www.chordtela.com Open in urlscan Pro
2606:4700:20::681a:366 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.chordtela.com/
Effective URL:
https://www.chordtela.com/
Submission: On March 01 via api (March 1st 2024, 1:45:00 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 17 domains to perform 67 HTTP transactions. The main IP is 2606:4700:20::681a:366, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.chordtela.com. The Cisco Umbrella rank of the primary domain is 109690.
TLS certificate: Issued by GTS CA 1P5 on February 5th 2024. Valid for: 3 months.

This is the only time www.chordtela.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:20:... 2606:4700:20::681a:366	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:3c00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::91	26667 (RUBICONPR...) (RUBICONPROJECT)
2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	23.206.4.228 23.206.4.228	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.200.61.238 23.200.61.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
67	28

8 2606:4700:20::681a:366 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.chordtela.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:3c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::91 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.4.228 (Tempe, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-4-228.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.200.61.238 (Tempe, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-61-238.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 161	138 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 677 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10026 csm.eu.criteo.net — Cisco Umbrella Rank: 9677	172 KB
8	chordtela.com 1 redirects www.chordtela.com — Cisco Umbrella Rank: 109690	31 KB
7	criteo.com 1 redirects ads.eu.criteo.com — Cisco Umbrella Rank: 9660 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10817 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17106 gum.criteo.com — Cisco Umbrella Rank: 466 mug.criteo.com — Cisco Umbrella Rank: 3065	49 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 256 acdn.adnxs.com — Cisco Umbrella Rank: 609	21 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 496 eus.rubiconproject.com — Cisco Umbrella Rank: 606 token.rubiconproject.com — Cisco Umbrella Rank: 493	13 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	52 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 757	356 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 710	414 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1818	25 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	164 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 35609	224 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 364	424 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	5 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6938	180 B
1	gstatic.com fonts.gstatic.com	13 KB
67	17

	Domain	Requested by
9	static.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com pagead2.googlesyndication.com
8	www.chordtela.com	1 redirects www.chordtela.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
4	ib.adnxs.com	1 redirects get.optad360.io acdn.adnxs.com
3	cdn.jsdelivr.net	www.chordtela.com get.optad360.io
2	eus.rubiconproject.com	get.optad360.io eus.rubiconproject.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prebid.a-mo.net	get.optad360.io
2	onetag-sys.com	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	get.optad360.io	www.chordtela.com get.optad360.io
2	fonts.googleapis.com	www.chordtela.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	get.optad360.io
1	match.adsrvr.org	get.optad360.io
1	rtb.fr3.eu.criteo.com	f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
1	prebid-eu.creativecdn.com	get.optad360.io
1	fastlane.rubiconproject.com	get.optad360.io
1	fonts.gstatic.com	fonts.googleapis.com
67	28

This site contains no links.

Subject Issuer	Validity	Valid
www.chordtela.com GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-10` - `2024-05-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.chordtela.com/
Frame ID: 87667E625764101FA0111A61C72BC49C
Requests: 31 HTTP requests in this frame

Frame: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B4D7572CD5F37CC4185D655AFD1811E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C3F31FB84A3A4A075B7FCEDDC7626F75
Requests: 3 HTTP requests in this frame

Frame: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 931BB29FE8402BDA49B878FDC750BCA3
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeHb2AAFmC4Iu-PvAA-InIZ--W29Ztv4xu5vtg&u=%7CrvesmNl9F8bJVLFi0KAqsQycL73%2BlivtkxqZ9j2uFOU%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXbEJBzMGeOU_dHpTY6KVCfxx2sfSyfOquBcpAZcdWerDmeSPp9EWF3U1WmgdIsYdQNUb9mv3RbUfF3n_8ZrHz_1eZIYzmSYYVdvKJXRgabrl26_8IwTk5ETWAXaLbc3F2ISZyku1_E279qxfBBS3ZSeOjm3W-izMAsGw25YoXfDvbLtNqZ7CC62CpINevLjuOuDGfqFe9c4caeDtrkny9-GYzt9kxNZW_Hoc63weTHeZEhJiVfYf0ieh6mU50k9lDDlxrYB_Sd1xcFjE7UItqAOtbMGL2jAt_qm50bYb3J6frWpfD80eT0bE7bSyz_63XUA_umtuTBBAbfkaFIzCU8oyu9M_TutBqpNeH-HGGuM5KHI8l6LbPAk_iWx6kqAsKU8luFVaodDPZiwYLry9td_q-k1X4hdC6S-2T9aNmoZNR_GTPmY-fXR1zoeWKl-KJirFzd7MYnO8NxBmX7d1c2MLlxftjSH46h3k6ChqOhf8qtvMrMwdsthimESW8jwc1PMEy2x471xnrChKMVZve4SpnlWUafX3lbYmVz_agGsjWd002jPWuA--_t9GJTl52pnPl0Az22GniKSHSj61tX4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGZNE2NvhZa6wFu_H7_UPnJG-uATJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAm9s2cf5JrI-4AIAqAMByAMCqgS4Ak_QTuu85Hv8SoXS7uTPDw7sQW4oxo9Ix67gvTFNqDYhK-YZ9EpMNQnYEQbTgilczSx_6hL_PVTDXCRokoJtGrXF1rgHd0Lm7J1a5_-P8EJ2rn_tORzlbuidmr5BukB65jANzQLoryPz57XN6R2CL3j68-cofiT0-bqK_AvCYx8N-MDZ0z54b4FxLSOMfs2HgHSP9OQuGnNdZVPzVMNGM_RZwzEyVNoQwJ7ZVSdNibqP4-JrNhFjHYB85es1Im-OoWUFeuj083po0DBHXc94g1yjxk32jPVM8Kp7lN6X_k8HG7jWMI-Ja0DhhLL2tBVBJml9OYHUuy2aNCKEpl-LeRZ8IeS6vJMoOWMXSVWYQeMl8Y4ZyYWQvoURjN53JXyyGX3OGzUIe60YIVPTCgWvqwr7CvXGkxogkuAEAYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpYtvzHppnThAP6CwIIAYAMAeINEwiyqcimmdOEAxXv47sIHZyID0fQFQGAFwE%26num%3D1%26sig%3DAOD64_2l8QTc_W2dbISP3Xbscacx0yz5qA%26client%3Dca-pub-5512390705137507%26adurl%3D
Frame ID: 079C229112863C32FBCE949E3924F9C6
Requests: 15 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: DA4183B0C75B120DCD9AB18E69983536
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2A25E3F0FEDB020DADA9879691908A9A
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1709300696208&gdpr=0
Frame ID: 1D63A71BA0B0FAACAB89813C19C81520
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 7D495C3768B80942ABD66AC3B31689DC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chord Dasar Kunci Gitar & Lirik Lagu ©ChordTela.com

Page URL History Show full URLs

http://www.chordtela.com/ HTTP 301
https://www.chordtela.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

67
Requests

97 %
HTTPS

67 %
IPv6

17
Domains

28
Subdomains

28
IPs

5
Countries

907 kB
Transfer

2440 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.chordtela.com/ HTTP 301
https://www.chordtela.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.chordtela.com%2F&domain=www.chordtela.com&cw=1&lsw=1&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=lhaBzXxzN3Roa0hObTVGdUZ5MDRWbUc1dHVVOFBNdDFzb2pQKzQyLzZhQzFpN1UvSmJ6dWhBNzlYR0Uzb1NSSHRocldHZmIzSDJoellaYkNyaUJuRlJTdmg1cjNYN0dLYkdSOG1SUHYzaU9DZnl6WXdKOFV2MHA4OUlYcGlVdWtUUlNSdG9ITHpSVVNjQnpDS1RTb1pNcUhYQXNVd2o0RjIvYzlKZG5EcGd0Uk5tdlRnVlAxOXRuTndpc1dkS2lXek1kdm5Kd2hFWkkvak56OU45bzFsTUN3bjZXNWJSU1ltMUJBNlc0bjFMQmh4ZXVCVGVSaGpSUVp6azRFdE9vSXQxNEJtfA&cppv=2

Request Chain 66

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.chordtela.com/
Redirect Chain

http://www.chordtela.com/
https://www.chordtela.com/

54 KB
16 KB

982ms
912ms

Document
text/html

2606:4700:20::681a:366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4c89bf024f41e242e4bc2f9ba50cf7ce0bda07a8060d0e0b5d71336fff647de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 85d9959cb8326aec-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 13:44:55 GMT
last-modified: Fri, 01 Mar 2024 06:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57to0Mxj4TJCURLx2jeYazwTMt%2BTWNkhI59MQLwd3cur6vY4eItDTGeYkn6GwYmsHbDKvWXTtvwaLpqObBEwuPX0e25EtmGBP3m8ZV50PqVpHXfnZudE%2BsYGg3qCyYt5T0fzhQ2xZ6KAq1LlSDzh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 85d9959c08281da2-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 01 Mar 2024 13:44:54 GMT
Expires: Fri, 01 Mar 2024 14:44:54 GMT
Location: https://www.chordtela.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igT9A9CSx3lGx4G2KjAK9BAkU9fWfUhUuF6dT7sRN4qZXcLKWW4m38T5DxM1%2FpUpB%2Flh3SADJoaR19t8N%2Bog1owjBVd2TeuS6eCQrFzZbBIz%2Bzo9uHY6dT9g0TQNn6MV568nuxZTaM3pA6DEYO8Z"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 157ms
57ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%7CDroid%20Sans%7CUbuntu%20Mono&display=swap

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf69b0b11aa4b2f83b7eefd9c11edb1d2a4a0bc146d1040be9d5526ab3367573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 13:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 13:44:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 13:44:55 GMT

GET
H2 200 classic-themes.min.css
www.chordtela.com/wp-includes/css/ 217 B
479 B 42ms
42ms Stylesheet
text/css 2606:4700:20::681a:366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chordtela.com/wp-includes/css/classic-themes.min.css

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66259
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 22 Dec 2022 20:14:53 GMT
server: cloudflare
etag: W/"63a4babd-d9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fkfhj46Bf%2BSSivI76SFBpT3c%2FfIEzYNvp6M4e1di2g6q2uwn8%2Fb4l27MxYHP6gt0cT%2F41r507g0MhYjHrXwO0ig%2B5n7ugXV5yFesAAHf%2F85feRsxz7y1ZdbMvRefYeU2aDLk3YO4oS9T2bXybcD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 85d995a27c186aec-FRA
expires: Fri, 28 Feb 2025 19:20:36 GMT

GET
H2 200 style.css
www.chordtela.com/wp-content/cache/min/1/wp-content/themes/chordTela/ 19 KB
5 KB 74ms
73ms Stylesheet
text/css 2606:4700:20::681a:366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chordtela.com/wp-content/cache/min/1/wp-content/themes/chordTela/style.css?ver=1707608983

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e65a0bcf619f01ece87782141656fa2c0b12391efc9b61f4743a4f29929f2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66259
cf-polished: origSize=19546
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 10 Feb 2024 23:49:43 GMT
server: cloudflare
etag: W/"65c80b97-4c5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaoHCka18pNsKvEsPDK5%2FvcWGdNdFIur1X4RSSnXDi5ht9mJ7oRXpvp5J3ZQtYSSIbtM%2BHoO6GkQN7p0QzoZzoU7dQs%2Fawwl70mMTmyI5KJr7maqzfKD%2FjOPClj8tuYOvVI5q%2Bq3OJTU97vCKAON"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85d995a27c1a6aec-FRA
expires: Fri, 28 Feb 2025 19:20:36 GMT

GET
H2 200 jquery.slim.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 71 KB
26 KB 109ms
44ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9368100
x-jsd-version: 3.5.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230022-FRA, cache-vie6343-VIE
x-jsd-version-type: version
server: cloudflare
etag: W/"11abc-z42YIVUtUbtQzlcuaWq6EwkGWAA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj8LlOAdJSg3SYpFEUhAuBhpItQ0aOYkDk8DN0OJ2nDfxczqJFarzR%2FdG48IvXjVrqoTTRqb6iWr6zNx6uU4mwNX%2F3ZMTVpvCghJrPuUmM3CFzghcXpRimrmCexkuNYPUQz8N6tGVzvoUBiKUc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85d995a2db7334d9-WAW

GET
H2 200 telaitem.js Show response
www.chordtela.com/wp-content/themes/chordTela/js/ 637 B
647 B 74ms
74ms Script
application/javascript 2606:4700:20::681a:366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chordtela.com/wp-content/themes/chordTela/js/telaitem.js

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e1f2d1851e3c3a9aa0231e40020141a5424c262961a03a36e12d7e92184c619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66259
cf-polished: origSize=1098
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 07 Oct 2020 22:10:42 GMT
server: cloudflare
etag: W/"5f7e3ce2-44a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0iudMAa8Ryn0WYBcri13AEEmPO7FoCvjkaL18D7HJkudzxeE7%2BralQSEEceV0TLdYJtXAcQi3Hd2GJ%2BET7lmpkVvXT59Sv%2FGnFu08O9gh5e3C5vYZTdJOpi5ij%2Bb88hEZNPbZPhaPCasr57Gjj4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85d995a27c1d6aec-FRA
expires: Fri, 28 Feb 2025 19:20:36 GMT

GET
H2 200 cls.css
www.chordtela.com/wp-content/cache/min/1/core/pubfig/ 2 KB
798 B 40ms
39ms Stylesheet
text/css 2606:4700:20::681a:366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chordtela.com/wp-content/cache/min/1/core/pubfig/cls.css?ver=1707608983

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d137d3c47c37b25f4af54f11526b2ed622b22aecd7f062b92cd787e46464fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66259
cf-polished: origSize=1796
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 10 Feb 2024 23:49:43 GMT
server: cloudflare
etag: W/"65c80b97-704"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWlubnYox4ZZwdjXox98aQdRhZE0tzeqQwkqwM6Dy0LCklnhctdfE3oKpgYB3dw4K9v%2BgGabQDDosPtJwb8%2BtbgUE4v4psv5ihXo1qD0EQErpV7o0CA1JSCpW2OEpuI6LzZGdc3TtIJtVvybaZLb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85d995a27c1c6aec-FRA
expires: Fri, 28 Feb 2025 19:20:36 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/72d1e169-1809-4b9e-a1ed-ad25eaaa2708/ 282 KB
61 KB 124ms
32ms Script
application/javascript 2600:9000:225e:3c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/72d1e169-1809-4b9e-a1ed-ad25eaaa2708/plugin.min.js
Requested by: Host: www.chordtela.com
URL: https://www.chordtela.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 247b3579723bf0e30ad2810689dd25285539696c7d5044cf5df52c14a2b7b1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:07:54 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 13:06:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2222
x-amz-server-side-encryption: AES256
etag: W/"a99a7aa16b4ea92d50f620b94037928e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Xf2mEDvmJtLSCekztN1M3sspd_Y-A0MHuuWIAfj2mYyFB_-ZIFiJmw==

GET
H2 200 logo.png
www.chordtela.com/wp-content/themes/chordTela/img/ 4 KB
4 KB 41ms
41ms Image
image/png 2606:4700:20::681a:366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chordtela.com/wp-content/themes/chordTela/img/logo.png

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23fa204908b1181e65ff531fb87816b66be42d0ebcfbfb5a2494ac49e3d4973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66258
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Apr 2021 21:49:55 GMT
server: cloudflare
etag: W/"606cd783-1093"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYyHT9BqUd1%2BIif7eMdj%2B8ecMaHRNONGIR8w4%2BauRqJnortjEhmoaW7KuJnF0pLXS4OmM%2BNa0nb54Rh5gPfDOC0OEB0%2F6v0FrfL%2F8Fvaq7SQ2PC83HkShfK6UqUd7hSMtjPZaECLbbmytRLbej0e"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85d995a27c1f6aec-FRA
expires: Fri, 28 Feb 2025 19:20:37 GMT

GET
H2 200 lazyload.min.js Show response
www.chordtela.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 40ms
39ms Script
application/javascript 2606:4700:20::681a:366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chordtela.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:366 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66257
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Feb 2024 21:27:01 GMT
server: cloudflare
etag: W/"65c152a5-22bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUF0x0A2eCWUwVm9u2rpcMAY2AN2xxeQAZflRaKM%2B5Fe4BMkeH4LWFkNKm7QC8LVyOm6hz45%2FKcElRkublUXGsfkMKrT0l9kBdsIxnAyS6kiI4I%2BFiitYC2OyMeFcglT0iUInQuytfw2mWn82FEi"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85d995a33d466aec-FRA
expires: Fri, 28 Feb 2025 19:20:37 GMT

GET
H2 200 jquery.slim.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 71 KB
25 KB 55ms
54ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9368100
x-jsd-version: 3.5.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230022-FRA, cache-vie6343-VIE
x-jsd-version-type: version
server: cloudflare
etag: W/"11abc-z42YIVUtUbtQzlcuaWq6EwkGWAA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLHby6FU7sMK2s4gx4MEiYwEZtrpN3sKOet0omUUVKmZF8DPVFjPxMqTBUF6OO2mBfL0x3KjboICY%2FFppGQE3dMnvWOm2wtJgNdrkYd7DvSqB%2BbfOhNOT4EYqA4D4N4gf6P2T2p8NYpp%2FItUbBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85d995a33be434d9-WAW

GET
H2 200 css
fonts.googleapis.com/ 4 KB
808 B 57ms
57ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%7CDroid%20Sans%7CUbuntu%20Mono&display=swap

Requested by

Host: www.chordtela.com
URL: https://www.chordtela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf69b0b11aa4b2f83b7eefd9c11edb1d2a4a0bc146d1040be9d5526ab3367573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 13:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 13:44:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 13:44:55 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
13 KB 146ms
46ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%7CDroid%20Sans%7CUbuntu%20Mono&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chordtela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 07:21:10 GMT
x-content-type-options: nosniff
age: 282225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 07:21:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 188ms
88ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/72d1e169-1809-4b9e-a1ed-ad25eaaa2708/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60bf0bfd6ef72e6ca17ee43a33e906246fd984a44d3bf29172808b0e7c1439bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29073
x-xss-protection: 0
server: cafe
etag: 59 / 19783 / m202402220101 / config-hash: 18075438754468141728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:44:55 GMT

GET
H2 200 prebid8.20.2.js Show response
get.optad360.io/assets/js/ 510 KB
164 KB 32ms
31ms Script
text/javascript 2600:9000:225e:3c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/72d1e169-1809-4b9e-a1ed-ad25eaaa2708/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:29:37 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 07:08:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3082519
etag: W/"643c66a3d7b92031d1740b1b750e096d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: PM3ysq1DChi0PAqU0InwifECdpFo_8GhvW8gtEPm4cQsvTu0U6cBkQ==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 72ms
38ms Fetch
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240301

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d598d450f088715ca6816b0ed9f90bcc174f356144fa9c766c2fbd5b8989a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 01 Mar 2024 13:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35039
x-jsd-version: 1.0.1981
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21928-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63d-ISjg+I9UuA/dgusRTa7rb0PtBoo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe5BE73xgFcqzMU4MUav2LXcZKtb9H8xWc%2Fh%2BNkc9si2QFwq7UyM6CJHwVwoqiJK916e24V2qu55RMFwyzGl8VmSoNUvZ0DIioZOLRai5Opq81TFoYQnW1F8PqbCHXF%2BRHPVu2UOTx5BewaxMIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85d995a5af4a34d9-WAW

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1021 B 114ms
39ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 01 Mar 2024 13:44:56 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 21 Feb 2024 16:07:43 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 768997
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtjfQcx5Nv2NoB0ZP0Rv8EGz6vpxcW%2FqyRH7c9eWMrAOwCq8bATYEzCrUvodWueEu9qcR2FKJqwUp3YtZzfNkBxUPKiJdfNIU7QYi9Ni%2BspWLSUBP2t%2BHLdTeFOo7OsELVNLT%2FZk4mStnIuU"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 85d995a5fdda30c6-FRA

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 137 B
829 B 113ms
33ms Fetch
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b5eba3280bbb06092f09258eaf186c9afcf873a5120ac5b7dce887c9da258e06

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:56 GMT
an-x-request-uuid: 720a2ba1-5571-4e1d-9858-9370ef7427bf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chordtela.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 137
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
837 B 190ms
125ms Fetch
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=527788&zone_id=3189402&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!optad360.com,8788004,1,,,&eid_pubcid.org=5d288ef5-075b-41d6-becc-58ea518ebeb6%5E1&rf=https%3A%2F%2Fwww.chordtela.com%2F&tg_i.domain=chordtela.com&tg_i.page=https%3A%2F%2Fwww.chordtela.com%2F&tk_flint=pbjs_lite_v8.20.0&x_source.tid=bb57de25-486c-4df3-ab76-cac35e1f80b9&l_pb_bid_id=44e6fa744faa7e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bb4fd067-8e4a-41c1-a479-b42943eb5d96&rp_maxbids=1&slots=1&rand=0.6037749767419001
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4439ecd5310d340b385c937c82054092ea01d8ef3abca98ccf15276202d62c10

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.chordtela.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 324
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
414 B 283ms
196ms Fetch
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.chordtela.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
831 B 107ms
33ms Fetch
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

f307334ad51d8ec7869d420e60052941a0d19fa0ca60d8694766c459f663a919

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:56 GMT
an-x-request-uuid: 7ccc050c-7acc-4b83-920d-16460e981bb9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chordtela.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
356 B 111ms
32ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.chordtela.com
date: Fri, 01 Mar 2024 13:44:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
180 B 124ms
39ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.chordtela.com
date: Fri, 01 Mar 2024 13:44:56 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 96ms
40ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf644a55f623100a0471c92c7cd9f7a6e2b95f4a45376208bd9587b0ca9987c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 01 Mar 2024 13:44:56 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 768734
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Feb 2024 16:07:42 GMT
Server: cloudflare
ETag: W/"0f70690380eccf8211b60d6a0ca3951f"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpgsvjAQbi8S9PdQOJVIkvqYsikpOJTAvDt2UVzUavEgN6eIveGN1uxttkhl%2B6%2B%2Fmp%2FiuSVudyFxqobsWd30EQ82nOVZttdi82AETS347G3H9f0U0MNadol%2F4OQEM4b4S8FUsCQ%2BRs6VSimY"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 85d995a698c3380a-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
135 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 11:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8554
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Mar 2025 11:22:22 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 35 KB
14 KB 452ms
346ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1090734531264274&correlator=4491488695133139&eid=31080984%2C31081523%2C31080987&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&ltd_cs=1&iu_parts=121764058%3A21864235025%2Cchordtela.com%2Cchordtela.com_o3b_display_adi_o3b_btf_home&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=580x400%7C480x320%7C360x300%7C336x280%7C300x250&ifi=1&didk=2805297491&sfv=1-0-40&sc=1&abxe=1&dt=1709300696212&lmt=1709273448&adxs=346&adys=770&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.chordtela.com%2F&vis=1&psz=0x0&msz=580x0&fws=640&ohw=0&ga_vid=166364851.1709300696&ga_sid=1709300696&ga_hid=1925010262&ga_fc=false&dlt=1709300695418&idt=777&adks=935356915&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

398d37d52b1ea39a7b39ce9d8b801f9512b1127c4a85eb719caa6a6f5f32d34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14193
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.chordtela.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 194ms
89ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1529380cd7ddd42e7af7153d9d4d8b229301510c22e837c5a0979e3a745206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12413
x-xss-protection: 0

GET
H2 200 container.html Show response
f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B4D 6 KB
3 KB 176ms
54ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.chordtela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 13:44:56 GMT
expires: Sat, 01 Mar 2025 13:44:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 155ms
56ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 13:44:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C3F3 13 KB
5 KB 47ms
46ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.chordtela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 11:34:30 GMT
expires: Sat, 01 Mar 2025 11:34:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame C3F3 40 KB
15 KB 140ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Mar 2025 10:02:51 GMT

GET
H2 200 container.html Show response
f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 931B 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.chordtela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 13:44:56 GMT
expires: Sat, 01 Mar 2025 13:44:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 079C 132 KB
47 KB 150ms
82ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeHb2AAFmC4Iu-PvAA-InIZ--W29Ztv4xu5vtg&u=%7CrvesmNl9F8bJVLFi0KAqsQycL73%2BlivtkxqZ9j2uFOU%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXbEJBzMGeOU_dHpTY6KVCfxx2sfSyfOquBcpAZcdWerDmeSPp9EWF3U1WmgdIsYdQNUb9mv3RbUfF3n_8ZrHz_1eZIYzmSYYVdvKJXRgabrl26_8IwTk5ETWAXaLbc3F2ISZyku1_E279qxfBBS3ZSeOjm3W-izMAsGw25YoXfDvbLtNqZ7CC62CpINevLjuOuDGfqFe9c4caeDtrkny9-GYzt9kxNZW_Hoc63weTHeZEhJiVfYf0ieh6mU50k9lDDlxrYB_Sd1xcFjE7UItqAOtbMGL2jAt_qm50bYb3J6frWpfD80eT0bE7bSyz_63XUA_umtuTBBAbfkaFIzCU8oyu9M_TutBqpNeH-HGGuM5KHI8l6LbPAk_iWx6kqAsKU8luFVaodDPZiwYLry9td_q-k1X4hdC6S-2T9aNmoZNR_GTPmY-fXR1zoeWKl-KJirFzd7MYnO8NxBmX7d1c2MLlxftjSH46h3k6ChqOhf8qtvMrMwdsthimESW8jwc1PMEy2x471xnrChKMVZve4SpnlWUafX3lbYmVz_agGsjWd002jPWuA--_t9GJTl52pnPl0Az22GniKSHSj61tX4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGZNE2NvhZa6wFu_H7_UPnJG-uATJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAm9s2cf5JrI-4AIAqAMByAMCqgS4Ak_QTuu85Hv8SoXS7uTPDw7sQW4oxo9Ix67gvTFNqDYhK-YZ9EpMNQnYEQbTgilczSx_6hL_PVTDXCRokoJtGrXF1rgHd0Lm7J1a5_-P8EJ2rn_tORzlbuidmr5BukB65jANzQLoryPz57XN6R2CL3j68-cofiT0-bqK_AvCYx8N-MDZ0z54b4FxLSOMfs2HgHSP9OQuGnNdZVPzVMNGM_RZwzEyVNoQwJ7ZVSdNibqP4-JrNhFjHYB85es1Im-OoWUFeuj083po0DBHXc94g1yjxk32jPVM8Kp7lN6X_k8HG7jWMI-Ja0DhhLL2tBVBJml9OYHUuy2aNCKEpl-LeRZ8IeS6vJMoOWMXSVWYQeMl8Y4ZyYWQvoURjN53JXyyGX3OGzUIe60YIVPTCgWvqwr7CvXGkxogkuAEAYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpYtvzHppnThAP6CwIIAYAMAeINEwiyqcimmdOEAxXv47sIHZyID0fQFQGAFwE%26num%3D1%26sig%3DAOD64_2l8QTc_W2dbISP3Xbscacx0yz5qA%26client%3Dca-pub-5512390705137507%26adurl%3D

Requested by

Host: f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8b5604ad4ff8fd1163de79fc5a147b5c28a1aaf30804b418c9032b0e75dfeb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 13:44:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hUzZ05j2KLS7NH6dnzmVeNf9RvtddtyMkUiDzT_iS3qDqFQDglga7p0WEnk7wP04F3NlpJlaCiFJFJ2pnQ-6Ll4ZPHZASNtQQTUm9HR54I7DUi_Ba5jYlUoGcsZNyB1y8hty-B7soKOWAvbmEdHyZ0EzbH0ZeO1UcHF84T6pL1FGUdRt_q1zu13Zh7SnU3MyjGTW188VC78W-9fVT4DgMUac_yRYneJU-SCxnOG3ZM4r7yNdG3I3eD3RxzQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 44467113
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 931B 3 KB
1 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 10:04:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 931B 20 KB
8 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 18:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 18:11:28 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 931B 24 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:07:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 01 Mar 2025 10:07:31 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 931B 207 KB
63 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:04:23 GMT

GET
DATA 200
OK truncated
/ Frame 931B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 699808af742a6bb976153632d56036edba9b93022694a18877373691168588f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 079C 2 KB
1 KB 93ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeHb2AAFmC4Iu-PvAA-InIZ--W29Ztv4xu5vtg&u=%7CrvesmNl9F8bJVLFi0KAqsQycL73%2BlivtkxqZ9j2uFOU%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXbEJBzMGeOU_dHpTY6KVCfxx2sfSyfOquBcpAZcdWerDmeSPp9EWF3U1WmgdIsYdQNUb9mv3RbUfF3n_8ZrHz_1eZIYzmSYYVdvKJXRgabrl26_8IwTk5ETWAXaLbc3F2ISZyku1_E279qxfBBS3ZSeOjm3W-izMAsGw25YoXfDvbLtNqZ7CC62CpINevLjuOuDGfqFe9c4caeDtrkny9-GYzt9kxNZW_Hoc63weTHeZEhJiVfYf0ieh6mU50k9lDDlxrYB_Sd1xcFjE7UItqAOtbMGL2jAt_qm50bYb3J6frWpfD80eT0bE7bSyz_63XUA_umtuTBBAbfkaFIzCU8oyu9M_TutBqpNeH-HGGuM5KHI8l6LbPAk_iWx6kqAsKU8luFVaodDPZiwYLry9td_q-k1X4hdC6S-2T9aNmoZNR_GTPmY-fXR1zoeWKl-KJirFzd7MYnO8NxBmX7d1c2MLlxftjSH46h3k6ChqOhf8qtvMrMwdsthimESW8jwc1PMEy2x471xnrChKMVZve4SpnlWUafX3lbYmVz_agGsjWd002jPWuA--_t9GJTl52pnPl0Az22GniKSHSj61tX4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGZNE2NvhZa6wFu_H7_UPnJG-uATJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAm9s2cf5JrI-4AIAqAMByAMCqgS4Ak_QTuu85Hv8SoXS7uTPDw7sQW4oxo9Ix67gvTFNqDYhK-YZ9EpMNQnYEQbTgilczSx_6hL_PVTDXCRokoJtGrXF1rgHd0Lm7J1a5_-P8EJ2rn_tORzlbuidmr5BukB65jANzQLoryPz57XN6R2CL3j68-cofiT0-bqK_AvCYx8N-MDZ0z54b4FxLSOMfs2HgHSP9OQuGnNdZVPzVMNGM_RZwzEyVNoQwJ7ZVSdNibqP4-JrNhFjHYB85es1Im-OoWUFeuj083po0DBHXc94g1yjxk32jPVM8Kp7lN6X_k8HG7jWMI-Ja0DhhLL2tBVBJml9OYHUuy2aNCKEpl-LeRZ8IeS6vJMoOWMXSVWYQeMl8Y4ZyYWQvoURjN53JXyyGX3OGzUIe60YIVPTCgWvqwr7CvXGkxogkuAEAYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpYtvzHppnThAP6CwIIAYAMAeINEwiyqcimmdOEAxXv47sIHZyID0fQFQGAFwE%26num%3D1%26sig%3DAOD64_2l8QTc_W2dbISP3Xbscacx0yz5qA%26client%3Dca-pub-5512390705137507%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:44:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 079C 2 KB
1 KB 94ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:44:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 079C 308 B
636 B 92ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 24 Feb 2025 13:44:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 079C 293 B
622 B 90ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 24 Feb 2025 13:44:56 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 079C 43 B
348 B 134ms
35ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JnxdiphoQtLelozqaNOBK-KYOKb1XH_RHDylla-ynLYjzvzNxrI1nrTZ3f2CewW01h7MDkJb_hamjcjY-51CyeXvNLNgbDcV0vRbftAcOi4E-nxfJrZ1AxukasugYTjKqw2k8-o2wONHH798S2yspphoGy_TJZfyXY1rXpgwVTgcEe5zE26bUH5rB2ryt7dnhQunxHnAGh4g2U2O9g6O_HqdQT-beFEJuJeHFX0CF6DrXw3mfs2GTvZH9--T2YfqtPtrKikTNtQgB6gOJG_pktb4mV5yUISpVlkVF1WWr1U6iKj-Ocx3PTA_iDXdkh6kjZ1_UeRSNhf-YYrdMKUXrvYUtE0oB3_DX9hidxZ2oXmU4UFzlkkqTReXtfx6ipfpX00mwKWHhuAvQK1hy-NoIA2vBGm1xD4MFcVHb3EeQoh-Tt6DXJhhbkPs2EsY5NIWG8AvqA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2228319
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 079C 68 KB
68 KB 125ms
61ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

da1ade3e8c604cedac82d169f6fdf4813bf7da19d152ee1c11066e47e31d514b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:44:56 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 079C 68 KB
68 KB 165ms
101ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ceabd016e37f18ed4c571b1549946a6e17abcebaef62bbaa9a9071a696d6510a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:44:56 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 079C 12 KB
5 KB 105ms
42ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 80570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEV3U%2FICdYcFjEHa1x4H6ooRkD8XnDEGDxDl7Ax4lZZKJ9Azv4Nlj%2BZ%2FEv%2BTxDSVTLBcFIZ%2BXjO%2F7vKNRNA5r0q7RJVFdHKYOupOJ36d3QPPYRTTANflZJoyVRVex6GWERQ3Vkk2OZumCMHIglHVreAZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85d995ac48053485-WAW
expires: Wed, 19 Feb 2025 13:44:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C3F3 0
10 B 46ms
46ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1TSp0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 079C 12 KB
6 KB 42ms
37ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:44:57 GMT

GET
H2 200 000JRevwTPBLDHnkLalrz3cSdgAVyq1xIhi8403S02Y1x15JcSe1U37ApG92qHWyDOznmtviVFJf0oRKXiGJK1wlIg4tbd8YhgCQIy7ehFUJ0e43SV3IhUhrFhqoNseqrEMS2YyEGQ8BcBkvrbsXlaB7ZVh2VjG9JHP8zYF8L5pYWDd7xtooC6lzXETQQNNeK3b4o...
imageproxy.eu.criteo.net/v1/ Frame 079C 24 KB
24 KB 127ms
60ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000JRevwTPBLDHnkLalrz3cSdgAVyq1xIhi8403S02Y1x15JcSe1U37ApG92qHWyDOznmtviVFJf0oRKXiGJK1wlIg4tbd8YhgCQIy7ehFUJ0e43SV3IhUhrFhqoNseqrEMS2YyEGQ8BcBkvrbsXlaB7ZVh2VjG9JHP8zYF8L5pYWDd7xtooC6lzXETQQNNeK3b4oVI5B4peQOCaBzA0d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a13ff34f1f6805135cb084e3cb1044861ca7037ddeaff9e8359bec5cf4010ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24096
expires: Thu, 20 Feb 2025 15:07:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 079C 0
128 B 93ms
31ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=hUzZ05j2KLS7NH6dnzmVeNf9RvtddtyMkUiDzT_iS3qDqFQDglga7p0WEnk7wP04F3NlpJlaCiFJFJ2pnQ-6Ll4ZPHZASNtQQTUm9HR54I7DUi_Ba5jYlUoGcsZNyB1y8hty-B7soKOWAvbmEdHyZ0EzbH0ZeO1UcHF84T6pL1FGUdRt_q1zu13Zh7SnU3MyjGTW188VC78W-9fVT4DgMUac_yRYneJU-SCxnOG3ZM4r7yNdG3I3eD3RxzQ&sds=2&rev=90888&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 13:44:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 079C 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:44:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 079C 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:44:57 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 931B 0
0 81ms
81ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CiQu_2NvhZa6wFu_H7_UPnJG-uATJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAm9s2cf5JrI-4AIAqAMByAMCqgS1Ak_QTuu85Hv8SoXS7uTPDw7sQW4oxo9Ix67gvTFNqDYhK-YZ9EpMNQnYEQbTgilczSx_6hL_PVTDXCRokoJtGrXF1rgHd0Lm7J1a5_-P8EJ2rn_tORzlbuidmr5BukB65jANzQLoryPz57XN6R2CL3j68-cofiT0-bqK_AvCYx8N-MDZ0z54b4FxLSOMfs2HgHSP9OQuGnNdZVPzVMNGM_RZwzEyVNoQwJ7ZVSdNibqP4-JrNhFjHYB85es1Im-OoWUFeuj083po0DBHXc94g1yjxk32jPVM8Kp7lN6X_k8HG7jWMI-Ja0DhhLL2tBVBJml9OYHUuy2aNCKEpl-LeRZ8IeS6vJMoOWMXSVWYQeNn86-LSRZAgyPBqwT7BZUWF1rErT8mYy-s6W51-LqxhxJjwGHmeuAEAYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpYtvzHppnThAOACgP6CwIIAYAMAeINEwiyqcimmdOEAxXv47sIHZyID0fQFQGAFwGyFxwKGhIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=F9n9-nIlgAk&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by: Host: f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 931B 0
126 B 164ms
45ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kOWCGYS9E8QEkAOdg2ICAgAAAMF8aGkvy7OOENfb4WUe_bDjEFt2VO2gAAASAAAKCkFRVUREd0VCRHc&wp=ZeHb2AAFmC4Iu-PvAA-InIZ--W29Ztv4xu5vtg&cbvp=2

Requested by

Host: f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:44:56 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 142648
server: Kestrel
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
80ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402220101&jk=1090734531264274&bg=!enmleTbNAAauXHXJjlw7ADQBe5WfOLar3X-9aJQba7utWRYQX25TIZklbR8gsbqtj927eOuHCdL22S6DY-7pRw75XBlWAgAAAGZSAAAAAmgBBwoAmMlbECnDiFdDBtV6ycl0e-E8dNjyTUE1ZWuwBTUkliTVfY-XiywXCvOT0cUJ9TmDGwANERUP-LEIIayeqTVqYdSc2jGfKHSTHNx2vZfeHitTtpWj3yO9Mis0YBKAf_sRWPtB8HLHA67j1_WxZx1Bo-69Lb2w2wvfR86KqMtsLMi0BJIgaxsHCvtriNjd48dMYojX4Zw20GmCmQLQo6tMPPoOvmOXlDFGxXHBVYkALzxIks8bp6UX7rP3P1bmxK_AK7K2Qs5RvdU_KvdyfdQ7511LXeWQgtuPR9d3I0BQY2mpgMO6FTQsplRhBaoPzzl3jyFQImlMEx-6d121ppB-tGf2xkWY-mCvlqI1HyTwLGV7TSY9XtS89-SWs2qXhZHHlH3haQPdVo3fxH9Nu_sNdbW1Wdnc1hhzKfTkSkSkvyrAPfLSoUk__qEvx2Ymhtq7XNZcVi1VmiRpk8ubeoSAPCptosWt6KhvXl2gzzZ1wGEsDxVqMCnCp_eNjp-tgJrlUSnhM7wqaU_S_C55ZneXNxICa0hAzRXe9z3vQguiZih5Nf07sIRBs84MtYo6EkSR1RNF03GivC1QnjkHW0ZEjPAZFOxQNNnTqm6eCbYAwWM-nvxWSVlHYIR-Wv0ufZclLzB0D36vAenDIVZbs_CFi6vqh3mcos2GnFdJMamOIXqSjtGcB6Z8s5V1xYYc6t5MoP__KTGztND2Q4Oul1iybQncEO_Q5qlG2VXVZLAX3xfPvFTOXriH3_BNvS5Fp7_s9r2nhYXQxEXGkrLcVVyVK464tZAdbvAOrqZ9MldKxjnBZ5xs3GdM0wgSz-nyqzG3hfeDtWoNPZiGdaPmjFPGYZYMBkKILpjc65q53MH7Ju7-zTQL_ku27_Q86raYlC2ngyGYY2WoAD0ZRSg3Y4EuxQQJHcg-y0VyDi_3Tvxmwy5u3PQ6DkCwbR4crwQEixKRILzk1I14LLnIw0zNgUIbMhWy_UMyBX30xC0vF8DLHFUzmKRl2LRpL8XW01vDPKYiHbbbJ0xl_azf6dnBLFWWe3BWG4H3qGHOiBr5giCVmt3XL7NCa-ZF6qwZqONpD0XpVrwxUoKp2VCAnanHj9x0pl2g5Jw-CIY1Tic7V8d9x33xQ6HP19w8B7BBvPN2OHoJFFP804Lxd1AO0SBF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 931B 42 B
119 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr5GkSyf9L3l4G3jyJbfoE8bJs1cjO8-7ECQt5if0WSgN6RZEfXkqTHDLhGefD1tnUWC-K3cDnMXGEkkN83lMSDNzcQ4xIpmT0IDDEgC3BykZoyq1VThhzYeoryUumn_bnWxRfbje208g&sig=Cg0ArKJSzDqoHVb9mPEPEAE&id=lidar2&mcvt=1000&p=788,346,1188,926&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=935356915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=523349600&rst=1709300696692&rpt=207&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 079C 0
127 B 31ms
31ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 13:44:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 95ms
32ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.chordtela.com%2F&domain=www.chordtela.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.chordtela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.chordtela.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 01 Mar 2024 13:44:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 225363
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.chordtela.com%2F&domain=www.chordtela.com&cw=1&lsw=1&gdpr=0
https://mug.criteo.com/sid?cpp=lhaBzXxzN3Roa0hObTVGdUZ5MDRWbUc1dHVVOFBNdDFzb2pQKzQyLzZhQzFpN1UvSmJ6dWhBNzlYR0Uzb1NSSHRocldHZmIzSDJoellaYkNyaUJuRlJTdmg1cjNYN0dLYkdSOG1SUHYzaU9DZnl6WXdKOFV2MHA4OUlYcG...

367 B
651 B

32ms
32ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lhaBzXxzN3Roa0hObTVGdUZ5MDRWbUc1dHVVOFBNdDFzb2pQKzQyLzZhQzFpN1UvSmJ6dWhBNzlYR0Uzb1NSSHRocldHZmIzSDJoellaYkNyaUJuRlJTdmg1cjNYN0dLYkdSOG1SUHYzaU9DZnl6WXdKOFV2MHA4OUlYcGlVdWtUUlNSdG9ITHpSVVNjQnpDS1RTb1pNcUhYQXNVd2o0RjIvYzlKZG5EcGd0Uk5tdlRnVlAxOXRuTndpc1dkS2lXek1kdm5Kd2hFWkkvak56OU45bzFsTUN3bjZXNWJSU1ltMUJBNlc0bjFMQmh4ZXVCVGVSaGpSUVp6azRFdE9vSXQxNEJtfA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06615d43e891c5f3cf07fc4b43949e2755c2de7b7d39275386e30b0d8991d5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chordtela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 554681
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://www.chordtela.com
location: https://mug.criteo.com/sid?cpp=lhaBzXxzN3Roa0hObTVGdUZ5MDRWbUc1dHVVOFBNdDFzb2pQKzQyLzZhQzFpN1UvSmJ6dWhBNzlYR0Uzb1NSSHRocldHZmIzSDJoellaYkNyaUJuRlJTdmg1cjNYN0dLYkdSOG1SUHYzaU9DZnl6WXdKOFV2MHA4OUlYcGlVdWtUUlNSdG9ITHpSVVNjQnpDS1RTb1pNcUhYQXNVd2o0RjIvYzlKZG5EcGd0Uk5tdlRnVlAxOXRuTndpc1dkS2lXek1kdm5Kd2hFWkkvak56OU45bzFsTUN3bjZXNWJSU1ltMUJBNlc0bjFMQmh4ZXVCVGVSaGpSUVp6azRFdE9vSXQxNEJtfA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 349827
content-length: 0
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
424 B 141ms
45ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 9bafb81aa49a33fe93141e9964dc71163e2eff59eee097904d96757b4d1408f5

Request headers

Referer: https://www.chordtela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 01 Mar 2024 13:44:59 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.chordtela.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 31 Mar 2024 13:44:59 GMT

GET
H2 204 isyn
prebid.a-mo.net/ Frame DA41 0
0 32ms
31ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.chordtela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Fri, 01 Mar 2024 13:44:58 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2A25 52 KB
17 KB 720ms
202ms Document
text/html 23.206.4.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.4.228 Tempe, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-4-228.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.chordtela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 01 Mar 2024 13:44:59 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 02 Mar 2024 13:45:01 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 1D63 0
0 41ms
40ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1709300696208&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.chordtela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7D49 281 B
554 B 509ms
166ms Document
text/html 23.200.61.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.61.238 Tempe, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-61-238.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.chordtela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Mar 2024 13:44:59 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 31ms
30ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 01 Mar 2024 13:44:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 193845
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7D49 40 KB
11 KB 167ms
167ms Script
text/html 23.200.61.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.61.238 Tempe, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-61-238.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 01df225aacb7af4e87d84c1741117977d6d2e94983f58e39ac2424a6944e6374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 01 Mar 2024 13:44:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Feb 2024 16:12:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=8810
Connection: keep-alive
Content-Length: 11272
Expires: Fri, 01 Mar 2024 16:11:49 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7D49 7 B
380 B 119ms
31ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 1f4afaf10c6b5898421df1cdca3fc7f5
Expires: 0

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 2A25
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
971 B

33ms
33ms

Script
text/html

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:59 GMT
an-x-request-uuid: 01fbd5cf-e044-445e-8ba7-374bdf51ffc3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:44:59 GMT
an-x-request-uuid: 2f46c9a4-2c7a-41ef-a1c3-feac0d120165
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chordtela.com/	1970-01-21 03:33:56	Name: _sharedID Value: 5d288ef5-075b-41d6-becc-58ea518ebeb6
.chordtela.com/	1970-01-21 03:33:56	Name: _sharedID_cst Value: kSylLAssaw%3D%3D
.adnxs.com/	1970-01-21 04:24:20	Name: receive-cookie-deprecation Value: 1
prebid.a-mo.net/	1970-01-20 18:48:20	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 03:33:56	Name: __amc Value: 1_1709300696_1709300696
.rubiconproject.com/	1970-01-21 03:33:56	Name: khaos Value: LT8PI214-1B-JJMR
.rubiconproject.com/	1970-01-21 03:33:56	Name: audit Value: 1\|yQuirGeEF6DG2gtbcqqatgmOsfVVM1TCDevM3UyPj6i1r08NgicAOSLz2Gk0bHsrdJfLemYwJpNobss4/u+HZOBxGCOXoSK1eLcXqez2aee+xUA9sgf/4b7FQD2yB//h
.chordtela.com/	1970-01-20 23:07:32	Name: __eoi Value: ID=bd4edc4b0766cd8d:T=1709300696:RT=1709300696:S=AA-AfjZGkQ7ffiNOZlKaRDxnFyEe
.criteo.com/	1970-01-21 04:09:56	Name: receive-cookie-deprecation Value: 1
www.chordtela.com/	1970-01-21 03:33:56	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-03-01T13%3A44%3A59%22%7D
www.chordtela.com/	1970-01-21 03:33:56	Name: unifiedid_cst Value: kSylLAssaw%3D%3D
.chordtela.com/	1970-01-21 04:10:00	Name: cto_bundle Value: 5i-xEF9Tb09LJTJCSCUyQmh3aWhwTlJMc1FITnByVVBmUGFueUYyUmRGNFhkUXdyJTJCamJzMDlBbHZNcTdxN1lYMWFrVlJqeGRqaE1pJTJCeUp6RVN0Zlo2WmhTNFdIMENGRXdEMUE2UDhZM3c5WVFvaDh3djElMkJiYUwlMkZxcmpKSjUlMkZYM0R4dHdyZ2d4
.chordtela.com/	1970-01-21 04:10:00	Name: cto_bidid Value: lmIEr19sZ3lDR3RNSnZpNkVnZks3TzNlRmdkTE4xWktiZzBYJTJGUlNxd1BIcldibzY1Q09IWlQlMkZ3ZlAxc2Q3c3g1dTZnRE9RQ1VhUWNvVnhDRkp4M0tJWWtubnclM0QlM0Q
.adnxs.com/	1970-01-20 20:57:56	Name: XANDR_PANID Value: vKqAeqYZ3Okr29D844Wen332UFLI_c5TkczW16ux_QLQKplcPctWK3RFZGnlTdzdyo93YT5E8K1RJgOXMdbntu5S-xBnMLONWoszyC1it6Q.
.adnxs.com/	1970-01-20 20:57:56	Name: uuid2 Value: 5295962641413016600

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.chordtela.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
csm.eu.criteo.net
eus.rubiconproject.com
f213674cc9b7d470fb7986628ff1e545.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
gum.criteo.com
ib.adnxs.com
imageproxy.eu.criteo.net
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rtb.fr3.eu.criteo.com
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
token.rubiconproject.com
tpc.googlesyndication.com
www.chordtela.com
145.40.97.66
15.197.193.217
178.250.1.6
185.184.8.90
23.200.61.238
23.206.4.228
2600:9000:225e:3c00:11:a4de:2580:93a1
2602:803:c003:200::91
2606:4700:20::681a:366
2606:4700:20::ac43:4bf1
2606:4700::6810:5714
2606:4700::6811:180e
2a00:1450:4001:806::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
37.252.171.85
51.89.9.253
69.173.144.138
01df225aacb7af4e87d84c1741117977d6d2e94983f58e39ac2424a6944e6374
06615d43e891c5f3cf07fc4b43949e2755c2de7b7d39275386e30b0d8991d5ed
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e1f2d1851e3c3a9aa0231e40020141a5424c262961a03a36e12d7e92184c619
23fa204908b1181e65ff531fb87816b66be42d0ebcfbfb5a2494ac49e3d4973d
247b3579723bf0e30ad2810689dd25285539696c7d5044cf5df52c14a2b7b1f9
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
398d37d52b1ea39a7b39ce9d8b801f9512b1127c4a85eb719caa6a6f5f32d34c
3d598d450f088715ca6816b0ed9f90bcc174f356144fa9c766c2fbd5b8989a83
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4439ecd5310d340b385c937c82054092ea01d8ef3abca98ccf15276202d62c10
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
60bf0bfd6ef72e6ca17ee43a33e906246fd984a44d3bf29172808b0e7c1439bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
699808af742a6bb976153632d56036edba9b93022694a18877373691168588f7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8b5604ad4ff8fd1163de79fc5a147b5c28a1aaf30804b418c9032b0e75dfeb75
8e65a0bcf619f01ece87782141656fa2c0b12391efc9b61f4743a4f29929f2d2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1529380cd7ddd42e7af7153d9d4d8b229301510c22e837c5a0979e3a745206
9bafb81aa49a33fe93141e9964dc71163e2eff59eee097904d96757b4d1408f5
9d137d3c47c37b25f4af54f11526b2ed622b22aecd7f062b92cd787e46464fc2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a13ff34f1f6805135cb084e3cb1044861ca7037ddeaff9e8359bec5cf4010ef4
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4c89bf024f41e242e4bc2f9ba50cf7ce0bda07a8060d0e0b5d71336fff647de
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b5eba3280bbb06092f09258eaf186c9afcf873a5120ac5b7dce887c9da258e06
bf69b0b11aa4b2f83b7eefd9c11edb1d2a4a0bc146d1040be9d5526ab3367573
ceabd016e37f18ed4c571b1549946a6e17abcebaef62bbaa9a9071a696d6510a
cf644a55f623100a0471c92c7cd9f7a6e2b95f4a45376208bd9587b0ca9987c4
da1ade3e8c604cedac82d169f6fdf4813bf7da19d152ee1c11066e47e31d514b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f307334ad51d8ec7869d420e60052941a0d19fa0ca60d8694766c459f663a919
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

www.chordtela.com Open in urlscan Pro 2606:4700:20::681a:366 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

67 %IPv6

17 Domains

28 Subdomains

28 IPs

5 Countries

907 kBTransfer

2440 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.chordtela.com Open in urlscan Pro
2606:4700:20::681a:366 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

67 %
IPv6

17
Domains

28
Subdomains

28
IPs

5
Countries

907 kB
Transfer

2440 kB
Size

15
Cookies

67 HTTP transactions
1 data transactions