urlscan.io logo urlscan.io
SecurityTrails logo

register.content-tab.com Open in urlscan Pro
172.67.172.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fbmedia-bls.com/get?cid=2925&kw=Murach%27s+PHP+and+MySQL+%283rd+Edition%29
Effective URL: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1...
Submission: On September 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 15 HTTP transactions. The main IP is 172.67.172.123, located in United States and belongs to CLOUDFLARENET, US. The main domain is register.content-tab.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time register.content-tab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37.9.175.18 51013 (WEBSUPPOR...)
1 1 35.157.74.22 16509 (AMAZON-02)
1 9 172.67.172.123 13335 (CLOUDFLAR...)
1 142.250.74.42 15169 (GOOGLE)
2 142.250.74.67 15169 (GOOGLE)
3 104.21.58.102 13335 (CLOUDFLAR...)
15 6
1    37.9.175.18 (Slovakia)

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)
PTR: 18.175.9.37.in-addr.arpa.websupport.sk
fbmedia-bls.com
1    35.157.74.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com
router.allure-ng.net
9    172.67.172.123 (United States)

ASN13335 (CLOUDFLARENET, US)
router.content-tab.com
register.content-tab.com
api.content-tab.com
1    142.250.74.42 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f10.1e100.net
fonts.googleapis.com
2    142.250.74.67 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f3.1e100.net
fonts.gstatic.com
3    104.21.58.102 (None, )

ASN13335 (CLOUDFLARENET, US)
pushcampaign.club
Domain Requested by
7 register.content-tab.com register.content-tab.com
3 pushcampaign.club register.content-tab.com
2 fonts.gstatic.com fonts.googleapis.com
1 api.content-tab.com register.content-tab.com
1 fonts.googleapis.com register.content-tab.com
1 router.content-tab.com 1 redirects
1 router.allure-ng.net 1 redirects
1 fbmedia-bls.com
15 8

This site contains links to these domains. Also see Links.

Domain
content-tab.com
Subject Issuer Validity Valid
fbmedia-bls.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.pushcampaign.club
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Frame ID: 241F61161C2DD36830F293ECF33FBED4
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Content-Tab - Murach's PHP and MySQL (3rd Edition)

Page URL History Show full URLs

  1. https://fbmedia-bls.com/get?cid=2925&kw=Murach%27s+PHP+and+MySQL+%283rd+Edition%29 Page URL
  2. https://router.allure-ng.net/click/k5/mE7bko?sub_id=2925&click_id=1ec11f86cd3d6c0e8f50ebf946a8bfc4&m=Mura... HTTP 303
    https://router.content-tab.com/?lp=qitnc&skin=1&sidng=X3BA3gBjd9lXAJO4jn64BlQnH9&aid=mE7bko&PCTX=1ec11f86cd... HTTP 302
    https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIx... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

4
Countries

481 kB
Transfer

1265 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fbmedia-bls.com/get?cid=2925&kw=Murach%27s+PHP+and+MySQL+%283rd+Edition%29 Page URL
  2. https://router.allure-ng.net/click/k5/mE7bko?sub_id=2925&click_id=1ec11f86cd3d6c0e8f50ebf946a8bfc4&m=Murach%27s+PHP+and+MySQL+%283rd+Edition%29&var1=1887 HTTP 303
    https://router.content-tab.com/?lp=qitnc&skin=1&sidng=X3BA3gBjd9lXAJO4jn64BlQnH9&aid=mE7bko&PCTX=1ec11f86cd3d6c0e8f50ebf946a8bfc4&var3=2925&var4=agn_14&sub_id=2925&click_id=1ec11f86cd3d6c0e8f50ebf946a8bfc4&m=Murach%27s+PHP+and+MySQL+%283rd+Edition%29&var1=1887 HTTP 302
    https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
get
fbmedia-bls.com/ 		292 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbmedia-bls.com/get?cid=2925&kw=Murach%27s+PHP+and+MySQL+%283rd+Edition%29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.175.18 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
18.175.9.37.in-addr.arpa.websupport.sk
Software
openresty /
Resource Hash
960d9d3266d06ece3753b83e6eb0884ecc7aa8b11ff937cd8f50f207af688446
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

:method
GET
:authority
fbmedia-bls.com
:scheme
https
:path
/get?cid=2925&kw=Murach%27s+PHP+and+MySQL+%283rd+Edition%29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty
date
Fri, 10 Sep 2021 05:32:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
cache-control
public max-age=0, must-revalidate, private
etag
"app_storage=67c9460f382e437cb841fb5f55e156e5,92b32ea0873a8faa90e5f127e9fa6442=e94d0c45447cab94b2a679521d5fb2bb0387601bf50cb1216e43c85b5bee8bdc-gzip"
expires
Fri, 10 Sep 2021 05:32:01 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
x-frame-options
SAMEORIGIN, SAMEORIGIN
set-cookie
app_storage=67c9460f382e437cb841fb5f55e156e5; expires=Mon, 08-Sep-2031 05:32:01 GMT; Max-Age=315360000; path=/; secure; httponly 92b32ea0873a8faa90e5f127e9fa6442=e94d0c45447cab94b2a679521d5fb2bb0387601bf50cb1216e43c85b5bee8bdc; expires=Mon, 13-Sep-2021 05:32:01 GMT; Max-Age=259200; path=/; secure; httponly app_storage=67c9460f382e437cb841fb5f55e156e5; expires=Mon, 08-Sep-2031 05:32:01 GMT; Max-Age=315360000; path=/; secure; httponly 92b32ea0873a8faa90e5f127e9fa6442=e94d0c45447cab94b2a679521d5fb2bb0387601bf50cb1216e43c85b5bee8bdc; expires=Mon, 13-Sep-2021 05:32:01 GMT; Max-Age=259200; path=/; secure; httponly
Primary Request /
register.content-tab.com/qitnc/de/
Redirect Chain
  • https://router.allure-ng.net/click/k5/mE7bko?sub_id=2925&click_id=1ec11f86cd3d6c0e8f50ebf946a8bfc4&m=Murach%27s+PHP+and+MySQL+%283rd+Edition%29&var1=1887
  • https://router.content-tab.com/?lp=qitnc&skin=1&sidng=X3BA3gBjd9lXAJO4jn64BlQnH9&aid=mE7bko&PCTX=1ec11f86cd3d6c0e8f50ebf946a8bfc4&var3=2925&var4=agn_14&sub_id=2925&click_id=1ec11f86cd3d6c0e8f50ebf9...
  • https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlv...
48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42525983694ab81db404f9b9866c4d3c5546c69966577a28878a8efea8ce50b0

Request headers

:method
GET
:authority
register.content-tab.com
:scheme
https
:path
/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://fbmedia-bls.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fbmedia-bls.com/get?cid=2925&kw=Murach%27s+PHP+and+MySQL+%283rd+Edition%29

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-type
text/html
last-modified
Fri, 23 Jul 2021 06:54:14 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FSH2SLdLXPkVQs2QbccKipTTTEKuO7JglyYP9RF6LGdN1jZp%2BqCVwVchkQh1MruszjAnJaENwtMiOw450uFBnWNXKd0zeZ%2F2h3heIx6bMNe0gZKJc7OH6JCuePhlGeBOUVOALb5qDvB%2FhA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c646019a9fedd3-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-type
text/html; charset=UTF-8
location
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
set-cookie
airlex3_site_cookie=6a6f915446efa36a14b33e3c37febdcdaa965316gAWVRAAAAAAAAACMQGFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDSULg==; Path=/; HttpOnly
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpHUyxerncy8KK5E9uXELwsUgX6c8A2EDfWKLfA3b3RhFuOUDclYczaAyptVxLruomuUFUp%2BmazTvEp59Dom%2BbI3ev8TUkt1kY1Yu6dmlhzAOjsY%2FKdbP%2F4pA9cwj9ifiFXK2hnTeKbB"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c64600999dedd3-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,latin-ext
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f10.1e100.net
Software
ESF /
Resource Hash
b270599ccaea2dd51759fabba80d2470cb37403b8e6ceab6819b535867b31cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 05:08:11 GMT
server
ESF
date
Fri, 10 Sep 2021 05:32:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 05:32:02 GMT
styles.595c81dd47438eff2b3c.css
register.content-tab.com/qitnc/assets/ 		113 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://register.content-tab.com/qitnc/assets/styles.595c81dd47438eff2b3c.css
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b46e78df5323a64aea5d96410edf49d856aaab3aca21f8400cd581fb86bff50

Request headers

:path
/qitnc/assets/styles.595c81dd47438eff2b3c.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
register.content-tab.com
referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1633819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 23 Jul 2021 06:47:15 GMT
server
cloudflare
etag
W/"60fa65f3-1c56e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fiWAWxHPHjdrw5wXYC8YDkLqSfs2%2FR9wrn03si49aDFTjQGYmCLUTlj%2FylVR%2Fczvnb7K%2FCIXiQuwWfgk1T0Ht2Po8wxjeyKj3Z4eXy4SgWiN4WNyS1mCDd5HB21km95nt4SND7ybDhMukE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
68c64602fc15edd3-CDG
expires
Tue, 21 Sep 2021 07:41:43 GMT
runtime.595c81dd47438eff2b3c.js
register.content-tab.com/qitnc/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register.content-tab.com/qitnc/assets/runtime.595c81dd47438eff2b3c.js
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ab705b3347cd8471bb3412dc2a897f520c53b0ed6c5cebaf4759d41574ba23

Request headers

:path
/qitnc/assets/runtime.595c81dd47438eff2b3c.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
register.content-tab.com
referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1633819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 23 Jul 2021 06:47:15 GMT
server
cloudflare
etag
W/"60fa65f3-5d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZeiJrO5rrvV0OL00AtwLxCnDJRLYjra7B4SOwfD883C%2Fqu%2FNLeTnuyVjwcywaUrdw1uQ3sBcUhttCHS22s6RLscTk8dNe3w4TYMkpn3SCj7IxlTG3U%2F1pCjYIhkc%2FHMc787z7MI0b0LoIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
68c64602fc16edd3-CDG
expires
Tue, 21 Sep 2021 07:41:43 GMT
app.595c81dd47438eff2b3c.js
register.content-tab.com/qitnc/assets/ 		664 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register.content-tab.com/qitnc/assets/app.595c81dd47438eff2b3c.js
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeca033024d642b6d8f0b2d0740b9e465eaa1c0daf73d34ff8e28653d0696e5c

Request headers

:path
/qitnc/assets/app.595c81dd47438eff2b3c.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
register.content-tab.com
referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1633819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 23 Jul 2021 06:47:15 GMT
server
cloudflare
etag
W/"60fa65f3-a5e23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqPjw4jXZyw4mvy%2FqlontUI38rKiPb8DMRgOLRlNigxqjYQLdSWX%2BbDN%2FO4r%2BDmuG4Gc3ndC5oG7Ssjk95f5IjyIW8%2ByY%2Bri%2FjKzDdoZsFwCn8sD%2FMm7Gef0Ei9zFnkoTnzJ%2FKJfC4h6di8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
68c64602fc17edd3-CDG
expires
Tue, 21 Sep 2021 07:41:43 GMT
styles.595c81dd47438eff2b3c.js
register.content-tab.com/qitnc/assets/ 		96 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://register.content-tab.com/qitnc/assets/styles.595c81dd47438eff2b3c.js
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51376dd736982d71b55831ea400c85e546fd533d41924f6939b66a941bdc7505

Request headers

:path
/qitnc/assets/styles.595c81dd47438eff2b3c.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
register.content-tab.com
referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1633819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 23 Jul 2021 06:47:15 GMT
server
cloudflare
etag
W/"60fa65f3-60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6qxanKPP7MeQ8hwL71oi%2B5RTUX6xR8NJqBYVibdTgU1HL0vfGQB2scjNbEVqyvO6286glsVIkTGtwuuDhXvNwfc1Jzx1d02%2BuuItOikS3PXZLUAFdd9QnMY%2B7ErU%2FxNBQJnzGXfK24HjlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
68c64602fc18edd3-CDG
expires
Tue, 21 Sep 2021 07:41:43 GMT
truncated
/ 		487 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d34350fb776d328ec1870d49d0dca894d0852be6eac19690dc66d9a49f527be7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1b9bf1cfdc1147cb1ac2acf4387767dd440cdc75eafcffa041f9c78abcdf0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df8e839c668a58e6898f6bc2490f7d4e68a64971b115bd79af0351327c54eb6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		967 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b876322eefcdf42b4aa31e4572118663fc18be61cb5e4cd7c140fe3c27cd93d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
flags-sprite-2-5d968a11866512c7a9fd685c3bb93045.png
register.content-tab.com/qitnc/assets/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://register.content-tab.com/qitnc/assets/flags-sprite-2-5d968a11866512c7a9fd685c3bb93045.png
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/assets/styles.595c81dd47438eff2b3c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81dca806b4449826c703223f7d84cd7c9c62852633e5bedcb3baf0e49d68b65

Request headers

:path
/qitnc/assets/flags-sprite-2-5d968a11866512c7a9fd685c3bb93045.png
pragma
no-cache
cookie
session_id=44d445fcbda94da9af7df2f99ab45012
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
register.content-tab.com
referer
https://register.content-tab.com/qitnc/assets/styles.595c81dd47438eff2b3c.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/qitnc/assets/styles.595c81dd47438eff2b3c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1975598
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19210
last-modified
Fri, 23 Jul 2021 06:47:15 GMT
server
cloudflare
etag
"60fa65f3-4b0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zewwJc5u0sd9sZ8J37qUsZBivhtkxhq3mvqzV4AHg0p8EIohNr3VQQy0jqpC83jE11wwPc18STv5AcQ12evSP5IKLtZOO8%2F5WMLDZ3psiCdSUCKDLKxtrUkFqxwd3qrtxmlHaF%2BO37%2BV%2Fy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68c646047bb86936-CDG
expires
Fri, 17 Sep 2021 08:45:24 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v14/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://register.content-tab.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 06:59:12 GMT
x-content-type-options
nosniff
age
513170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 21:27:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 06:59:12 GMT
ace-push.js
pushcampaign.club/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushcampaign.club/ace-push.js
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/assets/app.595c81dd47438eff2b3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.58.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd750f81cc17e62b41b74abfaba8f73350c7a73f925dac6a578b9d08e666512

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6828
cf-polished
origSize=11844
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 23 Aug 2021 15:38:46 GMT
server
cloudflare
etag
W/"1d79834f5c8a944"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6%2BxGhGoIQacdXg%2BAcyK3HOS5JDxqjinXOsj%2B5IYUPWkvfJeLjGfRruBlzOJ995W%2BL54frASZPwKV9OtgQXDN%2FSGooY2w8fUHqcttvqubax0JApZ2B%2FpPDbbHe%2FW%2F2JEgFk6tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
68c646050e32ee0b-CDG
cf-bgj
minify
dOAheP.js
register.content-tab.com/s/461369/ 		369 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register.content-tab.com/s/461369/dOAheP.js
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/assets/app.595c81dd47438eff2b3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127cb9b36cad13b61b0b8d12992175af5a252b20abf9d69c5a4049a433f415a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://register.content-tab.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
script
cookie
session_id=44d445fcbda94da9af7df2f99ab45012
:path
/s/461369/dOAheP.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
register.content-tab.com
referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Origin
https://register.content-tab.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
291
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 Sep 2021 05:27:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tWhzQ8weR1N0nHIs4H5B%2FptoLJvW7fDApPz1UiXFvYPiCbjSS3OHpnvxPr5MKqzh5KJdYW3xrNHd06yRvC2rYm4zG4CEtxPSSn%2BUBngw0c8Y6gg5hTWn0GU5gqgFF27KfECtlUgCB2mNBU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://register.content-tab.com
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
68c646049bc36936-CDG
expires
Fri, 10 Sep 2021 05:19:18 GMT
info
api.content-tab.com/ 		914 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.content-tab.com/info
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/assets/app.595c81dd47438eff2b3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb8d5569b353f6c4bef5c6bd4b357afa87cc4831823361480ca60c2346d2713
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://register.content-tab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:32:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
cf-ray
68c646050b903acb-CDG
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block
x-request-id
5cbc13000925e22e435cb16e3f80d0d3
x-runtime
0.100723
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"dfb8d5569b353f6c4bef5c6bd4b357af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzBXxKIqNNmcm7XRaumNHgTib6cluXqMHGYlkx1JMLeLzF2XvvWQb9UQJ3378XS0XMxwgbxvXAMYZmW23d3kmGH5AMsmW0JwbtP19CC7KeuyUBBBnJ8FaSy5nhwRKrtjxUDNx168"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
https://register.content-tab.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Auth-Token,Access-token,Expiry,Token-type,Uid,Client,Accepts
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v14/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://register.content-tab.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 12:44:21 GMT
x-content-type-options
nosniff
age
406061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 21:25:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 12:44:21 GMT
visit
pushcampaign.club/api/v1/ 		476 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushcampaign.club/api/v1/visit
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/assets/app.595c81dd47438eff2b3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fcb3affaebb00dc8b78409592954bbcbe07068a037d3e711b7ce76306128441

Request headers

Referer
https://register.content-tab.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary5Bxb0gPpCleGjkRb

Response headers

date
Fri, 10 Sep 2021 05:32:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP4147rMF8pkEMjvGpI941OSFXiC3q%2BO9PWWqkUSoqXZKc8mwmBfqVKfDZ6nts7WOQRGHk5Ul0Eb%2FavDvEg5A98U98cZ59S%2FIKgbVrSmHIKwBJshyW11iFoOh7TDT6UnYzwvOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
68c6460619013bb6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
log-client-error
pushcampaign.club/api/v1/visit/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushcampaign.club/api/v1/visit/log-client-error
Requested by
Host: register.content-tab.com
URL: https://register.content-tab.com/qitnc/assets/app.595c81dd47438eff2b3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://register.content-tab.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary49LTvfhLgms0sWUI

Response headers

date
Fri, 10 Sep 2021 05:32:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVDX5TQQfzAqSj7tlSCHZqCyIvYES6at2%2FPjlUQmQjycnePihL5TWRFtkXVX4ux2BsSbokzVg6LE4WiazsdviHXTqxAlBwwCNSElehlvGZIf0iN41sxjuKR5pQK3OWiznrj9yw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
68c646082c733bb6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| languageOptions object| config object| errorCodes object| notifications object| webpackJsonp function| jQuery function| $ object| AOS object| slick object| Landify function| _ boolean| __MOCKS__ object| dftp function| L1E function| N0AA function| k0II function| F4cc function| S4rr function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker function| createSubscriber

4 Cookies

Domain/Path Name / Value
fbmedia-bls.com/ Name: app_storage
Value: 67c9460f382e437cb841fb5f55e156e5
fbmedia-bls.com/ Name: 92b32ea0873a8faa90e5f127e9fa6442
Value: e94d0c45447cab94b2a679521d5fb2bb0387601bf50cb1216e43c85b5bee8bdc
router.content-tab.com/ Name: airlex3_site_cookie
Value: 6a6f915446efa36a14b33e3c37febdcdaa965316gAWVRAAAAAAAAACMQGFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDSULg==
register.content-tab.com/ Name: session_id
Value: 44d445fcbda94da9af7df2f99ab45012

1 Console Messages

Source Level URL
Text
other error URL: https://register.content-tab.com/qitnc/de/?aid=mE7bko&var1=1887&var4=agn_14&hobj=eyJoc2lkIjogImFiMDM0NWY4MDIxOThlNTFmMzAzZjE4MmM1MWRhYjdhMzg2NWYxOWVlMmY0YTNkZjNlOWUzZDMyNjNjYWQyZDQiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAibSI6ICJNdXJhY2gncyBQSFAgYW5kIE15U1FMICgzcmQgRWRpdGlvbikiLCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiY29udGVudC10YWIuY29tIiwgInN1Yl9pZCI6ICIyOTI1IiwgImFjdGlvbiI6ICJyZWdpc3RyYXRpb24iLCAia19hY3RpdmUiOiBmYWxzZSwgInRtX2FjdGl2ZSI6IGZhbHNlfQ==
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.content-tab.com
fbmedia-bls.com
fonts.googleapis.com
fonts.gstatic.com
pushcampaign.club
register.content-tab.com
router.allure-ng.net
router.content-tab.com
104.21.58.102
142.250.74.42
142.250.74.67
172.67.172.123
35.157.74.22
37.9.175.18
0bd750f81cc17e62b41b74abfaba8f73350c7a73f925dac6a578b9d08e666512
127cb9b36cad13b61b0b8d12992175af5a252b20abf9d69c5a4049a433f415a1
1fcb3affaebb00dc8b78409592954bbcbe07068a037d3e711b7ce76306128441
3b46e78df5323a64aea5d96410edf49d856aaab3aca21f8400cd581fb86bff50
3c1b9bf1cfdc1147cb1ac2acf4387767dd440cdc75eafcffa041f9c78abcdf0b
40ab705b3347cd8471bb3412dc2a897f520c53b0ed6c5cebaf4759d41574ba23
42525983694ab81db404f9b9866c4d3c5546c69966577a28878a8efea8ce50b0
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
51376dd736982d71b55831ea400c85e546fd533d41924f6939b66a941bdc7505
7b876322eefcdf42b4aa31e4572118663fc18be61cb5e4cd7c140fe3c27cd93d
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
960d9d3266d06ece3753b83e6eb0884ecc7aa8b11ff937cd8f50f207af688446
aeca033024d642b6d8f0b2d0740b9e465eaa1c0daf73d34ff8e28653d0696e5c
b270599ccaea2dd51759fabba80d2470cb37403b8e6ceab6819b535867b31cc5
c81dca806b4449826c703223f7d84cd7c9c62852633e5bedcb3baf0e49d68b65
d34350fb776d328ec1870d49d0dca894d0852be6eac19690dc66d9a49f527be7
df8e839c668a58e6898f6bc2490f7d4e68a64971b115bd79af0351327c54eb6b
dfb8d5569b353f6c4bef5c6bd4b357afa87cc4831823361480ca60c2346d2713