sanesolution.com Open in urlscan Pro
141.193.213.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.roinattrack.com/87d00162-2214-4871-979b-1279f50d68f5?site=msn-windows-unitedstates&title=Constant+Throat+Clearin...
Effective URL:
https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Submission: On October 09 via manual (October 9th 2023, 2:08:01 pm UTC) from US — Scanned from DE

Summary HTTP 93 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 58 IPs in 8 countries across 47 domains to perform 93 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is sanesolution.com. The Cisco Umbrella rank of the primary domain is 516077.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 6th 2023. Valid for: a year.

This is the only time sanesolution.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
11	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2600:9000:225... 2600:9000:225e:4800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.99.127 13.32.99.127	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:247d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	18.66.137.164 18.66.137.164	16509 (AMAZON-02) (AMAZON-02)
1 5	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
3	18.66.122.76 18.66.122.76	16509 (AMAZON-02) (AMAZON-02)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.200.119.205 54.200.119.205	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b120:ec5e:651e:a0cc:77a3	14618 (AMAZON-AES) (AMAZON-AES)
1	34.234.124.95 34.234.124.95	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.195.61.190 18.195.61.190	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.52.120.27 23.52.120.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.66.123.6 3.66.123.6	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.241.182.209 34.241.182.209	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	99.81.117.172 99.81.117.172	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.159.114.228 18.159.114.228	16509 (AMAZON-02) (AMAZON-02)
1	44.194.62.128 44.194.62.128	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:1f18:612... 2600:1f18:612b:4200:8e96:3543:6d11:e366	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.213.165.82 23.213.165.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.16.215.2 52.16.215.2	16509 (AMAZON-02) (AMAZON-02)
1	63.33.100.143 63.33.100.143	16509 (AMAZON-02) (AMAZON-02)
1	52.217.117.41 52.217.117.41	16509 (AMAZON-02) (AMAZON-02)
1	35.190.54.17 35.190.54.17	15169 (GOOGLE) (GOOGLE)
1	18.221.230.31 18.221.230.31	16509 (AMAZON-02) (AMAZON-02)
1	99.83.128.14 99.83.128.14	16509 (AMAZON-02) (AMAZON-02)
4	54.83.229.169 54.83.229.169	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.122 18.66.97.122	16509 (AMAZON-02) (AMAZON-02)
93	58

1 18.193.209.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

track.roinattrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

sanesolution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:4800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn1.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-127.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:247d (United States)

ASN13335 (CLOUDFLARENET, US)

js-tag.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-164.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.227.244.1 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-76.fra60.r.cloudfront.net

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.119.205 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-119-205.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:ec5e:651e:a0cc:77a3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.124.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-124-95.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.61.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.123.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-123-6.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.182.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.117.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-117-172.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.114.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-114-228.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.62.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-62-128.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:8e96:3543:6d11:e366 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.215.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-215-2.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.117.41 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

addshoppers.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com

shopper.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.221.230.31 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-230-31.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.128.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com

nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.83.229.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-229-169.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-122.fra56.r.cloudfront.net

cdn.nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4198 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 widget.us.criteo.com — Cisco Umbrella Rank: 25599 dis.criteo.com — Cisco Umbrella Rank: 648	35 KB
11	sanesolution.com sanesolution.com — Cisco Umbrella Rank: 516077	681 KB
6	shop.pe 1 redirects shop.pe — Cisco Umbrella Rank: 13630 shopper.shop.pe — Cisco Umbrella Rank: 16562 app.shop.pe — Cisco Umbrella Rank: 16224	11 KB
5	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 140403 io.v2.customerlabs.co — Cisco Umbrella Rank: 143206	32 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1126 trc.taboola.com — Cisco Umbrella Rank: 680 sync-t1.taboola.com — Cisco Umbrella Rank: 1598 trc-events.taboola.com — Cisco Umbrella Rank: 2281	22 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	391 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6147	669 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	816 B
3	cloudfront.net d3rr3d0n31t48m.cloudfront.net	54 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3307 rp.liadm.com — Cisco Umbrella Rank: 1727 rp4.liadm.com — Cisco Umbrella Rank: 6196	16 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	216 B
2	nytrng.com nytrng.com — Cisco Umbrella Rank: 8165 cdn.nytrng.com — Cisco Umbrella Rank: 25252	836 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1837	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	140 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	83 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	zemanta.com js-tag.zemanta.com — Cisco Umbrella Rank: 27624 p1.zemanta.com — Cisco Umbrella Rank: 17480	4 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 53383 business.newsbreak.com — Cisco Umbrella Rank: 15476	3 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2648	268 B
1	amazonaws.com addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 21290	3 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2848	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33274	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2985	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 900	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1252	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1304	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10624	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 761	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 470	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 773	341 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1279	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2637	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 409	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 780	785 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405	30 KB
1	decide.dev cdn1.decide.dev — Cisco Umbrella Rank: 24839	672 B
1	roinattrack.com 1 redirects track.roinattrack.com — Cisco Umbrella Rank: 238680	629 B
93	47

	Domain	Requested by
11	sanesolution.com	sanesolution.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	www.googletagmanager.com	sanesolution.com www.googletagmanager.com
4	io.v2.customerlabs.co	cdn.js.customerlabs.co
4	shop.pe	1 redirects d3rr3d0n31t48m.cloudfront.net shopper.shop.pe
3	ib.adnxs.com	2 redirects
3	www.google.de	sanesolution.com
3	d3rr3d0n31t48m.cloudfront.net	sanesolution.com shop.pe
2	trc-events.taboola.com	cdn.taboola.com
2	www.facebook.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	connect.facebook.net	sanesolution.com connect.facebook.net
2	www.google.com	sanesolution.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cdn.nytrng.com	nytrng.com
1	nytrng.com	d3rr3d0n31t48m.cloudfront.net
1	s.thebrighttag.com
1	app.shop.pe	d3rr3d0n31t48m.cloudfront.net
1	shopper.shop.pe	shop.pe
1	addshoppers.s3.amazonaws.com	d3rr3d0n31t48m.cloudfront.net
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	sanesolution.com
1	sslwidget.criteo.com	1 redirects
1	trc.taboola.com	cdn.taboola.com
1	rp4.liadm.com	sanesolution.com
1	rp.liadm.com	1 redirects
1	business.newsbreak.com	static.newsbreak.com
1	mug.criteo.com	sanesolution.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	p1.zemanta.com	sanesolution.com
1	cdn.js.customerlabs.co	sanesolution.com
1	cdn.taboola.com	sanesolution.com
1	js-tag.zemanta.com	sanesolution.com
1	static.newsbreak.com	sanesolution.com
1	ajax.googleapis.com	sanesolution.com
1	dynamic.criteo.com	sanesolution.com
1	cdn1.decide.dev	sanesolution.com
1	b-code.liadm.com	sanesolution.com
1	track.roinattrack.com	1 redirects
93	66

This site contains links to these domains. Also see Links.

Domain
store.sanesolution.com

Subject Issuer	Validity	Valid
sanesolution.com Cloudflare Inc ECC CA-3	`2023-09-06` - `2024-09-05`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
cdn1.decide.dev R3	`2023-09-03` - `2023-12-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-06-25` - `2024-07-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M02	`2023-08-28` - `2024-09-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-17` - `2023-10-15`	3 months	crt.sh
*.shop.pe RapidSSL TLS RSA CA G1	`2023-07-13` - `2024-07-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
nytrng.com Amazon RSA 2048 M02	`2023-03-25` - `2024-04-22`	a year	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh
*.nytrng.com Amazon RSA 2048 M03	`2023-08-15` - `2024-09-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Frame ID: 0D3828E84EB2E1C538F345624AA1F927
Requests: 59 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=sanesolution.com&origin=onetag
Frame ID: 042FEC0F0366A1D32CDBDAA0FE7F76E6
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbYMGYwaZhfMgSws1rx1AjAVJ5LQt6X4qqlf1A&google_gid=CAESECVCC7bECC9CdXbwSatYtH0&google_cver=1&google_ula=913071,0
Frame ID: 784B01DDD9A7994986CC742670798E59
Requests: 30 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=978ff5d70f7f454db4747158fc6ad9a8
Frame ID: 293AD86D0B03C1A0649B0A183B093F9D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Throat Phlegm Solution

Page URL History Show full URLs

https://track.roinattrack.com/87d00162-2214-4871-979b-1279f50d68f5?site=msn-windows-unitedstates&title=Con... HTTP 302
https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

89 %
HTTPS

26 %
IPv6

47
Domains

66
Subdomains

58
IPs

8
Countries

1396 kB
Transfer

2881 kB
Size

47
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://store.sanesolution.com/pages/review-policy?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Title: REVIEW POLICY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.roinattrack.com/87d00162-2214-4871-979b-1279f50d68f5?site=msn-windows-unitedstates&title=Constant+Throat+Clearing+And+Coughing%3F+Your+Body+Is+Trying+To+Tell+You+This&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F2dbbbe07d56fbffbca0f38b7710e6735.jpg&campaign_item={campaign_item}&campid=28064271&campaign_item_id=3785448895&site_id=1325982&click_id=GiD3JzGwex1K8ZrwonprYDUFiRHqw5_gkxy0XeHpjWVx-iCxwlso5533psyr39YJ&tblci=GiD3JzGwex1K8ZrwonprYDUFiRHqw5_gkxy0XeHpjWVx-iCxwlso HTTP 302
https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 30

https://gum.criteo.com/sid/json?origin=onetag&domain=sanesolution.com&sn=ChromeSyncframe&so=0&topUrl=sanesolution.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jg6Xh3x4VU1LbGlTRWFjRUVIL3FidTQ5K1B3SkJMTTNwRmJsM0ZBN3ZoN2hDOWhydktOV3JFNGlDVmxIby9CczZvak84Q3BBbmEyLy9yRWN1QTRsNmI4NEV0dEo3RHFLdmMxd09yM3RjdlB3LzFkMTYrbDBscGNrNGd4Q1VzOUtwRFErcFpIRmdPbmthWncxeTkzdld4S1dYTWozekZMVllHSFk1a2ZMN3hieHdOcWZML21UQ0QxZDNIeFROOW9jbFg5ZHlDLzgyUWozNEtXUFBEaWNObmxkSVd3cjMrZEg5VExBNEJkZlFEWWlYNlZYL1JNeHZXZG81WmtNa0k1YzBIOWViMTViMjdCeTJ2U2llN2NGSG1vMnNxdldNbElGSlJLNTVEOUtrNTdwQkFuTT18&cppv=2

Request Chain 32

https://rp.liadm.com/j?dtstmp=1696860474425&aid=a-08g0&se=e30&duid=851a35c48e44--01hcac82wnq1e98x8g6n1v5126&tna=v2.8.0&pu=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&wpn=lc-bundle&c=PHRpdGxlPlRocm9hdCBQaGxlZ20gU29sdXRpb248L3RpdGxlPjxoMT5Ub3AgSXZ5IExlYWd1ZSBEb2N0b3I6ICJJcyBUaHJvYXQgUGhsZWdtIEEgU2lnbiBvZiA8dT5Tb21ldGhpbmcgV29yc2U_PC91PiIuLi48L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1696860474425&aid=a-08g0&se=e30&duid=851a35c48e44--01hcac82wnq1e98x8g6n1v5126&tna=v2.8.0&pu=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&wpn=lc-bundle&c=PHRpdGxlPlRocm9hdCBQaGxlZ20gU29sdXRpb248L3RpdGxlPjxoMT5Ub3AgSXZ5IExlYWd1ZSBEb2N0b3I6ICJJcyBUaHJvYXQgUGhsZWdtIEEgU2lnbiBvZiA8dT5Tb21ldGhpbmcgV29yc2U_PC91PiIuLi48L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjEy&n3pc=true

Request Chain 42

https://sslwidget.criteo.com/event?a=102045&v=5.18.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=dSAH4l9temc0aVFIRWVheHQlMkY1WGpreVpzc1kzejlCSXRyeVgyVzBGNmVaQ1JjU1hmSVFoZmdPdiUyRk1na0pQQk5rVWxUdlBFMWFUUUV3WXZUbTcwRWdSOUJtT0pLN1AzJTJCWG1CM0ZUQ1lTdUN2Wk1Rbm5EZEFQM3JNcmYzUWhvRnRXRyUyQnNoUldxTDZreGtCMCUyQjJuelpsWmJ4bHhCUmxjQmR0ZHFRMk84YlYxQkp4UlE4JTNE&tld=sanesolution.com&dy=1&fu=https%253A%252F%252Fsanesolution.com%252Flp%252Farticles%252Fvt%252Fro%252Fphlegm-sign-something-worse%252F%253Fcid%253Dwbudh46hv4a6b66si0ovjhe0%2526txid%253D&ceid=51bb948e-3e40-44f4-92e7-654957b6bfc9&dtycbr=46181 HTTP 302
https://widget.us.criteo.com/event?a=102045&v=5.18.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=dSAH4l9temc0aVFIRWVheHQlMkY1WGpreVpzc1kzejlCSXRyeVgyVzBGNmVaQ1JjU1hmSVFoZmdPdiUyRk1na0pQQk5rVWxUdlBFMWFUUUV3WXZUbTcwRWdSOUJtT0pLN1AzJTJCWG1CM0ZUQ1lTdUN2Wk1Rbm5EZEFQM3JNcmYzUWhvRnRXRyUyQnNoUldxTDZreGtCMCUyQjJuelpsWmJ4bHhCUmxjQmR0ZHFRMk84YlYxQkp4UlE4JTNE&tld=sanesolution.com&dy=1&fu=https%253A%252F%252Fsanesolution.com%252Flp%252Farticles%252Fvt%252Fro%252Fphlegm-sign-something-worse%252F%253Fcid%253Dwbudh46hv4a6b66si0ovjhe0%2526txid%253D&ceid=51bb948e-3e40-44f4-92e7-654957b6bfc9&dtycbr=46181

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RbYMGYwaZhfMgSws1rx1AjAVJ5LQt6X4qqlf1A&google_cm&google_hm=ay1SYllNR1l3YVpoZk1nU3dzMXJ4MUFqQVZKNUxRdDZYNHFxbGYxQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbYMGYwaZhfMgSws1rx1AjAVJ5LQt6X4qqlf1A&google_gid=CAESECVCC7bECC9CdXbwSatYtH0&google_cver=1&google_ula=913071,0

Request Chain 48

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4135388491505302043

Request Chain 59

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Skuah4waZhfMgSws1rx1AjAVJ5JIQz6Y7hffMg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Skuah4waZhfMgSws1rx1AjAVJ5JIQz6Y7hffMg&C=1

Request Chain 60

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YiBWmQZ6IZReDBJU5LEi622ZnjoNyxze HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YiBWmQZ6IZReDBJU5LEi622ZnjoNyxze

Request Chain 75

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=CrZOhRFhD5XqVt45AgUJQk4R79u0XTZF

Request Chain 80

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=PbN-3CW_zJvzUf3sQH6D1RUe73sz81WH

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/
Redirect Chain

https://track.roinattrack.com/87d00162-2214-4871-979b-1279f50d68f5?site=msn-windows-unitedstates&title=Constant+Throat+Clearing+And+Coughing%3F+Your+Body+Is+Trying+To+Tell+You+This&thumbnail=http%3...
https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

14 KB
6 KB

517ms
473ms

Document
text/html

141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1f0f58835cdef32f568bbc4011ab459a3e319c54a15d9f09e905a7056b5af0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81373145cf5137e3-FRA
content-encoding: br
content-type: text/html
date: Mon, 09 Oct 2023 14:07:53 GMT
etag: W/"64f76ab8-39ca"
last-modified: Tue, 05 Sep 2023 17:51:52 GMT
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding
x-pass-why: custom-path

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Mon, 09 Oct 2023 14:07:53 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
pragma: no-cache
server: nginx

GET
H2 200 style.css
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/ 13 KB
3 KB 477ms
476ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/style.css
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b589881f7ab39e05ef281eca71541c81369dc9711a10e54073d0efd9c3009bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:19:58 GMT
server: cloudflare
etag: W/"63ed143e-32d9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81373148cae237e3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 a-08g0.min.js Show response
b-code.liadm.com/ 44 KB
15 KB 55ms
12ms Script
application/javascript 2600:9000:225e:4800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-08g0.min.js
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 27f7ba7ce11c2304e4064bcb6d0598dfd2c34deba5058fbbbb508c6f9b044518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 00:47:12 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 48041
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: vk4TK4pnRMR0LcGq7s9egnUcXJ_a-oQxVWhk647M3YmNw7cQzem0PQ==

GET
H2 200 roimarketplace_lander.js Show response
cdn1.decide.dev/tracking/ 1004 B
672 B 478ms
413ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.decide.dev/tracking/roimarketplace_lander.js
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a69ae34dff38442477828063a6a33a8dc791647feecb79fc4e286b142e5ca490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 17:39:04 GMT
etag: "b757e3416e479e2841a9cd1006da367f"
x-hw: 1696860473.cds334.fr8.hn,1696860473.cds289.fr8.sc,1696860474.cds289.fr8.pr
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: https://decide.dev
content-length: 436

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 58ms
18ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102045

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

478e3bcd7d496f201a9e5edcc30bcf82dda8a3462ce8c70a1830da4194388a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-964325385

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aeb668441886ec2d5c0abe5b3106cee7f6c00b5859f46d9e2b056adba2e2b720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74842
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:07:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 55ms
31ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53756001-3

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37b30c1b6872fba4e22d1dce19410431648b06d5606787597066518511ddf6cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64860
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:07:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
90 KB 66ms
41ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W29TJ99181

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57209088f0fdf4549d3445d5289acb6023473ee9c5f34508e64ff252183ff823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 14:07:54 GMT

GET
H3 200 fox-side-jb.jpg
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/ 93 KB
93 KB 587ms
584ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/fox-side-jb.jpg
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed902a3b90cf2f54e7b3bc7436a485f0f6e1c455e60d6431da8085cca0b461a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:27 GMT
server: cloudflare
etag: "63ed145b-173f7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314beea79189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 95223

GET
H3 200 square-image3.jpg
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/ 45 KB
45 KB 580ms
578ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/square-image3.jpg
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2c15bcf6cb75c466a42b23f22848962704e11764bc3d211f20c4093ae6234d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:31 GMT
server: cloudflare
etag: "63ed145f-b460"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314beea99189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46176

GET
H3 200 play-video-sam.gif
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/ 226 KB
226 KB 595ms
592ms Image
image/gif 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/play-video-sam.gif
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bb2e465d6851f188fec6e7c5060aa7f2d7890d7c8d1da1e2a23c4507062896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:29 GMT
server: cloudflare
etag: "63ed145d-3889f"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314beeaa9189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 231583

GET
H3 200 watch-now-blue.jpg
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/ 11 KB
11 KB 472ms
469ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/watch-now-blue.jpg
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 228cc0fc8d95a14c7d7ede4b2576b61a717b3622e9ca12222f395fc7727bc32c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:31 GMT
server: cloudflare
etag: "63ed145f-2b0f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314beeab9189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11023

GET
H3 200 sane-logo-black.png
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/ 7 KB
7 KB 475ms
472ms Image
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/sane-logo-black.png
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21ba129f7fd1614a2853c4bdc6e9d7832da72bb99c0ac1d9e44a18acc3b9a4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:28 GMT
server: cloudflare
etag: "63ed145c-1a2c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314beeac9189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6700

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 06:15:22 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 93ms
8ms Script
application/javascript 13.32.99.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1696896000000
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
date: Mon, 09 Oct 2023 08:27:45 GMT
x-amz-cf-pop: FRA60-P3
age: 34610
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: EwQX8_iUIKGFgix8WRZbj_CfSZWU1EmvmSDTXNRIE_3A3bQuLI27wQ==

GET
H2 200 zcpt.js Show response
js-tag.zemanta.com/ 8 KB
3 KB 57ms
20ms Script
application/javascript 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-tag.zemanta.com/zcpt.js
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 08:53:31 GMT
server: cloudflare
x-amz-request-id: XKV9YSZFV6N6BJ0E
age: 112
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8137314c29bb3a98-FRA
x-amz-id-2: 9G9s4pouDSbu9Gbw9ip/urgnYnR4sXnwy/BQYK7OAP1rtEtIvLaZKIA5Uz9cKnvjrDrN4BKIVAw=

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1499441/ 64 KB
20 KB 135ms
109ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1499441/tfa.js
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c30ec932b2f90a75056c69704ae0c2d3819b8d5930a2b87cae5ee8efd781487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: TBpDmkcCNnFZkQzILj9lEljGQhdiZdjV
content-encoding: gzip
via: 1.1 varnish
date: Mon, 09 Oct 2023 14:07:54 GMT
x-amz-request-id: 698QJN8FRJ4GK58P
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 19981
x-amz-id-2: lUQn7CJ1ye1IDyKG6hyaqarX5zCtrgYRZnb90Gll8ZMaRi3XyZ6H1QY8UrSm5U0PUHPOo9T04gM=
x-served-by: cache-fra-eddf8230038-FRA
last-modified: Sun, 08 Oct 2023 15:51:35 GMT
server: AmazonS3
x-timer: S1696860474.252945,VS0,VE102
etag: "8af4bb8dac031b1753a95fdc75068a01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cl52017rotz264.js Show response
cdn.js.customerlabs.co/ 150 KB
31 KB 674ms
599ms Script
application/javascript 18.66.137.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl52017rotz264.js
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-164.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ba251b923c258c51e4ae6014b2efe238bf67c3d996f9d2e872bd4a5b21e305c

Request headers

Referer: https://sanesolution.com/
Origin: https://sanesolution.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: mI5_WqlN3PXPNR0AytCIN8wZXOn9wf1T
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
date: Mon, 09 Oct 2023 14:07:55 GMT
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Sep 2023 08:45:34 GMT
server: AmazonS3
etag: W/"58e91efeb0f94504ef89af1db0f54353"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header, Content-Length
cache-control: max-age=90
x-amz-cf-id: qjqxCDMA3213OEoRV_ZayWOVT40vqQD4joKl6yzgfUKDptWG_E1SOQ==

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

161ms
7ms

Script
application/javascript

18.66.122.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Server: 18.66.122.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df6ff87824ec5259c506694ad1991151c726558097801b4646355a419978290d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:16:42 GMT
content-encoding: gzip
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1045
last-modified: Thu, 05 Oct 2023 14:16:12 GMT
server: AmazonS3
etag: "a004e1eab49fd228eeb5a2594ba3ce67"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: LjobA13Aa4O7n0QHhZLcwJKmXmPmprsjQsfid142j1AxlEufW9UOew==
x-amz-meta-mtime: 1696515370.67

Redirect headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-security-policy: frame-ancestors none;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
server: nginx
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178

GET
H3 200 background.jpg
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/ 160 KB
160 KB 594ms
593ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/images/background.jpg
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: daafbc404769227796b0be93cc865815d71ecc7f637f4fdd3e17a6252dd709f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:21 GMT
server: cloudflare
etag: "63ed1455-28077"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314bfeb59189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 163959

GET
H3 200 Roboto-Bold.woff2
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/fonts/ 64 KB
65 KB 594ms
593ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/fonts/Roboto-Bold.woff2
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741

Request headers

Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/style.css
Origin: https://sanesolution.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:03 GMT
server: cloudflare
etag: "63ed1443-101b4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314bfeb89189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65972

GET
H3 200 Roboto-Regular.woff2
sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/fonts/ 64 KB
65 KB 595ms
595ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/fonts/Roboto-Regular.woff2
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/css/style.css
Origin: https://sanesolution.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 17:20:15 GMT
server: cloudflare
etag: "63ed144f-1017c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8137314bfeb99189-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65916

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 042F 15 KB
6 KB 46ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=sanesolution.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sanesolution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:07:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 322434
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
p1.zemanta.com/v2/p/js/55768/PAGE_VIEW/ 26 B
111 B 468ms
452ms Image
image/gif 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.zemanta.com/v2/p/js/55768/PAGE_VIEW/?bust=09812640984659824&optOut=false
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-robots-tag: none
cf-ray: 8137314c69f13a98-FRA
content-length: 26
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-964325385&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53756001-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f40942f929dd569e0334735e5d210ec552032f41d84996fa5e6a75be2dafd394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74890
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:07:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53756001-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 13:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 981
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 09 Oct 2023 15:51:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
90 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W29TJ99181&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53756001-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11ad1fcf3a21106e5a94e59f46f0be20e9b446f71d51327f12857559c5ed239e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 14:07:54 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964325385/ 3 KB
2 KB 77ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964325385/?random=1696860474328&cv=11&fst=1696860474328&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&hn=www.googleadservices.com&frm=0&tiba=Throat%20Phlegm%20Solution&auid=1630191258.1696860474&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-964325385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62e4df467c213c3d7b22365b084bf654feb75778899fdb6cc2ccc216484ffb78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W29TJ99181&gtm=45je3a40&_p=1487583341&_gaz=1&cid=168897765.1696860474&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696860474&sct=1&seg=0&dl=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&dt=Throat%20Phlegm%20Solution&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W29TJ99181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sanesolution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 208ms
18ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W29TJ99181&cid=168897765.1696860474&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W29TJ99181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sanesolution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 79ms
45ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W29TJ99181&cid=168897765.1696860474&gtm=45je3a40&aip=1&z=123916971

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 042F
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=sanesolution.com&sn=ChromeSyncframe&so=0&topUrl=sanesolution.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=jg6Xh3x4VU1LbGlTRWFjRUVIL3FidTQ5K1B3SkJMTTNwRmJsM0ZBN3ZoN2hDOWhydktOV3JFNGlDVmxIby9CczZvak84Q3BBbmEyLy9yRWN1QTRsNmI4NEV0dEo3RHFLdmMxd09yM3RjdlB3LzFkMTYrbDBscGNrNGd4Q1...

459 B
673 B

155ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jg6Xh3x4VU1LbGlTRWFjRUVIL3FidTQ5K1B3SkJMTTNwRmJsM0ZBN3ZoN2hDOWhydktOV3JFNGlDVmxIby9CczZvak84Q3BBbmEyLy9yRWN1QTRsNmI4NEV0dEo3RHFLdmMxd09yM3RjdlB3LzFkMTYrbDBscGNrNGd4Q1VzOUtwRFErcFpIRmdPbmthWncxeTkzdld4S1dYTWozekZMVllHSFk1a2ZMN3hieHdOcWZML21UQ0QxZDNIeFROOW9jbFg5ZHlDLzgyUWozNEtXUFBEaWNObmxkSVd3cjMrZEg5VExBNEJkZlFEWWlYNlZYL1JNeHZXZG81WmtNa0k1YzBIOWViMTViMjdCeTJ2U2llN2NGSG1vMnNxdldNbElGSlJLNTVEOUtrNTdwQkFuTT18&cppv=2

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e54f0047a2774101a2f9bc5a82bbe8b18e395642d9be29a6f5dbdf3cd93d617f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1389186
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jg6Xh3x4VU1LbGlTRWFjRUVIL3FidTQ5K1B3SkJMTTNwRmJsM0ZBN3ZoN2hDOWhydktOV3JFNGlDVmxIby9CczZvak84Q3BBbmEyLy9yRWN1QTRsNmI4NEV0dEo3RHFLdmMxd09yM3RjdlB3LzFkMTYrbDBscGNrNGd4Q1VzOUtwRFErcFpIRmdPbmthWncxeTkzdld4S1dYTWozekZMVllHSFk1a2ZMN3hieHdOcWZML21UQ0QxZDNIeFROOW9jbFg5ZHlDLzgyUWozNEtXUFBEaWNObmxkSVd3cjMrZEg5VExBNEJkZlFEWWlYNlZYL1JNeHZXZG81WmtNa0k1YzBIOWViMTViMjdCeTJ2U2llN2NGSG1vMnNxdldNbElGSlJLNTVEOUtrNTdwQkFuTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 217056
content-length: 0
expires: 0

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 547ms
174ms Ping
application/json 54.200.119.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1611721721269575682&uid=1-bqwwcush-lniywxm8&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&rl=&ts=1696860474221&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Throat%20Phlegm%20Solution&bn=Chrome%20117&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&tz=-120&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1696896000000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.200.119.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-119-205.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1696860474425&aid=a-08g0&se=e30&duid=851a35c48e44--01hcac82wnq1e98x8g6n1v5126&tna=v2.8.0&pu=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-some...
https://rp4.liadm.com/j?dtstmp=1696860474425&aid=a-08g0&se=e30&duid=851a35c48e44--01hcac82wnq1e98x8g6n1v5126&tna=v2.8.0&pu=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-som...

13 B
552 B

354ms
99ms

XHR
application/json

34.234.124.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1696860474425&aid=a-08g0&se=e30&duid=851a35c48e44--01hcac82wnq1e98x8g6n1v5126&tna=v2.8.0&pu=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&wpn=lc-bundle&c=PHRpdGxlPlRocm9hdCBQaGxlZ20gU29sdXRpb248L3RpdGxlPjxoMT5Ub3AgSXZ5IExlYWd1ZSBEb2N0b3I6ICJJcyBUaHJvYXQgUGhsZWdtIEEgU2lnbiBvZiA8dT5Tb21ldGhpbmcgV29yc2U_PC91PiIuLi48L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjEy&n3pc=true

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Server

34.234.124.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-124-95.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
x-pixel-event-id: d65dcae5-81b3-4e9d-8313-00a7f11eeb93
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 528b237cb1715ae5
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 09 Oct 2023 14:07:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1696860474425&aid=a-08g0&se=e30&duid=851a35c48e44--01hcac82wnq1e98x8g6n1v5126&tna=v2.8.0&pu=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&wpn=lc-bundle&c=PHRpdGxlPlRocm9hdCBQaGxlZ20gU29sdXRpb248L3RpdGxlPjxoMT5Ub3AgSXZ5IExlYWd1ZSBEb2N0b3I6ICJJcyBUaHJvYXQgUGhsZWdtIEEgU2lnbiBvZiA8dT5Tb21ldGhpbmcgV29yc2U_PC91PiIuLi48L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjEy&n3pc=true
access-control-allow-origin: https://sanesolution.com
request-time: 0
access-control-allow-credentials: true
trace-id: 80eb7c81dcaeb728
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 19ms
18ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1487583341&t=pageview&_s=1&dl=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&ul=en-us&de=UTF-8&dt=Throat%20Phlegm%20Solution&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1296049051&gjid=346266319&cid=168897765.1696860474&tid=UA-53756001-3&_gid=842172009.1696860474&_r=1&gtm=457e3a40&jsscut=1&z=1012374176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sanesolution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sanesolution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1499441/trc/3/ 2 KB
2 KB 40ms
29ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1499441/trc/3/json?tim=1696860474462&data=%7B%22id%22%3A587%2C%22ii%22%3A%22%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1696860474453%2C%22cv%22%3A%2220231008-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-mattpsanesolutioncom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1696860474460%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1499441/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 600b386fb5fd8de4438d5b6a4801ec8fefdc98c2e273b4f5913b4e8bfc4860db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.2834375
x-fastly-to-nlb-rtt: 7408
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230038-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1696860474.478237,VS0,VE22
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/964325385/ 42 B
455 B 150ms
30ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964325385/?random=1696860474328&cv=11&fst=1696860000000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&frm=0&tiba=Throat%20Phlegm%20Solution&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3767735371&rmt_tld=0&ipr=y

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964325385/ 42 B
154 B 20ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964325385/?random=1696860474328&cv=11&fst=1696860000000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&frm=0&tiba=Throat%20Phlegm%20Solution&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3767735371&rmt_tld=1&ipr=y

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 136ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-53756001-3&cid=168897765.1696860474&jid=1296049051&gjid=346266319&_gid=842172009.1696860474&_u=YADAAUAAAAAAACAAI~&z=405569923

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sanesolution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Oct 2023 14:07:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sanesolution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 11 KB
4 KB 7ms
7ms Script
application/javascript 18.66.122.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=887112e
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b4c8cab5b08674a09cb0719abd984198123d97831844808b90ec48756571422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 14:16:33 GMT
content-encoding: gzip
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 345082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3869
last-modified: Thu, 05 Oct 2023 14:16:12 GMT
server: AmazonS3
etag: "2324f893df2e43f7ab4f9f8ce2b9f5fc"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-amz-cf-id: jMrb2MfBU4o3dWyKw82TmwAUB_fuC_GIb7wV7UXW3xsqRDkjrvYZcw==
x-amz-meta-mtime: 1696515370.66

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 189 KB
48 KB 8ms
8ms Script
application/javascript 18.66.122.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=c02aad9
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c60168ae605892c0b62f160f37e21857cdf313422c3437bb3ea0d2f70309448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 14:16:33 GMT
content-encoding: gzip
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 345082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 48840
last-modified: Thu, 05 Oct 2023 14:16:12 GMT
server: AmazonS3
etag: "4333f7d1fbf1c565eafbfbe4178441aa"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-amz-cf-id: _SaXLACNulsKEY-fUM8jfSMV-yf1TJFF6CDzUJrrc0_IHeN3nEnxyw==
x-amz-meta-mtime: 1696515369.04

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 49ms
48ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-53756001-3&cid=168897765.1696860474&jid=1296049051&_u=YADAAUAAAAAAACAAI~&z=683959624

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-53756001-3&cid=168897765.1696860474&jid=1296049051&_u=YADAAUAAAAAAACAAI~&z=683959624

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102045&v=5.18.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Z...
https://widget.us.criteo.com/event?a=102045&v=5.18.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Z...

10 KB
5 KB

304ms
108ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102045&v=5.18.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=dSAH4l9temc0aVFIRWVheHQlMkY1WGpreVpzc1kzejlCSXRyeVgyVzBGNmVaQ1JjU1hmSVFoZmdPdiUyRk1na0pQQk5rVWxUdlBFMWFUUUV3WXZUbTcwRWdSOUJtT0pLN1AzJTJCWG1CM0ZUQ1lTdUN2Wk1Rbm5EZEFQM3JNcmYzUWhvRnRXRyUyQnNoUldxTDZreGtCMCUyQjJuelpsWmJ4bHhCUmxjQmR0ZHFRMk84YlYxQkp4UlE4JTNE&tld=sanesolution.com&dy=1&fu=https%253A%252F%252Fsanesolution.com%252Flp%252Farticles%252Fvt%252Fro%252Fphlegm-sign-something-worse%252F%253Fcid%253Dwbudh46hv4a6b66si0ovjhe0%2526txid%253D&ceid=51bb948e-3e40-44f4-92e7-654957b6bfc9&dtycbr=46181

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

10b593013b599f911ebc17a48faf5719b872ba229cf45018c7c1f96873386db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17035683
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=102045&v=5.18.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=dSAH4l9temc0aVFIRWVheHQlMkY1WGpreVpzc1kzejlCSXRyeVgyVzBGNmVaQ1JjU1hmSVFoZmdPdiUyRk1na0pQQk5rVWxUdlBFMWFUUUV3WXZUbTcwRWdSOUJtT0pLN1AzJTJCWG1CM0ZUQ1lTdUN2Wk1Rbm5EZEFQM3JNcmYzUWhvRnRXRyUyQnNoUldxTDZreGtCMCUyQjJuelpsWmJ4bHhCUmxjQmR0ZHFRMk84YlYxQkp4UlE4JTNE&tld=sanesolution.com&dy=1&fu=https%253A%252F%252Fsanesolution.com%252Flp%252Farticles%252Fvt%252Fro%252Fphlegm-sign-something-worse%252F%253Fcid%253Dwbudh46hv4a6b66si0ovjhe0%2526txid%253D&ceid=51bb948e-3e40-44f4-92e7-654957b6bfc9&dtycbr=46181
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11638538
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 46ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 14:07:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: gFXJf31TAmgCUH+HxTcjHuZa3sq3r0iHWOyU3H2bAq0Ciu5Pu9j1GpQyOira5hcV4S9kWKTzodH7TMCEJYIgPg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 664281363673750 Show response
connect.facebook.net/signals/config/ 110 KB
30 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/664281363673750?v=2.9.132&r=stable&domain=sanesolution.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4509f9e0ddef8ce29da554dd9204c287a842beca50e425596f0db2da148f4c88

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 14:07:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: pFyWelgEzxXJH0chO/S9ihrcqoS9sukxpKSA5i7vnUwqJcuWapWUxFlee/iTuk4dwK4xtSCcUiyx1shQyz0cwQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 params Show response
shop.pe/widget/main/init/ 260 B
746 B 122ms
121ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=636ead3c5a984a0518fa8bc2&product=Throat%20Phlegm%20Solution&product_url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=46886&cookie=&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=c02aad9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ffd722d32e592f7fabc47327a93b5206eb17948c954084f118488a15fac72598

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
content-security-policy: frame-ancestors none;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
etag: W/"dcf0e3ff3009c33a8db38d340820b4538ad5e04d"
x-frame-options: deny
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
access-control-allow-origin: https://my.addshoppers.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 784B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RbYMGYwaZhfMgSws1rx1AjAVJ5LQt6X4qqlf1A&google_cm&google_hm=ay1SYllNR1l3YVpoZk1nU3dzMXJ4MUFqQVZKNUxRdDZYN...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbYMGYwaZhfMgSws1rx1AjAVJ5LQt6X4qqlf1A&google_gid=CAESECVCC7bECC9CdXbwSatYtH0&google_cver=1&google_ula=913071,0

43 B
370 B

53ms
17ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbYMGYwaZhfMgSws1rx1AjAVJ5LQt6X4qqlf1A&google_gid=CAESECVCC7bECC9CdXbwSatYtH0&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1465838
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbYMGYwaZhfMgSws1rx1AjAVJ5LQt6X4qqlf1A&google_gid=CAESECVCC7bECC9CdXbwSatYtH0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 784B 43 B
146 B 83ms
8ms Image
image/gif 18.195.61.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1TlVZYwaZhfMgSws1rx1AjAVJ5JlXchwJRIZ5g&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 784B
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4135388491505302043

43 B
370 B

47ms
16ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4135388491505302043

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 911245
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
an-x-request-uuid: 053aad63-bb3e-48c3-8ce5-620552aa2ac7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4135388491505302043
x-proxy-origin: 178.162.209.138; 178.162.209.138; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 784B 53 B
785 B 113ms
71ms Image
image/gif 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-QiltmYwaZhfMgSws1rx1AjAVJ5Jnz6zSi7bxzw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 14:07:55 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Mon, 09 Oct 2023 14:07:55 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 784B 0
239 B 77ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-QwJyHYwaZhfMgSws1rx1AjAVJ5LnLQvij3CM4g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 784B 0
35 B 68ms
8ms Image
text/plain 3.66.123.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-mcgoHowaZhfMgSws1rx1AjAVJ5JHZY9eRjvv7Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.123.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-123-6.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 784B 43 B
163 B 121ms
21ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-hgcpyYwaZhfMgSws1rx1AjAVJ5La4YMgEiAYaw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 784B 0
99 B 76ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-__q5YowaZhfMgSws1rx1AjAVJ5If05gJOsI0Pw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12968

GET
H2 200 um
criteo-sync.teads.tv/ Frame 784B 23 B
163 B 82ms
36ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-OIjMxYwaZhfMgSws1rx1AjAVJ5Kta2FL2424NQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Mon, 09 Oct 2023 14:07:55 GMT
pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 784B 37 B
140 B 40ms
13ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-MxYPi4waZhfMgSws1rx1AjAVJ5JaFihDgogDhA&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 784B 0
125 B 49ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hAPMrowaZhfMgSws1rx1AjAVJ5IKlMHKlDiFuQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 784B 43 B
163 B 90ms
22ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-AY7zv4waZhfMgSws1rx1AjAVJ5ISz80m4hW8GQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 784B 49 B
341 B 70ms
20ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-ad7CzowaZhfMgSws1rx1AjAVJ5L83Pr-L2r2lw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 784B
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Skuah4waZhfMgSws1rx1AjAVJ5JIQz6Y7hffMg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Skuah4waZhfMgSws1rx1AjAVJ5JIQz6Y7hffMg&C=1

43 B
322 B

29ms
25ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Skuah4waZhfMgSws1rx1AjAVJ5JIQz6Y7hffMg&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad4Kd5C4G%2BshGsYenfMrjqoJq4dB8RONFf86fVO3Q9D6NTQ8Gkx4mCPSwtyDfhPUszk6lSRCR0twHbNa52Ew3lVzkfs1RUsyvWk2G0eaulpvLL%2BJ8FFzxdvRR7RGmobtowH2"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813731524b124db7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yooGLyP5x28LYuig4X%2FoUIQmtVdsINEqsgg5kAfC4D9U1ltFVjuO8WBVEHS%2BNCjMj8nVo%2FAPZNw2m0QEhlryObONyjd%2Bb683j8jEBJXB88y3Kx%2Ff2RUM4MbtFqfelUz71yZu"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-Skuah4waZhfMgSws1rx1AjAVJ5JIQz6Y7hffMg&C=1
cache-control: no-cache
cf-ray: 813731522ae54db7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 784B
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YiBWmQZ6IZReDBJU5LEi622ZnjoNyxze
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YiBWmQZ6IZReDBJU5LEi622ZnjoNyxze

42 B
942 B

31ms
31ms

Image
image/gif

34.241.182.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YiBWmQZ6IZReDBJU5LEi622ZnjoNyxze

Protocol

HTTP/1.1

Server

34.241.182.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v052-07cff6299.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vnQSRIzZSTg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v052-000b601e8.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cco0+qBxQ2w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YiBWmQZ6IZReDBJU5LEi622ZnjoNyxze
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 784B 43 B
921 B 62ms
17ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-LTwOv4waZhfMgSws1rx1AjAVJ5JDbrmSCyVpYw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 09 Oct 2023 14:07:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 784B 43 B
199 B 137ms
30ms Image
image/gif 99.81.117.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-FeIFCowaZhfMgSws1rx1AjAVJ5JtyUcFpIqYAg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.117.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-117-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 14:07:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 784B 42 B
265 B 61ms
22ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-vOMfW4waZhfMgSws1rx1AjAVJ5KnXuqkXzUQgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:54 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 784B 0
884 B 44ms
10ms Image
text/html 18.159.114.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Hdp7rYwaZhfMgSws1rx1AjAVJ5L0U4oOSVbKRg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.114.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-114-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 784B 43 B
423 B 401ms
179ms Image
image/gif 44.194.62.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-GEG_uIwaZhfMgSws1rx1AjAVJ5JJD-hFu-f33w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.62.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-62-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 784B 0
145 B 391ms
91ms Image
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-7rqqp4waZhfMgSws1rx1AjAVJ5LtbWebSIEpiQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 14:07:55 GMT
Cache-Control: no-cache
X-TraceId: 513c0214ed0c032ff4c03f04444e03d5
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 784B 42 B
582 B 2440ms
2388ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-8l7KHIwaZhfMgSws1rx1AjAVJ5J_SvXYtTiKQg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 09 Oct 2023 13:57:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 784B 43 B
399 B 372ms
105ms Image
image/gif 2600:1f18:612b:4200:8e96:3543:6d11:e366
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-y-H1iowaZhfMgSws1rx1AjAVJ5LVPfDsGXJTWg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8e96:3543:6d11:e366 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 09 Oct 2023 14:07:55 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 784B 43 B
153 B 72ms
21ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-y3ErmYwaZhfMgSws1rx1AjAVJ5IS1Rojkn6icA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 14:07:55 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 784B 0
400 B 62ms
37ms Image
text/plain 23.213.165.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Z6rBHIwaZhfMgSws1rx1AjAVJ5KwZ6uQnJja7A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 14:07:55 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 08 Oct 2023 14:07:55 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 784B 0
38 B 149ms
31ms Image
text/plain 52.16.215.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-mZ5Pe4waZhfMgSws1rx1AjAVJ5Jg0_RIWqK4TQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.215.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-215-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 784B 0
15 B 11ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-hAPMrowaZhfMgSws1rx1AjAVJ5IKlMHKlDiFuQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 params Show response
shop.pe/widget/main/init/ 1 KB
648 B 134ms
134ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=636ead3c5a984a0518fa8bc2&product=Throat%20Phlegm%20Solution&product_url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&callback=AddShoppersWidget.load_widget&rand=12081&cookie=2%7C1%3A0%7C10%3A1696860475%7C15%3Aaddshoppers.com%7C44%3AOTc4ZmY1ZDcwZjdmNDU0ZGI0NzQ3MTU4ZmM2YWQ5YTg%3D%7Ca0e48e322d8715f0188420f84c119b2228fc60d0c6362bfdb9587317d6977734&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=c02aad9

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0681eb65e56e50c2635f405d331f27856f4aaa262174cbffdf81952d84134e69

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
content-security-policy: frame-ancestors none;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
etag: W/"d3b7b1c6efc8d45ec1923739dac761fd05bee803"
x-frame-options: deny
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
access-control-allow-origin: https://my.addshoppers.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2 200 setuid
ib.adnxs.com/ Frame 784B 43 B
861 B 10ms
9ms Image
image/gif 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-5c8JsYwaZhfMgSws1rx1AjAVJ5KXjd2VFIo_zw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
an-x-request-uuid: 0d849963-77f1-4204-93ea-51788442f1a8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.138; 178.162.209.138; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 784B
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=CrZOhRFhD5XqVt45AgUJQk4R79u0XTZF

0
338 B

136ms
31ms

Image
text/plain

63.33.100.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=CrZOhRFhD5XqVt45AgUJQk4R79u0XTZF
Protocol: H2
Server: 63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: beacon-n017-dub-prod.krxd.net
date: Mon, 09 Oct 2023 14:07:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=117 t=1696860475
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=CrZOhRFhD5XqVt45AgUJQk4R79u0XTZF
date: Mon, 09 Oct 2023 14:07:54 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 662545
content-length: 0

GET
H/1.1 200
OK 756d0be7a32e443ba764459bacb18bbc.js Show response
addshoppers.s3.amazonaws.com/customize/636ead3c5a984a0518fa8bc2/ 8 KB
3 KB 316ms
120ms Script
application/javascript 52.217.117.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addshoppers.s3.amazonaws.com/customize/636ead3c5a984a0518fa8bc2/756d0be7a32e443ba764459bacb18bbc.js?_t=1685623025
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=c02aad9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.117.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 20c76febe3efe00b8a511635194a9c49213010de3d37e90a02473b12aafa4046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 14:07:56 GMT
Content-Encoding: gzip
x-amz-version-id: 0aIdZnPJNfDQbdTw_70c4RFGaHL16aYg
Last-Modified: Thu, 01 Jun 2023 12:37:06 GMT
Server: AmazonS3
x-amz-request-id: 87CB4D1WSR80T9NN
ETag: "c56188fe728b1de0e67703520f37f09d"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Length: 2031
x-amz-id-2: aYfbRjz6s8cfovZmDRVRM3Z8Po81+YBUbpWVC1HOTjrun+Xe9OQlXJNg8ak664gYUdbh5YlUMG4=

GET
H2 200 input.js Show response
shopper.shop.pe/ 26 KB
9 KB 36ms
8ms Script
application/javascript 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/input.js
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1f77c4f001b1cfa5fa777f5b5494dcf6dc0d6b309168803ed2b91c3b71ef8112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 10:42:59 GMT
content-encoding: gzip
age: 12296
x-guploader-uploadid: ADPycdvEWxYvkdocsyIKrIM7Vn1zw6jZ0gfDAlto7LTMmIgNMsOK7PqI5rSqMLF3CJCRBTDPtSzRXjpU_nsXBK5cp4iyu0WSX5Fu
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
last-modified: Wed, 17 May 2023 14:33:56 GMT
server: UploadServer
etag: "6743b7dce7d352ffbc66dce88d6ce4d2"
vary: Accept-Encoding
x-goog-generation: 1684334036172970
x-goog-hash: crc32c=0I21Ng==, md5=Z0O33OfTUv+8ZtzojWzk0g==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
x-goog-stored-content-length: 8790
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Mon, 09 Oct 2023 14:42:59 GMT

GET
H2 200 status Show response
app.shop.pe/app/datapartners/ 34 B
500 B 155ms
123ms XHR
application/json 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.shop.pe/app/datapartners/status?usersite_id=636ead3c5a984a0518fa8bc2

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=c02aad9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"0467ba22658b680d6de72dc567071b5bc495547f"
x-frame-options: deny
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

HEAD
H3 200 consent Show response
shop.pe/query/datareg/ 0
24 B 132ms
123ms XHR
text/html 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/query/datareg/consent

Requested by

Host: shopper.shop.pe
URL: https://shopper.shop.pe/input.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
data-regulation-gdpr-enforced: true
server: nginx
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-frame-options: deny
access-control-allow-methods: HEAD, GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Data-Regulation-Gdpr-Enforced
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced

GET
H2

200

cs
s.thebrighttag.com/ Frame 784B
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=PbN-3CW_zJvzUf3sQH6D1RUe73sz81WH

35 B
268 B

344ms
108ms

Image
image/gif

18.221.230.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=PbN-3CW_zJvzUf3sQH6D1RUe73sz81WH
Protocol: H2
Server: 18.221.230.31 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-230-31.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:07:55 GMT
x-bt-requestid: 3e6dc260-66ad-11ee-a27e-0000ac1702a8
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=PbN-3CW_zJvzUf3sQH6D1RUe73sz81WH
date: Mon, 09 Oct 2023 14:07:55 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1064090
content-length: 0

GET
H2 200 iframe Show response
nytrng.com/ Frame 293A 415 B
507 B 456ms
153ms Document
text/html 99.83.128.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=978ff5d70f7f454db4747158fc6ad9a8
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=c02aad9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a954c1fc80b8251dc.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 6f84dee3634b50ee6163c21f88806252ebda85f1a9eae2e16df85e1ca02f797a

Request headers

Referer: https://sanesolution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 415
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 14:07:55 GMT
server: gunicorn

GET
H3 404 cart.js Show response
sanesolution.com/ 548 B
298 B 512ms
512ms XHR
text/html 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://sanesolution.com/cart.js
Requested by: Host: sanesolution.com
URL: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/lp/articles/vt/ro/phlegm-sign-something-worse/?cid=wbudh46hv4a6b66si0ovjhe0&txid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:07:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html
cf-ray: 813731550a569189-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 cl
io.v2.customerlabs.co/ 0
203 B 404ms
107ms Ping
text/plain 54.83.229.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl52017rotz264.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.229.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-229-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sanesolution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://sanesolution.com
date: Mon, 09 Oct 2023 14:07:56 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 firstVisit
io.v2.customerlabs.co/cl/ 0
203 B 424ms
134ms Ping
text/plain 54.83.229.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl52017rotz264.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.229.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-229-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sanesolution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://sanesolution.com
date: Mon, 09 Oct 2023 14:07:56 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 cl
io.v2.customerlabs.co/ 0
204 B 392ms
103ms Ping
text/plain 54.83.229.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl52017rotz264.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.229.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-229-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sanesolution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://sanesolution.com
date: Mon, 09 Oct 2023 14:07:56 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=664281363673750&ev=PageView&dl=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&rl=&if=false&ts=1696860475926&sw=1600&sh=1200&ud[external_id]=8576d1e11f070d140a1d0baf79f074c56e795249c79917632bab0a1466b20e7c&v=2.9.132&r=stable&ec=0&o=28&fbp=fb.1.1696860475924.1342634559&cs_est=true&ler=empty&it=1696860474992&coo=false&eid=cl52017rotz26427774b13-ef7f-4700-a4f1-9ba93218d490&tm=1&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 14:07:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=664281363673750&ev=website_session_start&dl=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D&rl=&if=false&ts=1696860475929&cd[start_time]=2023-10-09T14%3A07%3A55.927Z&cd[customerlabs_user_id]=cl52017rotz264bdda0761-1b9e-4fec-830e-a543e6c78f1e&sw=1600&sh=1200&ud[external_id]=8576d1e11f070d140a1d0baf79f074c56e795249c79917632bab0a1466b20e7c&v=2.9.132&r=stable&ec=1&o=28&fbp=fb.1.1696860475924.1342634559&ler=empty&it=1696860474992&coo=false&eid=cl52017rotz2644f6e6eb1-9add-4175-9877-bfec2153357f&tm=2&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 14:07:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pl.2.2.min.js Show response
cdn.nytrng.com/ Frame 293A 0
329 B 86ms
7ms Script
text/plain 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nytrng.com/pl.2.2.min.js
Requested by: Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=978ff5d70f7f454db4747158fc6ad9a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nytrng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:30:01 GMT
x-amz-version-id: null
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1445875
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/plain
accept-ranges: bytes
content-length: 0
x-amz-cf-id: JGclnuRez7cI1RPw2HVJsSyuOqeiqkQKbB1zJGklN4ULqT9m5XDOCA==

GET
H2 204 unip Show response
trc-events.taboola.com/1499441/log/3/ 0
246 B 94ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1499441/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1696860474458&ver=36&isls=true&src=i&invt=1500&msa=1223&rv=1&tim=1696860476011&vi=1696860474453&ri=792736ae066a478f77f2cd7dd1c39424&ref=null&cv=20231008-8-RELEASE&item-url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1499441/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://sanesolution.com
pragma: no-cache
date: Mon, 09 Oct 2023 14:07:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 externalIds
io.v2.customerlabs.co/ 0
0 173ms
172ms Image
application/json 54.83.229.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl52017rotz264bdda0761-1b9e-4fec-830e-a543e6c78f1e&id=cl52017rotz264&uid=cl52017rotz264bdda0761-1b9e-4fec-830e-a543e6c78f1e&t=0&sc=1600%20x%201200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.229.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-229-169.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 204 unip Show response
trc-events.taboola.com/1499441/log/3/ 0
246 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1499441/log/3/unip?en=pre_d_eng_tb&tos=4554&scd=0&ssd=1&est=1696860474458&ver=36&isls=true&src=i&invt=3000&msa=1223&rv=1&tim=1696860479013&vi=1696860474453&ri=792736ae066a478f77f2cd7dd1c39424&ref=null&cv=20231008-8-RELEASE&item-url=https%3A%2F%2Fsanesolution.com%2Flp%2Farticles%2Fvt%2Fro%2Fphlegm-sign-something-worse%2F%3Fcid%3Dwbudh46hv4a6b66si0ovjhe0%26txid%3D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1499441/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sanesolution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://sanesolution.com
pragma: no-cache
date: Mon, 09 Oct 2023 14:07:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.track.roinattrack.com/	1970-01-20 15:22:26	Name: 87d00162-2214-4871-979b-1279f50d68f5-v4 Value: kH_25emnfN-yX4ySFM5QWSR_r97_Em8OfXr697mLwcM
.track.roinattrack.com/	1970-01-21 00:06:36	Name: cc-v4 Value: Rg0VAGSsJ43r219nGqQQk1D5cuuUxV86wD80wFhXk3qT9k142C7QGbHrhg%2Fw%2FuKxe%2BiiLE5kGA3PhH73loCs24ifkQK%2BpKcI7dEj8AViqiGxEjCZwZlpoxHnygdloGQwPHZVDsu3k8y8Jru%2FEaP5iQ%3D%3D
.sanesolution.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .sanesolution.com
.sanesolution.com/	1970-01-21 00:57:00	Name: _lc2_fpi Value: 851a35c48e44--01hcac82wnq1e98x8g6n1v5126
.sanesolution.com/	1970-01-21 00:57:00	Name: _lc2_fpi_meta Value: {%22w%22:1696860474261}
.sanesolution.com/	1970-01-20 17:30:36	Name: _gcl_au Value: 1.1.1630191258.1696860474
.criteo.com/	1970-01-21 00:42:36	Name: uid Value: 3e63c094-e2bd-4520-b3a9-7023cd90c9cb
.sanesolution.com/	1970-01-21 00:57:00	Name: _ga_W29TJ99181 Value: GS1.1.1696860474.1.0.1696860474.60.0.0
.sanesolution.com/	1970-01-21 00:57:00	Name: __nbpix_uid Value: 1-bqwwcush-lniywxm8
.sanesolution.com/	1970-01-21 00:57:00	Name: _ga Value: GA1.2.168897765.1696860474
.sanesolution.com/	1970-01-20 15:22:26	Name: _gid Value: GA1.2.842172009.1696860474
.sanesolution.com/	1970-01-20 15:21:00	Name: _gat_gtag_UA_53756001_3 Value: 1
.sanesolution.com/	1970-01-21 00:50:24	Name: cto_bundle Value: dSAH4l9temc0aVFIRWVheHQlMkY1WGpreVpzc1kzejlCSXRyeVgyVzBGNmVaQ1JjU1hmSVFoZmdPdiUyRk1na0pQQk5rVWxUdlBFMWFUUUV3WXZUbTcwRWdSOUJtT0pLN1AzJTJCWG1CM0ZUQ1lTdUN2Wk1Rbm5EZEFQM3JNcmYzUWhvRnRXRyUyQnNoUldxTDZreGtCMCUyQjJuelpsWmJ4bHhCUmxjQmR0ZHFRMk84YlYxQkp4UlE4JTNE
.liadm.com/	1970-01-21 00:57:00	Name: lidid Value: 9391eeab-7705-48cd-8c7d-c62c1d4eba4e
.sanesolution.com/	1969-12-31 23:59:59	Name: cl52017rotz264_source Value: Direct
.sanesolution.com/	1969-12-31 23:59:59	Name: cl52017rotz264_session_starts Value: 1696860474911
.sanesolution.com/	1969-12-31 23:59:59	Name: cl52017rotz264_utmParams Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.sanesolution.com/	1970-01-21 00:06:36	Name: cl52017rotz264_uid Value: cl52017rotz264bdda0761-1b9e-4fec-830e-a543e6c78f1e
.sanesolution.com/	1970-01-21 00:06:36	Name: cl52017rotz264_sid Value: CL-02d7a7de-050b-43d2-b5cb
.sanesolution.com/	1970-01-21 00:06:36	Name: cl52017rotz264_gid Value: cl52017rotz264315588e6-5ef4-41f0-9cb2-e1fad9a5b364
.adnxs.com/	1970-01-20 17:30:36	Name: uuid2 Value: 4135388491505302043
.doubleclick.net/	1970-01-21 00:42:36	Name: IDE Value: AHWqTUn3xI5xczZjuhiyCH2Vovq4HEEBiHoUTYaHmC4rp3xfMWHVHl90VjiOPplKDjo
shop.pe/	1970-01-21 00:57:00	Name: addshoppers Value: "2\|1:0\|10:1696860475\|11:addshoppers\|44:OTc4ZmY1ZDcwZjdmNDU0ZGI0NzQ3MTU4ZmM2YWQ5YTg=\|b754af74af55aacd8dd3e23bc7d06c18e3ba4264787640034c0ba7a2ac20f9fd"
sanesolution.com/	1970-01-21 00:57:00	Name: addshoppers.com Value: 2%7C1%3A0%7C10%3A1696860475%7C15%3Aaddshoppers.com%7C44%3AOTc4ZmY1ZDcwZjdmNDU0ZGI0NzQ3MTU4ZmM2YWQ5YTg%3D%7Ca0e48e322d8715f0188420f84c119b2228fc60d0c6362bfdb9587317d6977734
.media.net/	1970-01-21 00:06:36	Name: visitor-id Value: 3398620751492264000V10
.media.net/	1970-01-20 16:04:12	Name: data-c-ts Value: 1696860475
.media.net/	1970-01-20 16:04:12	Name: data-c Value: k-QiltmYwaZhfMgSws1rx1AjAVJ5Jnz6zSi7bxzw~~3
.casalemedia.com/	1970-01-21 00:06:36	Name: CMID Value: ZSQJO.KFb9DVmJximLLeIQAA
.casalemedia.com/	1970-01-20 17:30:36	Name: CMPS Value: 2176
.casalemedia.com/	1970-01-20 17:30:36	Name: CMPRO Value: 2176
.adnxs.com/	1970-01-20 17:30:36	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Iljfg!2N!]tbPl@/D!9hy6]/CwgZkyxiP_=3np/P(24aDlMz[8Cs=g?'8fj5so+eD2xX4M(YVB``@'$vS`WbpRzqF1`*bc$'+]VQ+
.omnitagjs.com/	1970-01-20 16:04:12	Name: ayl_visitor Value: 4e77a1a05c02da707f74d13c756d42c1
exchange.mediavine.com/	1970-01-20 15:41:10	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%223e1fa260-66ad-11ee-af74-632ffdab468f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:41:10	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%223e1fa260-66ad-11ee-af74-632ffdab468f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:41:10	Name: am_tokens Value: %7B%22mv_uuid%22%3A%223e1fa260-66ad-11ee-af74-632ffdab468f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:41:10	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%223e1fa260-66ad-11ee-af74-632ffdab468f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:41:10	Name: criteo Value: %7B%22id%22%3A%22k-Hdp7rYwaZhfMgSws1rx1AjAVJ5L0U4oOSVbKRg%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-20 19:40:12	Name: demdex Value: 40118819652141222073515082013060374938
.dpm.demdex.net/	1970-01-20 19:40:12	Name: dpm Value: 40118819652141222073515082013060374938
.krxd.net/	1970-01-20 19:40:12	Name: _kuid_ Value: P2EMHBsz
.tremorhub.com/	1970-01-21 00:06:57	Name: tvid Value: e54a8a784ca34ec1b6ed5ffc08f32a49
.tremorhub.com/	1970-01-20 16:04:12	Name: tv_UICR Value: k-y-H1iowaZhfMgSws1rx1AjAVJ5LVPfDsGXJTWg
.postrelease.com/	1970-01-21 00:06:36	Name: opt_out Value: 1
.sanesolution.com/	1970-01-20 17:30:36	Name: _fbp Value: fb.1.1696860475924.1342634559
.sanesolution.com/	1969-12-31 23:59:59	Name: cl52017rotz264_session_ends Value: 1696862275928
.pubmatic.com/	1970-01-20 16:04:12	Name: KRTBCOOKIE_97 Value: 3385-uid:k-8l7KHIwaZhfMgSws1rx1AjAVJ5J_SvXYtTiKQg&KRTB&23144-uid:k-8l7KHIwaZhfMgSws1rx1AjAVJ5J_SvXYtTiKQg&KRTB&23286-uid:k-8l7KHIwaZhfMgSws1rx1AjAVJ5J_SvXYtTiKQg&KRTB&23287-uid:k-8l7KHIwaZhfMgSws1rx1AjAVJ5J_SvXYtTiKQg
.pubmatic.com/	1970-01-20 16:04:12	Name: PugT Value: 1696859823

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sanesolution.com/cart.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
addshoppers.s3.amazonaws.com
ajax.googleapis.com
app.shop.pe
b-code.liadm.com
beacon.krxd.net
business.newsbreak.com
cdn.js.customerlabs.co
cdn.nytrng.com
cdn.taboola.com
cdn1.decide.dev
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d3rr3d0n31t48m.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
io.v2.customerlabs.co
jadserve.postrelease.com
js-tag.zemanta.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
nytrng.com
p1.zemanta.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.thebrighttag.com
sanesolution.com
shop.pe
shopper.shop.pe
simage2.pubmatic.com
sslwidget.criteo.com
static.newsbreak.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
track.roinattrack.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.18.26.193
13.32.99.127
141.193.213.10
141.226.228.48
142.250.186.66
151.101.193.44
151.139.128.10
162.19.138.82
178.250.1.9
178.250.7.11
178.250.7.13
18.159.114.228
18.193.209.105
18.195.61.190
18.221.230.31
18.66.122.76
18.66.137.164
18.66.97.122
185.255.84.152
185.86.138.152
198.47.127.205
2.18.161.51
2001:4860:4802:34::36
23.213.165.82
23.52.120.27
2600:1f18:612b:4200:8e96:3543:6d11:e366
2600:1f18:730:b120:ec5e:651e:a0cc:77a3
2600:9000:225e:4800:8:8845:1500:93a1
2606:4700:10::ac43:247d
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9a
2a02:2638:3::c
2a02:2638:d::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.66.123.6
3.75.62.37
34.117.157.22
34.234.124.95
34.241.182.209
35.190.54.17
35.227.244.1
37.157.6.233
37.252.171.149
44.194.62.128
52.16.215.2
52.217.117.41
54.200.119.205
54.83.229.169
63.33.100.143
64.202.112.127
69.173.144.165
74.119.119.150
76.223.111.18
85.215.5.31
99.81.117.172
99.83.128.14
0681eb65e56e50c2635f405d331f27856f4aaa262174cbffdf81952d84134e69
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
10b593013b599f911ebc17a48faf5719b872ba229cf45018c7c1f96873386db7
11ad1fcf3a21106e5a94e59f46f0be20e9b446f71d51327f12857559c5ed239e
1ed902a3b90cf2f54e7b3bc7436a485f0f6e1c455e60d6431da8085cca0b461a
1f77c4f001b1cfa5fa777f5b5494dcf6dc0d6b309168803ed2b91c3b71ef8112
20c76febe3efe00b8a511635194a9c49213010de3d37e90a02473b12aafa4046
21ba129f7fd1614a2853c4bdc6e9d7832da72bb99c0ac1d9e44a18acc3b9a4df
228cc0fc8d95a14c7d7ede4b2576b61a717b3622e9ca12222f395fc7727bc32c
27f7ba7ce11c2304e4064bcb6d0598dfd2c34deba5058fbbbb508c6f9b044518
2c60168ae605892c0b62f160f37e21857cdf313422c3437bb3ea0d2f70309448
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37b30c1b6872fba4e22d1dce19410431648b06d5606787597066518511ddf6cc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4509f9e0ddef8ce29da554dd9204c287a842beca50e425596f0db2da148f4c88
478e3bcd7d496f201a9e5edcc30bcf82dda8a3462ce8c70a1830da4194388a0e
4b4c8cab5b08674a09cb0719abd984198123d97831844808b90ec48756571422
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba251b923c258c51e4ae6014b2efe238bf67c3d996f9d2e872bd4a5b21e305c
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57209088f0fdf4549d3445d5289acb6023473ee9c5f34508e64ff252183ff823
5c30ec932b2f90a75056c69704ae0c2d3819b8d5930a2b87cae5ee8efd781487
600b386fb5fd8de4438d5b6a4801ec8fefdc98c2e273b4f5913b4e8bfc4860db
62e4df467c213c3d7b22365b084bf654feb75778899fdb6cc2ccc216484ffb78
6f84dee3634b50ee6163c21f88806252ebda85f1a9eae2e16df85e1ca02f797a
71bb2e465d6851f188fec6e7c5060aa7f2d7890d7c8d1da1e2a23c4507062896
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a69ae34dff38442477828063a6a33a8dc791647feecb79fc4e286b142e5ca490
aeb668441886ec2d5c0abe5b3106cee7f6c00b5859f46d9e2b056adba2e2b720
af1f0f58835cdef32f568bbc4011ab459a3e319c54a15d9f09e905a7056b5af0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b589881f7ab39e05ef281eca71541c81369dc9711a10e54073d0efd9c3009bac
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899
cf2c15bcf6cb75c466a42b23f22848962704e11764bc3d211f20c4093ae6234d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
daafbc404769227796b0be93cc865815d71ecc7f637f4fdd3e17a6252dd709f4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6ff87824ec5259c506694ad1991151c726558097801b4646355a419978290d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f0047a2774101a2f9bc5a82bbe8b18e395642d9be29a6f5dbdf3cd93d617f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f40942f929dd569e0334735e5d210ec552032f41d84996fa5e6a75be2dafd394
ffd722d32e592f7fabc47327a93b5206eb17948c954084f118488a15fac72598

sanesolution.com Open in urlscan Pro 141.193.213.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

89 %HTTPS

26 %IPv6

47 Domains

66 Subdomains

58 IPs

8 Countries

1396 kBTransfer

2881 kBSize

47 Cookies

1 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sanesolution.com Open in urlscan Pro
141.193.213.10 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

89 %
HTTPS

26 %
IPv6

47
Domains

66
Subdomains

58
IPs

8
Countries

1396 kB
Transfer

2881 kB
Size

47
Cookies

93 HTTP transactions
0 data transactions