register.content-tab.co
2	www.lpdreamforge.com	2 redirects
1	fonts.googleapis.com	register.content-tab.co
1	router.content-tab.co	1 redirects
1	router.onthego.lol	1 redirects
0	browser Failed
0	logo Failed
43	13

This site contains links to these domains. Also see Links.

Domain
content-tab.co

Subject Issuer	Validity	Valid
content-tab.co GTS CA 1P5	`2024-02-07` - `2024-05-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.xfgoozmrek.com GoGetSSL RSA DV CA	`2024-02-01` - `2025-03-02`	a year	crt.sh
push-sdk.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
uidsync.net Sectigo RSA Domain Validation Secure Server CA	`2023-12-30` - `2025-01-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Frame ID: 9A8C21611EA0D898DBD3E64789867E9F
Requests: 42 HTTP requests in this frame

Frame: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIM33rnMhPE3pHyzej98p-R2Y-brBQzZ1SSuOsx3Eb-siasEmvg0ott96v_3-0-cGrQEnLWbA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S872457903%3A1710802100403809&theme=mn&ddm=0
Frame ID: 310C995864B589985E4F5F2D8149B4DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Content-Tab

Page URL History Show full URLs

http://www.lpdreamforge.com/3wbz8f/nlcjpbb/0.8651925187806826 HTTP 302
https://www.lpdreamforge.com/3WBZ8F/PZJSZ1S/?__rpt=0&__po=11077&__ptid=ca2c0a9467664143a6b19068377dcf3d&_... HTTP 302
https://router.onthego.lol/click/k5/PBjpYMxVe1frez5ea?sub_id=64&click_id=3c2f96234a7f4770884d90472da41f... HTTP 303
https://router.content-tab.co/?lp=ivtnc&sidng=no7nWqZdQmmKMOP8WbK6Wde2ce&aid=PBjpYMxVe1frez5ea&PCTX=3c2f96... HTTP 302
https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMT... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

43
Requests

74 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

431 kB
Transfer

1274 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://content-tab.co/terms?lang=en
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://content-tab.co/privacy-policy?lang=en
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://content-tab.co/support?lang=en
Title: Support

Search URL Search Domain Scan URL

URL: https://content-tab.co/cookies-policy?lang=en
Title: click here.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.lpdreamforge.com/3wbz8f/nlcjpbb/0.8651925187806826 HTTP 302
https://www.lpdreamforge.com/3WBZ8F/PZJSZ1S/?__rpt=0&__po=11077&__ptid=ca2c0a9467664143a6b19068377dcf3d&__rpa=1&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=2 HTTP 302
https://router.onthego.lol/click/k5/PBjpYMxVe1frez5ea?sub_id=64&click_id=3c2f96234a7f4770884d90472da41fda&fb_id= HTTP 303
https://router.content-tab.co/?lp=ivtnc&sidng=no7nWqZdQmmKMOP8WbK6Wde2ce&aid=PBjpYMxVe1frez5ea&PCTX=3c2f96234a7f4770884d90472da41fda&var3=64&var4=agn_312&sub_id=64&click_id=3c2f96234a7f4770884d90472da41fda HTTP 302
https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu HTTP 302
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

Request Chain 29

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLbSnrWsfaQ8ttjEQ4n6glp8hrv_4U_UDk7D5lJiBYQYjBrqihUjJz-LUoF7S9iGh7tZoSUPA HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIM33rnMhPE3pHyzej98p-R2Y-brBQzZ1SSuOsx3Eb-siasEmvg0ott96v_3-0-cGrQEnLWbA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S872457903%3A1710802100403809&theme=mn&ddm=0

Request Chain 35

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu HTTP 302
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

Request Chain 38

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu HTTP 302
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

Request Chain 39

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu HTTP 302
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

Request Chain 40

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu HTTP 302
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

Request Chain 43

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu HTTP 302
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

Request Chain 44

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu HTTP 302
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

43 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
register.content-tab.co/ivtnc/en/
Redirect Chain

http://www.lpdreamforge.com/3wbz8f/nlcjpbb/0.8651925187806826
https://www.lpdreamforge.com/3WBZ8F/PZJSZ1S/?__rpt=0&__po=11077&__ptid=ca2c0a9467664143a6b19068377dcf3d&__rpa=1&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=2
https://router.onthego.lol/click/k5/PBjpYMxVe1frez5ea?sub_id=64&click_id=3c2f96234a7f4770884d90472da41fda&fb_id=
https://router.content-tab.co/?lp=ivtnc&sidng=no7nWqZdQmmKMOP8WbK6Wde2ce&aid=PBjpYMxVe1frez5ea&PCTX=3c2f96234a7f4770884d90472da41fda&var3=64&var4=agn_312&sub_id=64&click_id=3c2f96234a7f4770884d9047...
https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGl...

43 KB
13 KB

446ms
429ms

Document
text/html

2606:4700:3036::6815:2be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48943afecc65c2c01263b1c7f2ee967efa9a3cce73f0a3241089c4a1be2f1764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8668c4f0ec404bd8-BUF
content-encoding: br
content-type: text/html
date: Mon, 18 Mar 2024 22:48:17 GMT
last-modified: Fri, 08 Mar 2024 10:36:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=afUn9f9AZMRvW6sEI5xN6z86jtCi3hlYlftk%2FEfV1Tr7MSNBAdNkR66pA5SJrmAr4a1PrdXsGOJtwqRBaLXbs8ogwUNrYf3sJLzc9mzvWp3eC7wLcvk0Z30zN6z5OHvcf3Qk5FrxHoXVl8dFBGa9R8etW4Unpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8668c4ec69c14bd8-BUF
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 22:48:16 GMT
location: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37sJ3oe7AAhz97%2B%2FIAcK6fV7upIi7KIpJRN9myJlA0qL%2FjMBOIz8Nws88F5Ud7pCXqhiod%2FyNVYIB8HT4G0d%2B%2FglZMID36VDGTCHBpzY9lZ00NHitdjAL36tSSLYmniYY%2BgOG6XH%2By2RNMpNL3ds93oStQc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
956 B 118ms
49ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2fb31b13937b4f1209e343fcc2367beef1d09ad819c1131ddc5d49fbcfe9278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 22:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 22:43:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 22:48:17 GMT

GET
H2 200 styles.e1148caa7d4ca72e569d.css
register.content-tab.co/ivtnc/assets/ 79 KB
14 KB 568ms
567ms Stylesheet
text/css 2606:4700:3036::6815:2be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d59bbd420294d992c5ee1a611bd8e65004b277bc683b44becfd350cfbccb703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-13a64"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UEdaxEqGh%2BNGKyXQMJKT2pv%2FkPYQ%2BTQa%2FpYtAGl3e8iuR55dZd8Lau1wpkocOBAUa%2FpQAB%2FTpoZsDImw82hIwEpQ2korJ7W3ImQR9bCd8SMxJkA%2B999Mv%2FXZ69WG9viTjSD3FJVN75iqS9Rt8jiJq5ubYQ02Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4f39dcb4bd8-BUF
expires: Wed, 17 Apr 2024 22:48:17 GMT

GET
H2 200 processing_12a30e4e9e5453779481.png
register.content-tab.co/ivtnc/assets/ 2 KB
3 KB 428ms
428ms Image
image/png 2606:4700:3036::6815:2be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/processing_12a30e4e9e5453779481.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a3e03bc753671fe56706e854a38bc7c1cb97e1cfa58f7608841688f99e7652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:17 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2457
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: "65eaea05-999"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSQ9dF2wtxk40hRELQ7DhpxH1B1a%2FLYutZwJzKrSndxfuw5V%2FSlW%2FUAJeVOPHffXjsCrKIGFZaE7ZmogAflI17PTzgALDshDgyXKee8Or%2B6DF%2F%2FNm8yw1dxrFCQjpBVp7HdwDKPhg0MiF0XK1YZ%2BvaCUioq28g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8668c4f3adcc4bd8-BUF
expires: Wed, 17 Apr 2024 22:48:17 GMT

GET
H2 200 secure-icons_357a714da615929cd342.png
register.content-tab.co/ivtnc/assets/ 6 KB
6 KB 452ms
452ms Image
image/png 2606:4700:3036::6815:2be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/secure-icons_357a714da615929cd342.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f7474500d78036ac53ad85298737c9bf7f8aa4052d3cc9b3463e4b29cb7757c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:17 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5723
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: "65eaea05-165b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yyXcyNRa8dCQY5ZAOm5v9tgX%2BcLZAcGXqqlMD36GuUcNt6aLSx5YWvOao4K70RrOawDDuZbr7GIIM%2BSucWr68%2Fl1zRS1%2Bi2LUKUiCuISofGiBJcfPp7Pa3UJorJ7dJhDchFu0ZiXmmZyVXnvv4RU4nfYb52dNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8668c4f3adce4bd8-BUF
expires: Wed, 17 Apr 2024 22:48:17 GMT

GET
H3 200 runtime.9552cc599bbd464fba55.js Show response
register.content-tab.co/ivtnc/assets/ 1 KB
1 KB 436ms
436ms Script
application/javascript 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://register.content-tab.co/ivtnc/assets/runtime.9552cc599bbd464fba55.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1162768d7067b4581c82f40bb924b854404e10d8447ff11e06e6184d34db47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-4e1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2BKYX84QbG0aAazWgFhCcMLt2YgUGivCBfvaeIQ%2BQfthhXW%2FriAN6o9klqywypgJIgnLxoX2ObMlEGTy9146Vl5uUFqTROGsPwkirZyG%2FNCnvqJEMnMA%2F4EiO3em4q20HO9HtYE72qxI8xx8CNzkx1OxV4gSbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4f45b124bbd-BUF
expires: Wed, 17 Apr 2024 22:48:17 GMT

GET
H3 200 app.47d4044e2abb443d5a04.js Show response
register.content-tab.co/ivtnc/assets/ 551 KB
155 KB 762ms
761ms Script
application/javascript 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d942371537fe539571a188ac1cf6154f8b98cbe05732ba35ecf38e852d858b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-89cdb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FU1eAATYBHIul5%2BOo1rxR8CQSieIhtzhG3X9cXOCvXkK7aQ2QV5wKxUbtGpUSN9XNlp03%2F5%2BUxjlYFBfUNXOX%2BO%2FO33SIoUZi7X57V7g6ySJIsd23wuksNMXSpFVabOGFMT4FLv6%2ByHRAt8buNGUdlaKstWksw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4f45b144bbd-BUF
expires: Wed, 17 Apr 2024 22:48:17 GMT

GET
H3 200 styles.76d67c9577845fb6f601.js Show response
register.content-tab.co/ivtnc/assets/ 130 B
601 B 446ms
446ms Script
application/javascript 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://register.content-tab.co/ivtnc/assets/styles.76d67c9577845fb6f601.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63032e2cf861454dd365954a8f803757482a1f25e4be19e0bed4310fee6b434e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-82"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNHlAWfv8oYp%2BwGjfl1TDqlFYq3RXefJObWl8EHKCVOYgPwNKBD2kGKaDeUkO5JwYlZ09SqQZN9oPhW65OOviiQLiMrnwmZIgR6ka%2Brp%2F1pZdoBcCaqlN7%2BKz916%2F%2FWYJVWALELzOf%2BU%2FkntksMKewAskjS4Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4f45b154bbd-BUF
expires: Wed, 17 Apr 2024 22:48:17 GMT

GET
H3 200 en_9144079d8c5e16ea330d.svg
register.content-tab.co/ivtnc/assets/ 2 KB
1 KB 185ms
185ms Image
image/svg+xml 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/en_9144079d8c5e16ea330d.svg

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6470a625493d3753c7b56322a8381dce1901fa788a22918784f4bfe0ce1aebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-7f7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6AUxji0NjvgR%2FLPuq0nAtDBnjO5NKF1qQB6rYb1i%2BKcfjmob3LPen8rbWyvmMcJHqcXx6It6SxeF7pw6gvgE3%2Bs9McnBePQwYb8nT3afJUwbo1hztAe8feJAhvJVWYoLZdal0fqhFd4D%2BjgUcz3sIjbw%2BzwrcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4fa3dd84bbd-BUF
expires: Wed, 17 Apr 2024 22:48:18 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 114ms
44ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.content-tab.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:19:47 GMT
x-content-type-options: nosniff
age: 368911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:19:47 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 133ms
67ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.content-tab.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:17:17 GMT
x-content-type-options: nosniff
age: 369061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:17:17 GMT

GET
H3 200 dOAheP.js Show response
register.content-tab.co/s/461369/ 400 KB
173 KB 773ms
773ms Script
text/javascript 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://register.content-tab.co/s/461369/dOAheP.js

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

991f75b3cf41bf5de565d7d0a756c32596dc68a963fccdc67046b119ed13e1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Origin: https://register.content-tab.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:19 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 18 Mar 2024 21:05:04 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-ratelimit-remaining: 39
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzR0KD8Cche3SynHSfOXD2OCmof9cCGKVcK3C0smt8ixj53bPzG8yPPnixoC7vNHCvofR5wLSOlPIDBw9aFVPyVZ6kapKz4RoRPagX%2BuaaX%2Fmd%2FQgrZPVUs9k511c%2BiSH8AXo17PSIkBiyhRWHlieqPdod3g4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300, public
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
cf-ray: 8668c4fa7df74bbd-BUF
x-frame-options: SAMEORIGIN
expires: Mon, 18 Mar 2024 22:26:33 GMT

GET
H2 200 info Show response
api.content-tab.co/ 836 B
753 B 470ms
381ms Fetch
application/json 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.content-tab.co/info

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1eeec36784203ca7113d2c0d23a6e95773c33864ca81440f3aeb2b93e563f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 505213e6e92b2ab8e8525e0bef2787b4
x-runtime: 0.033919
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d1eeec36784203ca7113d2c0d23a6e95"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://register.content-tab.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwCcJP4x0ekMIGMLieLQxZ%2FFuXeBLWk5RqQbRoeTxpimkbbVxjdfUBToO53zLUYx1TzbSYSjOD8uMmZ3BrsKnilt7uhezNK4Dt6fa%2B%2BPI6F6euoqfCEBLR6ZNzTwxwhUr7HdYVth%2B24UPnM5%2BeC9q9E%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
vary: Origin
cf-ray: 8668c4fb1bd44bd3-BUF
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Auth-Token,Access-token,Expiry,Token-type,Uid,Client,Accepts

GET
H2 200 info Show response
api.content-tab.co/ 836 B
1 KB 440ms
352ms Fetch
application/json 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.content-tab.co/info

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1eeec36784203ca7113d2c0d23a6e95773c33864ca81440f3aeb2b93e563f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1d6cc4d1c6667e2b4b3297e26dbc13d1
x-runtime: 0.032731
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d1eeec36784203ca7113d2c0d23a6e95"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://register.content-tab.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zG057uLvTB9D87YyvnnoGughWbWHjmZ3lExgsbMlzRbtZEbPCVscU0eTKUu%2BTt%2FIstQ8Ri7UPl5CbNm3nggDDzNfFjERvT4AgZ4vObb9jD%2FOIha3SivzYXTkC5FV%2BK%2F8Hg2EqPW1DEpScrF8fR9PslY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
vary: Origin
cf-ray: 8668c4fb1bd34bd3-BUF
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Auth-Token,Access-token,Expiry,Token-type,Uid,Client,Accepts

GET
H3 200 global-card-sprite_a4bb3434625742d5509c.png
register.content-tab.co/ivtnc/assets/ 7 KB
7 KB 427ms
427ms Image
image/png 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/global-card-sprite_a4bb3434625742d5509c.png

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05f0dfe440131bcca27f99a3f6f197077d3356db410da944d3c32272a6627a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6803
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: "65eaea05-1a93"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jafEmXt3%2FPz6mzOrevBjebgrCFJYMji7lZrXgP3L4PAcEN%2Bzg7bNZnnwu1s6HarCKovib85pusNwqlbf8AD%2FsItubkt1w9In6QMfPxIWvW9AmyIPdhSbcN4u9sp62XEyo%2FGqqiFWTRG2T7yynfLLGVSgklbAbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8668c4fa8e014bbd-BUF
expires: Wed, 17 Apr 2024 22:48:18 GMT

GET
H3 200 icon-cvv_808fac594ebc47450e8d.svg
register.content-tab.co/ivtnc/assets/ 2 KB
1 KB 391ms
391ms Image
image/svg+xml 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/icon-cvv_808fac594ebc47450e8d.svg

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

563678f1859deda144eca40a59f7c8ab2406c9bb5aff5b96a4880ee55ec01986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-656"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FHy7LwErlsG0uZG6VuRDAlX0V4wgLrtDW8%2F%2FtvKNCQ%2FWQ9KUQlSx5FdzXiJ%2FymTLJDdsnXyTJanbfgPeJaWQQpLqNGH67JYPtSD5zOFy1Xk3EGe146Fl3KlbRrGr1%2BJFDSPuLvi%2Bfw59rLQuZXeFGLswgydiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4fa8e024bbd-BUF
expires: Wed, 17 Apr 2024 22:48:18 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 57ms
34ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.content-tab.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:05:15 GMT
x-content-type-options: nosniff
age: 369783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:05:15 GMT

GET
H3 200 icon-check_a69ea14b879b51fa9996.svg
register.content-tab.co/ivtnc/assets/ 543 B
842 B 173ms
172ms Image
image/svg+xml 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/icon-check_a69ea14b879b51fa9996.svg

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e615588bab9e46bbd9126ca7c2536dc1c3bfb3983d7f76be57c6e5695b7e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-21f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W35106eRKxYIvwuAwXO5%2FMuxBYqPtm9z7EZEfuXLpgWSkWA2hqV%2BfY%2BALQ0KHpVLk2G1glBKlginzlewuJzJLtDt5eu0I4S7tJOjKivRa%2F0XHk58eH%2FH21uZiZNou4%2BRUAwH0GlUXBHcAtwzjg6jTgqBXw3Tbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4fa9e054bbd-BUF
expires: Wed, 17 Apr 2024 22:48:18 GMT

GET
H3 200 discover_7e71110ba05e01323569.svg
register.content-tab.co/ivtnc/assets/ 2 KB
1 KB 411ms
410ms Image
image/svg+xml 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/discover_7e71110ba05e01323569.svg

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de80d60af6eff734aa5d43172e1af14a0d9809752ce2f561b847b7c39f4e5b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-88b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2hvnjggeQPftVZFtGkAXJoPvlylZc1QXGaTuZWHrTgy76Ly%2FxkzNlvPIY%2BbA0ln8cS0qtmbeGo7wa8MsVM4BGeDCcUYc8vJpr6EwiwpxWphIgAnyOjQwaXZvAZAZripXxpS26gKewEVWqnciYKC0wstcEIBPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4fa9e064bbd-BUF
expires: Wed, 17 Apr 2024 22:48:18 GMT

GET
H3 200 visa_5ab18b907bd14cb6c1db.svg
register.content-tab.co/ivtnc/assets/ 992 B
1 KB 388ms
387ms Image
image/svg+xml 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/visa_5ab18b907bd14cb6c1db.svg

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bd171640fdcdd39c4fd6ab15b47ccae108bb162d7bd963715e1c1e46c6146c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-3e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OOHNtKLRb4F%2BUqD7X7u8ozqJjx2%2Blxs5%2F8DltVC9PkoLpolxS9jF5xK0UG2yJ195gDb1QdbRyZ7WyJuRhbRMJdlwD2K2cjSM0YB07CW6ZktH3zSnkNDuB0a71Idk1hV38nYd1XHrBf%2BvTUo3RhpryNoDev6kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4fa9e074bbd-BUF
expires: Wed, 17 Apr 2024 22:48:18 GMT

GET
H3 200 mastercard_8dd0badab01e8e9ad44c.svg
register.content-tab.co/ivtnc/assets/ 1 KB
1 KB 391ms
390ms Image
image/svg+xml 2606:4700:3035::ac43:8192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://register.content-tab.co/ivtnc/assets/mastercard_8dd0badab01e8e9ad44c.svg

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8192 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142529ca50458939a5ec6b6919700cca705ac497c4ee653239e22b8b2bfb1c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/ivtnc/assets/styles.e1148caa7d4ca72e569d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 10:35:49 GMT
server: cloudflare
etag: W/"65eaea05-40b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSYuNqTqeiqZcFHGuYpuLYS8BurzqbaaxDoVh%2FyF9GHZCEgY2a9l2pdUqJJzRyV0ZBGvPc%2BkBM4OdZ7PCbXbNkYRbn0V8D9JKSwMqWhPyi3PPM%2BDJZin8hBSvmK5I%2BqJUEf2KhUkUe5FlYAGN4o2ZG2CR6%2FDGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8668c4fa9e084bbd-BUF
expires: Wed, 17 Apr 2024 22:48:18 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 57ms
38ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.content-tab.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:22:31 GMT
x-content-type-options: nosniff
age: 368747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:22:31 GMT

POST
H2 200 frqYifeYSVz Show response
vw7r8nm3.xfgoozmrek.com/x2/461369/5df34b85334e43cdbaa0c7843131eb82/ 130 B
619 B 354ms
128ms XHR
application/json 54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vw7r8nm3.xfgoozmrek.com/x2/461369/5df34b85334e43cdbaa0c7843131eb82/frqYifeYSVz

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-164-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

86cc510641251e287f9a66765dbfc78870f319714ae3dcba3a9765296fb35905

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://register.content-tab.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Mar 2024 22:48:19 GMT
x-content-type-options: nosniff
x-ratelimit-remaining: 39
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1, 150;w=60
content-length: 130

GET
H2 200 sdk.js Show response
push-sdk.com/f/ 52 KB
15 KB 366ms
121ms Script
application/javascript 23.88.8.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://push-sdk.com/f/sdk.js?z=780155
Requested by: Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.8.123 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu7.1push.io
Software: Angie /
Resource Hash: 00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:19 GMT
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
server: Angie
content-length: 14884
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

POST
H2 200 pVkeGn.js Show response
vw7r8nm3.xfgoozmrek.com/x2/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/ 0
24 B 351ms
139ms XHR
text/html 54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/x2/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/pVkeGn.js
Requested by: Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:19 GMT
x-ratelimit-remaining: 38
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

GET
H2

200

jkDfy
vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/
Redirect Chain

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

0
0

108ms
106ms

Fetch
text/html

54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
Protocol: H2
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:19 GMT
x-ratelimit-remaining: 38
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

Redirect headers

date: Mon, 18 Mar 2024 22:48:19 GMT
x-ratelimit-remaining: 37
content-type: text/html; charset=UTF-8
location: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 218

OPTIONS
H2 200 4.png
vw7r8nm3.xfgoozmrek.com/ Frame 0
0 110ms
106ms Preflight
text/html 54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/4.png?merchant_number=461369
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cake,request-id
Access-Control-Request-Method: GET
Origin: https://register.content-tab.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Request-Id, X-Retry, Cake, CCookie
access-control-allow-methods: GET
access-control-allow-origin: https://register.content-tab.co
access-control-expose-headers: ETag
access-control-max-age: 1
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 22:48:19 GMT
x-ratelimit-limit: 40, 40;w=1
x-ratelimit-remaining: 39
x-ratelimit-reset: 1

GET
H2 200 4.png Show response
vw7r8nm3.xfgoozmrek.com/ 69 B
243 B 109ms
108ms XHR
image/png 54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/4.png?merchant_number=461369
Requested by: Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 28be8721060203ff30aeb37574a42e670fa3b285d2a51cf39f50e88f95b9427f

Request headers

Referer: https://register.content-tab.co/
Request-Id: 3a04ce20-62cd-4c6d-a128-c1253ad7c55e
Cake: PBqpiHwCNHJNeJlH-_8yLM6PQBipMvYKtivzlgWSrZlPMZqZaHt-nJpkSKImmo2WonnO1POv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

date: Mon, 18 Mar 2024 22:48:19 GMT
last-modified: Thu, 14 Mar 2024 20:37:40 GMT
etag: "PBqpiHwCNHJNeJlH-_8yLM6PQBipMvYKtivzlgWSrZlPMZqZaHt-nJpkSKImmo2WonnO1POv"
x-ratelimit-remaining: 37
content-type: image/png
access-control-allow-origin: https://register.content-tab.co
cache-control: must-revalidate, no-cache, private, proxy-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 69

GET logo
/ 0
0

GET aboutRobots-icon.png
browser/content/ 0
0

GET
H2

403

identifier
accounts.google.com/v3/signin/ Frame 310C
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLbSnrWsfaQ8ttjEQ4n6glp8hrv_4U_UDk7D5lJiBYQYjBrqihUjJz-LUo...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIM33rnMhPE3pHyzej98p-R2Y-brBQzZ1SSuOsx3Eb-siasEmvg0ott96v_3-0-cGrQEnLWbA&passiv...

0
0

62ms
62ms

Image
text/html

2607:f8b0:4004:c1b::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIM33rnMhPE3pHyzej98p-R2Y-brBQzZ1SSuOsx3Eb-siasEmvg0ott96v_3-0-cGrQEnLWbA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S872457903%3A1710802100403809&theme=mn&ddm=0
Protocol: H2
Server: 2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date: Mon, 18 Mar 2024 22:48:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6J717-zu8gcXV2sHXgd7pg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 424
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIM33rnMhPE3pHyzej98p-R2Y-brBQzZ1SSuOsx3Eb-siasEmvg0ott96v_3-0-cGrQEnLWbA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S872457903%3A1710802100403809&theme=mn&ddm=0
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 470 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 328ae6149b8c65f0f7bb4afbc5cee51db44e332d8d4b8ca1619831f254efd836

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ccabda29f984535d3131503b63a1083b9edc175bcf8dba2c485501faf061c1f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 55 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4059d455ee5dd993a464a79c2179601b0bc48d2e3549720da45fd7452f4fc88b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK c6b2c985-9f14-4330-b516-46d1061739e5
https://register.content-tab.co/ 291 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://register.content-tab.co/c6b2c985-9f14-4330-b516-46d1061739e5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a0267cf8052e4e3b35c8a77d323e0707b7d9a6c9353f68a8c669df51b5b79d6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 291
Content-Type: text/javascript

POST
H2 200 event
push-sdk.com/ 0
532 B 118ms
117ms Ping
text/plain 23.88.8.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://push-sdk.com/event?z=780155
Requested by: Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=780155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.8.123 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu7.1push.io
Software: Angie /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://register.content-tab.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 22:48:20 GMT
server: Angie
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://register.content-tab.co
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length: 0
expires: Tue, 11 Jan 1994 00:00:00 GMT

GET
H2

200

jkDfy
vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/
Redirect Chain

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

0
0

108ms
107ms

Fetch
text/html

54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
Protocol: H2
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:19 GMT
x-ratelimit-remaining: 35
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

Redirect headers

date: Mon, 18 Mar 2024 22:48:19 GMT
x-ratelimit-remaining: 36
content-type: text/html; charset=UTF-8
location: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 218

OPTIONS
H2 204 sync
uidsync.net/ Frame 0
0 351ms
114ms Preflight 178.63.248.57
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=2qj1m663C8Q5103TLpUSFE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub6.1push.io
Software: Angie /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://register.content-tab.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://register.content-tab.co
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date: Mon, 18 Mar 2024 22:48:20 GMT
expires: Tue, 11 Jan 1994 00:00:00 GMT
pragma: no-cache
server: Angie

GET
H2 200 sync Show response
uidsync.net/ 62 B
713 B 340ms
113ms Fetch
application/json 178.63.248.57
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=2qj1m663C8Q5103TLpUSFE
Requested by: Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub6.1push.io
Software: Angie /
Resource Hash: fdddd2eee95f782f6146da7158b64d09a82b63f8f2b694443d6f6dfc7b09edd1

Request headers

Referer: https://register.content-tab.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 22:48:20 GMT
server: Angie
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://register.content-tab.co
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length: 62
expires: Tue, 11 Jan 1994 00:00:00 GMT

GET
H2

200

jkDfy
vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/
Redirect Chain

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

0
0

112ms
112ms

Fetch
text/html

54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
Protocol: H2
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 33
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

Redirect headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 34
content-type: text/html; charset=UTF-8
location: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 218

GET
H2

200

jkDfy
vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/
Redirect Chain

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

0
0

106ms
105ms

Fetch
text/html

54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
Protocol: H2
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 31
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

Redirect headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 32
content-type: text/html; charset=UTF-8
location: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 218

GET
H2

200

jkDfy
vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/
Redirect Chain

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

0
0

106ms
106ms

Fetch
text/html

54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
Protocol: H2
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 37
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

Redirect headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 39
content-type: text/html; charset=UTF-8
location: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 218

POST
H2 200 jEwNes Show response
vw7r8nm3.xfgoozmrek.com/461369/5df34b85334e43cdbaa0c7843131eb82/ 72 B
433 B 263ms
263ms XHR
text/plain 54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vw7r8nm3.xfgoozmrek.com/461369/5df34b85334e43cdbaa0c7843131eb82/jEwNes

Requested by

Host: register.content-tab.co
URL: https://register.content-tab.co/ivtnc/assets/app.47d4044e2abb443d5a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-164-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f9357e81d6a1526432063bb5a064a8f2334ab500d090539ea05aa408bd26c65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-retry: 0
Referer: https://register.content-tab.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/octet-stream

Response headers

date: Mon, 18 Mar 2024 22:48:21 GMT
x-content-type-options: nosniff
x-ratelimit-remaining: 35
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 72

OPTIONS
H2 200 jEwNes
vw7r8nm3.xfgoozmrek.com/461369/5df34b85334e43cdbaa0c7843131eb82/ Frame 0
0 117ms
116ms Preflight
text/html 54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/5df34b85334e43cdbaa0c7843131eb82/jEwNes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-retry
Access-Control-Request-Method: POST
Origin: https://register.content-tab.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, X-Retry
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://register.content-tab.co
access-control-max-age: 1728000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-limit: 40, 40;w=1
x-ratelimit-remaining: 38
x-ratelimit-reset: 1

GET
H2

200

jkDfy
vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/
Redirect Chain

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

0
0

107ms
107ms

Fetch
text/html

54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
Protocol: H2
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 34
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

Redirect headers

date: Mon, 18 Mar 2024 22:48:20 GMT
x-ratelimit-remaining: 36
content-type: text/html; charset=UTF-8
location: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 218

GET
H2

200

jkDfy
vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/
Redirect Chain

https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jDjSu
https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy

0
0

110ms
110ms

Fetch
text/html

54.75.164.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
Protocol: H2
Server: 54.75.164.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-164-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://register.content-tab.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:48:21 GMT
x-ratelimit-remaining: 32
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 0

Redirect headers

date: Mon, 18 Mar 2024 22:48:21 GMT
x-ratelimit-remaining: 33
content-type: text/html; charset=UTF-8
location: https://vw7r8nm3.xfgoozmrek.com/461369/3a04ce20-62cd-4c6d-a128-c1253ad7c55e/jkDfy
access-control-allow-origin: https://register.content-tab.co
access-control-allow-credentials: true
x-ratelimit-reset: 1
x-ratelimit-limit: 40, 40;w=1
content-length: 218

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: logo
URL: about:logo

Domain: browser
URL: chrome://browser/content/aboutRobots-icon.png

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.lpdreamforge.com/	1970-01-20 19:14:48	Name: uniqueClick_PZJSZ1S Value: 793f6a86-83b2-4477-aa5a-9d51d2b65fc9:1710802095
www.lpdreamforge.com/	1970-01-20 21:22:58	Name: transaction_id Value: 3c2f96234a7f4770884d90472da41fda
router.content-tab.co/	1969-12-31 23:59:59	Name: air3_site_cookie Value: 67634805b72887cef8fc41f7aa020a8e22ce58f2gAWVRAAAAAAAAACMQDA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGOULg==
register.content-tab.co/	1969-12-31 23:59:59	Name: session_id Value: 0c07fac2d40d4c31b2913ebd81c9c83e
vw7r8nm3.xfgoozmrek.com/	1970-01-21 04:49:22	Name: jzAt7mM5bLjGfsXv Value: PBqpiHwCNHJNeJlH-_8yLM6PQBipMvYKtivzlgWSrZlPMZqZaHt-nJpkSKImmo2WonnO1POv
uidsync.net/	1970-01-21 03:58:58	Name: rauid Value: 2qj1m663C8Q5103TLpUSFE

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ== Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://register.content-tab.co/s/461369/dOAheP.js(Line 379) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript	error	URL: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ== Message: Not allowed to load local resource: chrome://browser/content/aboutRobots-icon.png
network	error	URL: about:logo Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIM33rnMhPE3pHyzej98p-R2Y-brBQzZ1SSuOsx3Eb-siasEmvg0ott96v_3-0-cGrQEnLWbA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S872457903%3A1710802100403809&theme=mn&ddm=0 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ== Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ== Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://register.content-tab.co/ivtnc/en/?aid=PBjpYMxVe1frez5ea&var4=agn_312&hobj=eyJoc2lkIjogIjA3Yzc4ZmMxMThlN2VlOGNmNzEwNTFhMzExNDQ1MGVlNjQ0ZDgyZWI3NjQ5NGZlNDNmZGJjODk3OTVlN2JhOGMiLCAiX19sb2NhdGlvbmNvZGUiOiAiVVMiLCAicHJpY2luZyI6IHsibmFtZSI6ICJ1czQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIlVTRCIsICJjdXJyZW5jeV9zeW1ib2wiOiAiJCIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSAkIiwgImRpc3BsYXlfdl9wcmljZSI6ICIxICQiLCAidl9wcmljZSI6ICIxIn0sICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY28iLCAic3ViX2lkIjogIjY0IiwgIndpdGhfYXZzIjogdHJ1ZSwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24ifQ== Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.content-tab.co
browser
fonts.googleapis.com
fonts.gstatic.com
logo
push-sdk.com
register.content-tab.co
router.content-tab.co
router.onthego.lol
uidsync.net
vw7r8nm3.xfgoozmrek.com
www.lpdreamforge.com
browser
logo
178.63.248.57
23.88.8.123
2606:4700:3035::ac43:8192
2606:4700:3036::6815:2be
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::54
34.117.79.165
34.251.100.56
54.75.164.45
00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5
05f0dfe440131bcca27f99a3f6f197077d3356db410da944d3c32272a6627a30
0de80d60af6eff734aa5d43172e1af14a0d9809752ce2f561b847b7c39f4e5b2
142529ca50458939a5ec6b6919700cca705ac497c4ee653239e22b8b2bfb1c5a
1d59bbd420294d992c5ee1a611bd8e65004b277bc683b44becfd350cfbccb703
28be8721060203ff30aeb37574a42e670fa3b285d2a51cf39f50e88f95b9427f
328ae6149b8c65f0f7bb4afbc5cee51db44e332d8d4b8ca1619831f254efd836
4059d455ee5dd993a464a79c2179601b0bc48d2e3549720da45fd7452f4fc88b
42e615588bab9e46bbd9126ca7c2536dc1c3bfb3983d7f76be57c6e5695b7e14
48943afecc65c2c01263b1c7f2ee967efa9a3cce73f0a3241089c4a1be2f1764
563678f1859deda144eca40a59f7c8ab2406c9bb5aff5b96a4880ee55ec01986
5ccabda29f984535d3131503b63a1083b9edc175bcf8dba2c485501faf061c1f
63032e2cf861454dd365954a8f803757482a1f25e4be19e0bed4310fee6b434e
64bd171640fdcdd39c4fd6ab15b47ccae108bb162d7bd963715e1c1e46c6146c
6a0267cf8052e4e3b35c8a77d323e0707b7d9a6c9353f68a8c669df51b5b79d6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
86cc510641251e287f9a66765dbfc78870f319714ae3dcba3a9765296fb35905
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
991f75b3cf41bf5de565d7d0a756c32596dc68a963fccdc67046b119ed13e1b8
99a3e03bc753671fe56706e854a38bc7c1cb97e1cfa58f7608841688f99e7652
9f7474500d78036ac53ad85298737c9bf7f8aa4052d3cc9b3463e4b29cb7757c
c6470a625493d3753c7b56322a8381dce1901fa788a22918784f4bfe0ce1aebe
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1eeec36784203ca7113d2c0d23a6e95773c33864ca81440f3aeb2b93e563f51
d2fb31b13937b4f1209e343fcc2367beef1d09ad819c1131ddc5d49fbcfe9278
d942371537fe539571a188ac1cf6154f8b98cbe05732ba35ecf38e852d858b21
e1162768d7067b4581c82f40bb924b854404e10d8447ff11e06e6184d34db47d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f9357e81d6a1526432063bb5a064a8f2334ab500d090539ea05aa408bd26c65d
fdddd2eee95f782f6146da7158b64d09a82b63f8f2b694443d6f6dfc7b09edd1

register.content-tab.co Open in urlscan Pro 2606:4700:3036::6815:2be Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

74 %HTTPS

50 %IPv6

10 Domains

13 Subdomains

9 IPs

3 Countries

431 kBTransfer

1274 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

register.content-tab.co Open in urlscan Pro
2606:4700:3036::6815:2be Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

74 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

431 kB
Transfer

1274 kB
Size

6
Cookies

43 HTTP transactions
3 data transactions