www.theraflu.com Open in urlscan Pro
52.251.65.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theraflu.com/
Effective URL:
https://www.theraflu.com/
Submission: On January 12 via api (January 12th 2022, 6:31:07 pm UTC) from SG — Scanned from DE

Summary HTTP 106 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 23 domains to perform 106 HTTP transactions. The main IP is 52.251.65.90, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.theraflu.com. The Cisco Umbrella rank of the primary domain is 85472.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 7th 2022. Valid for: a year.

This is the only time www.theraflu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	52.251.65.90 52.251.65.90	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2600:9000:223... 2600:9000:223f:4c00:d:274d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
12	92.122.254.203 92.122.254.203	16625 (AKAMAI-AS) (AKAMAI-AS)
17	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.137.15 18.66.137.15	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.37.32.195 23.37.32.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:a400:1c:58a3:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
6	34.229.5.226 34.229.5.226	14618 (AMAZON-AES) (AMAZON-AES)
1	34.253.97.172 34.253.97.172	16509 (AMAZON-02) (AMAZON-02)
2 6	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
106	32

8 52.251.65.90 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

theraflu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theraflu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

a-cf65.ch-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223f:4c00:d:274d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

apps.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 92.122.254.203 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-203.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

i-cf65.ch-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-15.fra60.r.cloudfront.net

d22xmn10vbouk4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.32.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-32-195.deploy.static.akamaitechnologies.com

accounts.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:a400:1c:58a3:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics-static.ugc.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.229.5.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-5-226.compute-1.amazonaws.com

network-stg.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.97.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-97-172.eu-west-1.compute.amazonaws.com

stg.api.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

9174324.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5116519.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-96-113.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ch-static.com a-cf65.ch-static.com — Cisco Umbrella Rank: 107159 i-cf65.ch-static.com — Cisco Umbrella Rank: 106713	617 KB
15	gigya.com cdns.gigya.com — Cisco Umbrella Rank: 6485 cdns.us1.gigya.com — Cisco Umbrella Rank: 6271 accounts.us1.gigya.com — Cisco Umbrella Rank: 17332 cdns1.gigya.com — Cisco Umbrella Rank: 43672	409 KB
13	bazaarvoice.com apps.bazaarvoice.com — Cisco Umbrella Rank: 3615 analytics-static.ugc.bazaarvoice.com — Cisco Umbrella Rank: 3844 network-stg.bazaarvoice.com — Cisco Umbrella Rank: 25421 stg.api.bazaarvoice.com — Cisco Umbrella Rank: 83874	83 KB
8	theraflu.com 1 redirects theraflu.com — Cisco Umbrella Rank: 83850 www.theraflu.com — Cisco Umbrella Rank: 85472	11 MB
7	doubleclick.net 2 redirects 9174324.fls.doubleclick.net — Cisco Umbrella Rank: 478949 5116519.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	2 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 444	117 KB
6	clarity.ms 1 redirects d.clarity.ms — Cisco Umbrella Rank: 2050 c.clarity.ms — Cisco Umbrella Rank: 998	24 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 332 c.bing.com — Cisco Umbrella Rank: 239	12 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	1 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1348 insight.adsrvr.org — Cisco Umbrella Rank: 602	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	197 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	313 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 263	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	50 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6151	501 B
1	t.co t.co — Cisco Umbrella Rank: 457	469 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 465	675 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 559	6 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 698	398 B
1	cloudfront.net d22xmn10vbouk4.cloudfront.net	22 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1555	35 KB
106	23

	Domain	Requested by
17	i-cf65.ch-static.com	www.theraflu.com
9	cdns.us1.gigya.com	cdns.gigya.com cdns.us1.gigya.com
7	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
7	www.theraflu.com	www.theraflu.com a-cf65.ch-static.com
6	network-stg.bazaarvoice.com	www.theraflu.com analytics-static.ugc.bazaarvoice.com
6	a-cf65.ch-static.com	www.theraflu.com a-cf65.ch-static.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.theraflu.com
5	apps.bazaarvoice.com	www.theraflu.com apps.bazaarvoice.com
4	d.clarity.ms	bat.bing.com d.clarity.ms
3	bat.bing.com	www.theraflu.com bat.bing.com
3	5116519.fls.doubleclick.net	1 redirects www.googletagmanager.com www.theraflu.com
3	9174324.fls.doubleclick.net	1 redirects www.googletagmanager.com www.theraflu.com
3	accounts.us1.gigya.com	cdns.us1.gigya.com
3	www.googletagmanager.com	www.theraflu.com www.googletagmanager.com
2	adservice.google.com	5116519.fls.doubleclick.net 9174324.fls.doubleclick.net
2	c.clarity.ms	1 redirects www.theraflu.com
2	www.facebook.com	www.theraflu.com
2	insight.adsrvr.org	www.theraflu.com js.adsrvr.org
2	s.amazon-adsystem.com	1 redirects www.theraflu.com
2	connect.facebook.net	www.theraflu.com connect.facebook.net
2	www.youtube.com	a-cf65.ch-static.com www.youtube.com
2	cdns.gigya.com	www.theraflu.com cdns.gigya.com
1	www.google.de	www.theraflu.com
1	www.google.com	www.theraflu.com
1	c.bing.com	1 redirects
1	t.co	www.theraflu.com
1	analytics.twitter.com	static.ads-twitter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdns1.gigya.com	www.theraflu.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	stg.api.bazaarvoice.com	apps.bazaarvoice.com
1	analytics-static.ugc.bazaarvoice.com	apps.bazaarvoice.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	d22xmn10vbouk4.cloudfront.net	www.googletagmanager.com
1	www.googleoptimize.com	www.theraflu.com
1	theraflu.com	1 redirects
106	37

This site contains links to these domains. Also see Links.

Domain
us.gsk.com
theraflu.ba
theraflu.bg
theraflu.hr
theraflu.cz
theraflu.co.kr
theraflu.com.mx
theraflu.pl
theraflu.ro
theraflu.ru
theraflu.sk
theraflu.ua
theraflu.com
terms.gsk.com
privacy.gsk.com
cookies.gsk.com
www.facebook.com
www.youtube.com
twitter.com
www.onetrust.com

Subject Issuer	Validity	Valid
sensodynepr.com Sectigo RSA Organization Validation Secure Server CA	`2022-01-07` - `2023-01-07`	a year	crt.sh
a-stage-cf65.ch-static.com Sectigo RSA Organization Validation Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.bazaarvoice.com DigiCert SHA2 Secure Server CA	`2020-04-14` - `2022-05-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2021-03-05` - `2022-03-10`	a year	crt.sh
*.ch-static.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-26` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
gigya.com GeoTrust RSA CA 2018	`2021-03-05` - `2022-03-10`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
analytics-static.ugc.bazaarvoice.com Amazon	`2021-11-22` - `2022-12-21`	a year	crt.sh
*.api.bazaarvoice.com DigiCert SHA2 Secure Server CA	`2020-06-08` - `2022-07-07`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.theraflu.com/
Frame ID: 8B62613AEA936265B6E61CDF2FAE5CDA
Requests: 92 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=12563
Frame ID: 28340826812C926A3A4B625EAD65A54B
Requests: 5 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
Frame ID: 39F3D8CD9166399BA83862C490171AD8
Requests: 2 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
Frame ID: 4DD4B7755578221883B47944D288B283
Requests: 2 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
Frame ID: 551BA5E85F57394FD436AD65B4BED3C8
Requests: 2 HTTP requests in this frame

Frame: https://9174324.fls.doubleclick.net/activityi;dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 7753369E9DF43EEA61C7EA4BAE23B9CE
Requests: 2 HTTP requests in this frame

Frame: https://5116519.fls.doubleclick.net/activityi;dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 380386AB9AF2878F125DB2112343BB43
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2obq2qw&ref=https%3A%2F%2Fwww.theraflu.com%2F&upid=4uicnfj&upv=1.1.0
Frame ID: 79BB717731B94EFA64364C32D80CC166
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 179DFBCD02C5DE9BFA2AC93C81BAB9CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cold and Flu Relief Medicine | TherafluBack ButtonFilter Button

Page URL History Show full URLs

http://theraflu.com/ HTTP 301
https://www.theraflu.com/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

106
Requests

98 %
HTTPS

52 %
IPv6

23
Domains

37
Subdomains

32
IPs

5
Countries

13013 kB
Transfer

16532 kB
Size

40
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://us.gsk.com/

Search URL Search Domain Scan URL

URL: https://theraflu.ba/
Title: Bosnia and Herzegovina

Search URL Search Domain Scan URL

URL: https://theraflu.bg/
Title: Bulgaria

Search URL Search Domain Scan URL

URL: https://theraflu.hr/
Title: Croatia

Search URL Search Domain Scan URL

URL: https://theraflu.cz/
Title: Czech Republic

Search URL Search Domain Scan URL

URL: https://theraflu.co.kr/
Title: Korea

Search URL Search Domain Scan URL

URL: https://theraflu.com.mx/
Title: Mexico

Search URL Search Domain Scan URL

URL: https://theraflu.pl/
Title: Poland

Search URL Search Domain Scan URL

URL: https://theraflu.ro/
Title: Romania

Search URL Search Domain Scan URL

URL: https://theraflu.ru/
Title: Russia

Search URL Search Domain Scan URL

URL: https://theraflu.sk/
Title: Slovakia

Search URL Search Domain Scan URL

URL: https://theraflu.ua/ru
Title: Ukraine

Search URL Search Domain Scan URL

URL: https://theraflu.com/es/poderoso-alivio
Title: United States (Español)

Search URL Search Domain Scan URL

URL: https://terms.gsk.com/en-us/consumer-healthcare/default/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://privacy.gsk.com/en-us/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.gsk.com/en-us/consumer-healthcare/default/
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://cookies.gsk.com/en-us/consumer-healthcare/default/
Title: Cookie

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TherafluUS

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4zl7KFQ8wIcMBsJpMZb4LA

Search URL Search Domain Scan URL

URL: https://twitter.com/theraflu

Search URL Search Domain Scan URL

URL: https://cookies.gsk.com/en-us/consumer-healthcare/default
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theraflu.com/ HTTP 301
https://www.theraflu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://9174324.fls.doubleclick.net/activityi;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F HTTP 302
https://9174324.fls.doubleclick.net/activityi;dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F

Request Chain 67

https://5116519.fls.doubleclick.net/activityi;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F HTTP 302
https://5116519.fls.doubleclick.net/activityi;dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F

Request Chain 73

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1995709930 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1995709930&dcc=t

Request Chain 95

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E5E202F7A49D491F8278F858D0DF2CAB&RedC=c.clarity.ms&MXFR=3620D2B3F66C6F501F92C399F26C6174 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E5E202F7A49D491F8278F858D0DF2CAB&MUID=27847775B59165E327FE665FB443644D

106 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theraflu.com/
Redirect Chain

http://theraflu.com/
https://www.theraflu.com/

108 KB
13 KB

525ms
322ms

Document
text/html

52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

2f4a323987d6f3af5714f7de29513c581c56129d590d45b6849056c71231c78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 12 Jan 2022 18:30:59 GMT
content-type: text/html; charset=UTF-8
server: Apache
strict-transport-security: max-age=63072000;
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
link: <https://www.googletagmanager.com>; rel=preconnect; crossorigin, <https://www.googletagmanager.com>; rel=dns-prefetch; crossorigin, <https://a-cf65.ch-static.com>; rel=preconnect; crossorigin, <https://a-cf65.ch-static.com>; rel=dns-prefetch; crossorigin, <https://i-cf65.ch-static.com>; rel=preconnect; crossorigin, <https://i-cf65.ch-static.com>; rel=dns-prefetch; crossorigin
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0, s-maxage=86400

Redirect headers

Date: Wed, 12 Jan 2022 18:30:59 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 233
Connection: keep-alive
Server: Apache
Location: https://www.theraflu.com/

GET
H2 200 design.default.bootstrap.v0-0-1.ts202112181850.css
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/ 647 KB
84 KB 79ms
13ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202112181850.css

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F5F) /

Resource Hash

c49d6e28f3de7e7856b87bdb62d554544f0c67ec5e16224d2f194b31e26440cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 26993
x-cache: HIT
content-length: 85222
last-modified: Wed, 15 Dec 2021 21:02:10 GMT
server: ECAcc (frc/8F5F)
x-frame-options: SAMEORIGIN
etag: "a1b4b-5d3359e881880-gzip"
strict-transport-security: max-age=63072000;
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Thu, 13 Jan 2022 18:31:00 GMT

GET
H2 200 head.v0-0-1.ts202112181850.js Show response
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.fileAsset.js/zg/basic/desktop/js/head/ 24 KB
10 KB 91ms
24ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.fileAsset.js/zg/basic/desktop/js/head/head.v0-0-1.ts202112181850.js

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F04) /

Resource Hash

af142e7e56c1482d6bde1f9ef0b14c7aba6d065e16ef86109c0e0d636b4eb52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 25413
x-cache: HIT
content-length: 10192
last-modified: Sat, 18 Dec 2021 18:50:00 GMT
server: ECAcc (frc/8F04)
x-frame-options: SAMEORIGIN
etag: "5e75-5d3701f640600-gzip"
strict-transport-security: max-age=63072000;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Thu, 13 Jan 2022 18:31:00 GMT

GET
H2 200 bv.js Show response
apps.bazaarvoice.com/deployments/theraflu/main_site/staging/en_US/ 61 KB
20 KB 518ms
431ms Script
text/javascript 2600:9000:223f:4c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/deployments/theraflu/main_site/staging/en_US/bv.js
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0af50c57bcd2b8a53688589779ec00cf23588d698422ef60c63063ca514332cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: qsbJIs5_c9jHWlQ8nGuQgy3suHo_tzRx
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 15:10:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "f3a31c03909cfd88ff3b92220bf92a80"
x-cache: RefreshHit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 12 Jan 2022 18:31:01 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 19805
x-amz-cf-id: Et-_vbIKYvhSBHiTO00kqAt6ascxZNopmo6sGhgMJ9K3tuhhANUHXw==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 88 KB
35 KB 141ms
55ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PKPMGMZ

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81acf086c428c0d3d2df7b6d9aa0049687361294841d3420f597b241d3abd82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35285
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jan 2022 18:31:00 GMT

GET
H/1.1 200
OK gigya.js Show response
cdns.gigya.com/JS/ 373 KB
124 KB 60ms
17ms Script
text/javascript 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4401c654ee7ec5176c30494ea95a9fa33283f5235128a732915a09c84814de7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 4ad4c5a0128d457d9dc522c058ddf8ba
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g3
Connection: keep-alive
x-robots-tag: none
Content-Length: 126538
Expires: Wed, 12 Jan 2022 18:46:00 GMT

GET
H2 200 gsk-logo.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 2 KB
2 KB 163ms
57ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/gsk-logo.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

bd099964d132c1d17f1ac2b6914342430c36c9b8e14d5bb733f1e140a9b80d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
age: 967875
x-cache: MISS, HIT, HIT
x-imgix-id: 1cba1e1555ccb1b0f97b7978004b45a1e15025ab
fastly-restarts: 1
x-served-by: cache-sjc10070-SJC, cache-sjc10024-SJC, cache-fra19181-FRA
accept-ranges: bytes
last-modified: Sat, 01 Jan 2022 13:39:45 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 1622
cross-origin-resource-policy: cross-origin

GET
H2 200 Theraflu_Badge_Brandmark.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 4 KB
4 KB 136ms
57ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/Theraflu_Badge_Brandmark.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

55d386bb5f32e83974b9f630ada5421e96d9f499243e212e248343093ddede51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
age: 638497
x-cache: HIT, HIT
x-imgix-id: f4f6cd00e48d39d52ba08089b81595665d8779aa
fastly-restarts: 1
x-served-by: cache-sjc10047-SJC, cache-fra19181-FRA
accept-ranges: bytes
last-modified: Wed, 05 Jan 2022 09:09:22 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 3989
cross-origin-resource-policy: cross-origin

GET
H2 200 icon-18-px-plus.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 552 B
528 B 137ms
135ms Image
image/svg+xml 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-18-px-plus.svg

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

e68683445de234abc922683ad4cb3b1f0e5db14a08ecd48df0fe928cad639429

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: br
last-modified: Tue, 16 Nov 2021 02:13:46 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "228-5d0de79a92a80-br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 250

GET
H2 200 icon-18-px-minus.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 437 B
470 B 143ms
141ms Image
image/svg+xml 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-18-px-minus.svg

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

f4ff09114fe8347b049da92e9d0fbf377e13516bd38924187a7bc727e3b5307f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: br
last-modified: Tue, 16 Nov 2021 02:13:46 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1b5-5d0de79a92a80-br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 192

GET
H2 200 Theraflu-logo-155x76.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 4 KB
5 KB 135ms
56ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/Theraflu-logo-155x76.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

051ab643438de53f1682edbbae1effcd49553a609bdf8ac07c7f27d333fe8f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Dec 2021 03:07:13 GMT
server: imgix
age: 2820226
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 1e69e9c925dba69edfd3e024cf8cea2daf862bfb
accept-ranges: bytes
content-length: 4392
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10034-SJC, cache-fra19181-FRA

GET
H2 200 00300677919125_front.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 36 KB
36 KB 135ms
56ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/00300677919125_front.png.rendition.516.516.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1eeea71bb6568c67df0e693457ae9caf1f9c85a835e4ba3a480cf9bfbedeb48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 23:02:22 GMT
server: imgix
age: 2834918
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: bd854830b3e136d7d0f7c13275a0ab7481c744e5
accept-ranges: bytes
content-length: 36781
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10027-SJC, cache-fra19181-FRA

GET
H2 200 00300671169571_front.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 22 KB
22 KB 135ms
57ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/00300671169571_front.png.rendition.516.516.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e9f7df343feb67a20b622d43d1f9d744e534214754566659a36c16fb12040734

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 18:54:49 GMT
server: imgix
age: 2849770
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 799fd406976abfb2ba90535a4f5deb43f0f7cf8d
accept-ranges: bytes
content-length: 22046
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10058-SJC, cache-fra19181-FRA

GET
H2 200 00300677917060_front.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 26 KB
26 KB 135ms
57ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/00300677917060_front.png.rendition.516.516.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5e7e5c63baa18222e60c2fa584531b8a2e68f87a6396f427ae0f85e9c36c6404

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
age: 868596
x-cache: MISS, HIT, HIT
x-imgix-id: 951a956b99d18bbe4d6019b5fdbfd52541fa420c
fastly-restarts: 1
x-served-by: cache-sjc10053-SJC, cache-sjc10034-SJC, cache-fra19181-FRA
accept-ranges: bytes
last-modified: Sun, 02 Jan 2022 17:14:23 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 26731
cross-origin-resource-policy: cross-origin

GET
H2 200 00300671220760_front.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 23 KB
23 KB 115ms
115ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/00300671220760_front.png.rendition.516.516.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ac1cc4e3e97a9060e28544653033159c1b37bfd65d77219c890457703ac47026

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
age: 1360464
x-cache: MISS, HIT, HIT
x-imgix-id: 58d7fc3bc92f55b5341402703b4282ec944fa0fb
fastly-restarts: 1
x-served-by: cache-sjc10047-SJC, cache-sjc10075-SJC, cache-fra19181-FRA
accept-ranges: bytes
last-modified: Tue, 28 Dec 2021 00:36:36 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 23745
cross-origin-resource-policy: cross-origin

GET
H2 200 theraflu-Homepage-About-Theraflu-body-DT.jpg.rendition.1920.639.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/ 45 KB
45 KB 115ms
115ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/theraflu-Homepage-About-Theraflu-body-DT.jpg.rendition.1920.639.jpg?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

917b71cee12e8a0f5b51b2e526125f5e40f459d5c2fc895af3ebd410a168ce66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 16:45:34 GMT
server: imgix
age: 2943926
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 0af1b08153e679f5d9b21b1552a84cbd090381c6
accept-ranges: bytes
content-length: 45846
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10036-SJC, cache-fra19181-FRA

GET
H2 200 icon-facebook.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 1 KB
1 KB 133ms
132ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-facebook.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5b3438659036fd1e8b8253e0781f539ecd90191e061387614c6db42c3669dfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 16:44:56 GMT
server: imgix
age: 2943964
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 873b40c06967a666c6b1df873e4a15bc4b5c7098
accept-ranges: bytes
content-length: 1360
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10023-SJC, cache-fra19181-FRA

GET
H2 200 icon-facebook-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 1 KB
1 KB 133ms
132ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-facebook-lightblue.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b69c12e7a4564cb8f5d275487011ef3b8a26b47431686fab6b11b2f7c38b1f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 03:09:51 GMT
server: imgix
age: 2906468
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: e5f5afb265b188bae73c70bd0534cbe8a57d5c99
accept-ranges: bytes
content-length: 1370
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10070-SJC, cache-fra19181-FRA

GET
H2 200 icon-youtube.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 2 KB
2 KB 133ms
132ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-youtube.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a30076cdaa39643830ad596a4b7dc619fff468f03c1efa3b84dfe023566373bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
age: 118559
x-cache: MISS, HIT, HIT
x-imgix-id: 38ce2fb02865ac0c351f66237999975fa5e6cbad
fastly-restarts: 1
x-served-by: cache-sjc10042-SJC, cache-sjc10051-SJC, cache-fra19181-FRA
accept-ranges: bytes
last-modified: Tue, 11 Jan 2022 09:35:01 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 1545
cross-origin-resource-policy: cross-origin

GET
H2 200 icon-youtube-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 2 KB
2 KB 249ms
249ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-youtube-lightblue.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

37904ffe567d054211e8b921bc611c9a11f21349a658bd7f7b56a25190c0994f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 03:09:51 GMT
server: imgix
age: 2906469
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 921085ca5ca250756e2b6eca276eb65ebe8e44e0
accept-ranges: bytes
content-length: 1605
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10026-SJC, cache-fra19181-FRA

GET
H2 200 icon-twitter.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 2 KB
2 KB 132ms
132ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-twitter.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e56a9b4c334ee9d05f44f62cd3078fa545b43054de5ef791fa140c4024a3faeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 20:40:19 GMT
server: imgix
age: 2929841
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 5ba0cf1d0c7633d4d0710cfbd5fa942a040ea83b
accept-ranges: bytes
content-length: 1692
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10040-SJC, cache-fra19181-FRA

GET
H2 200 icon-twitter-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 2 KB
2 KB 132ms
132ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-twitter-lightblue.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e9941ab7996a8182be387670f418ad6aa7c759b60d40520f17fd93466a639093

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Dec 2021 03:07:13 GMT
server: imgix
age: 2820227
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: b70c8bd6a34615660f1c62cfe198fb6023f15a95
accept-ranges: bytes
content-length: 1738
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10049-SJC, cache-fra19181-FRA

GET
H2 200 design.default.bootstrap.v0-0-1.ts202112181850.js Show response
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/ 673 KB
211 KB 13ms
12ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202112181850.js

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE6) /

Resource Hash

8aa9db25d3e08c98dd34d7a1a896ff8a23568c2381ef1434f31ec3818daa6787

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 25413
x-cache: HIT
content-length: 215464
last-modified: Wed, 15 Dec 2021 21:01:11 GMT
server: ECAcc (frc/8FE6)
x-frame-options: SAMEORIGIN
etag: "a84f9-5d3359b03d3c0-gzip"
strict-transport-security: max-age=63072000;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Thu, 13 Jan 2022 18:31:00 GMT

GET
H2 200 GothamNarrow-Book.woff
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 31 KB
32 KB 38ms
8ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Book.woff

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202112181850.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F52) /

Resource Hash

e09899b8901eea8c77d681427930b5e25aea5ac19bd3a2889c7defc379f7af7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202112181850.css
Origin: https://www.theraflu.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
last-modified: Wed, 15 Dec 2021 22:06:17 GMT
server: ECAcc (frc/8F52)
age: 12138
etag: "7d38-5d33683d4a840"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 32056
expires: Thu, 12 Jan 2023 18:31:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
74 KB 217ms
74ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2446c5c86484b6b006c35fbc4fc7e6afe71e5eca1859a399d64a4787a8891e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75347
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jan 2022 18:31:00 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ 3 KB
2 KB 212ms
100ms Fetch
text/javascript 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Requested by: Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8b089e7e52cd9da0cb10fe87e0f4195cd4a2ac05c53c8d4782095c3aa0a82f36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 297ea384bd5047ebbcf3bb7ce4f02031
Cache-Control: public, max-age=86400
x-server: us1d-nomad-g17
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1190

GET
DATA 200
OK truncated
/ 486 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fd26b2b4969eaf06cc8d7564d783a3240e0d35c357268f95c423a0b3d031470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f40209e22b8a414f7bcb814f5b570460b1dc47ed8a8acad273c89f8423375434

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 GothamNarrow-Medium.woff
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 32 KB
32 KB 31ms
31ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Medium.woff

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202112181850.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F35) /

Resource Hash

84b08206e98c7c8daf067d0301b3319a1723bb65f97177c1e6203ffc4a261682

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202112181850.css
Origin: https://www.theraflu.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
last-modified: Wed, 15 Dec 2021 22:32:27 GMT
server: ECAcc (frc/8F35)
age: 1941
etag: "7f48-5d336e168f4c0"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 32584
expires: Thu, 12 Jan 2023 18:31:00 GMT

GET
H2 200 GothamNarrow-Bold.woff
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 32 KB
32 KB 34ms
33ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Bold.woff

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202112181850.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F4D) /

Resource Hash

11b1ed45698d8402655737dc3f812a2e5d436383daa6c1f3c9d1e28f8ed580fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202112181850.css
Origin: https://www.theraflu.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
last-modified: Wed, 15 Dec 2021 23:33:15 GMT
server: ECAcc (frc/8F4D)
age: 1941
etag: "7f8c-5d337bad904c0"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 32652
expires: Thu, 12 Jan 2023 18:31:00 GMT

GET
H2 206 2102_Theraflu_US_ODA_HBC_desktop_1920x600.mp4
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/videos/ 11 MB
11 MB 222ms
221ms Media
video/mp4 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/videos/2102_Theraflu_US_ODA_HBC_desktop_1920x600.mp4

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.theraflu.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
last-modified: Tue, 16 Nov 2021 08:16:21 GMT
server: Apache
etag: "ae1e93-5d0e38a5c1f40"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-11411090/11411091
cache-control: max-age=31536000, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
Content-Length: 11411091

GET
H2 200 .token.json Show response
www.theraflu.com/ 2 B
196 B 296ms
296ms XHR
application/json 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theraflu.com/.token.json

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202112181850.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.theraflu.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
strict-transport-security: max-age=63072000;
content-length: 2
expires: -1

GET
H2 200 czech.lng Show response
www.theraflu.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/languages/ 273 B
529 B 277ms
276ms XHR
text/plain 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theraflu.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/languages/czech.lng

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202112181850.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

c82668106a46ff4624d06f82252d79db40081cba3cfaefe6e99abac02bc2848e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
last-modified: Sat, 18 Dec 2021 18:49:51 GMT
server: Apache
etag: "111-5d3701edab1c0"
x-frame-options: SAMEORIGIN
cache-control: max-age=86400, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 273
expires: Thu, 13 Jan 2022 18:31:00 GMT

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ac1f94cd02384d19224ad4b31edd4e57738576464599b55761ae4fd57d03575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 154ms
54ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202112181850.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7cba4888800d0b93e3bbec3967bfbdc8a66b4fec3d3e1afecfa2015dd0de42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Wed, 12 Jan 2022 18:31:00 GMT

GET
H/1.1 200
OK gigya.services.plugins.base.min.js Show response
cdns.gigya.com/js/ 442 KB
133 KB 16ms
16ms Script
text/javascript 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/js/gigya.services.plugins.base.min.js?services=gigya.services.accounts.plugins.screenSet&lang=en&version=latest
Requested by: Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14a5a4c93777f509dbd63c51fa05a10822058457addba41572357aa2ba962b4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 26f16ad3d9844586be044d86e2301449
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g11
Connection: keep-alive
x-robots-tag: none
Content-Length: 136030
Expires: Wed, 12 Jan 2022 18:46:00 GMT

GET
H/1.1 200
OK Api.aspx Show response
cdns.us1.gigya.com/gs/webSdk/ Frame 2834 107 KB
39 KB 49ms
17ms Document
text/html 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=12563

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-254-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

0ae4c000a8769e9407ff17747131308f9a5c93381c798dd757b4c254c8b6d8f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 39132
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g20
x-callid: 397c1760e02a4779b201038993f23878
Accept-Ranges: bytes
x-robots-tag: none
Cache-Control: public, max-age=86400, s-maxage=3600
Date: Wed, 12 Jan 2022 18:31:00 GMT
Connection: keep-alive

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame 2834 3 KB
2 KB 16ms
16ms Fetch
text/javascript 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&pageURL=https%3A%2F%2Fwww.theraflu.com%2F
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=12563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ca4fe3091b444698c291cae5b81f908cdfaa2a20d4fe6b1d8c25c52d0e341d57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=12563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: fa308aa81f0b4b8aae1e46b6bce81f77
Cache-Control: public, max-age=86400
x-server: us1d-nomad-g5
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1188

GET
H2 200 5a3192ca6f1b11eaa422f218989845bc.js Show response
d22xmn10vbouk4.cloudfront.net/ 89 KB
22 KB 54ms
10ms Script
text/javascript 18.66.137.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22xmn10vbouk4.cloudfront.net/5a3192ca6f1b11eaa422f218989845bc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 066e1fc1ab8d326d3e0b9036c0e96a5699f9decabce185f40459d447d9073586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:58:41 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 17:56:43 GMT
server: AmazonS3
age: 1940
etag: W/"72f695bb351abe59d592d60172ea6b0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
cache-control: public, max-age=601
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: W91HX6-Dio8nUHltCm2bnYq9l0cYOkjCJ__pP1S4cU4vCnXzYRDwxg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 42ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dMq6iJthjOyg56NOUFVpHQ==
age: 10
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jan 2022 12:53:10 GMT
server: cloudflare
etag: 0x8D9D43827C9A0F5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2cce3451-501e-0105-4130-066acc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cc875946c364e0d-FRA
expires: Wed, 12 Jan 2022 22:31:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f93a7034/www-widgetapi.vflset/ 149 KB
49 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f93a7034/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56ffacf7e1adcff39289ad8604b9978aac8dffcf73c7356ba3c3d2577742e6c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49397
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 01:13:45 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Jan 2023 18:18:41 GMT

GET
H/1.1 200
OK accounts.webSdkBootstrap Show response
accounts.us1.gigya.com/ Frame 2834 199 B
1 KB 156ms
115ms XHR
text/javascript 23.37.32.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.us1.gigya.com/accounts.webSdkBootstrap?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdk=js_latest&sdkBuild=12563&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=12563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.32.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-32-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 872fe02b3b3066df44c3fa1002114869a3541da2fcc5b1f563c6d3cf490a6134

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdns.us1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
x-soa: true, Gator
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Server-Timing: edge; dur=1, origin; dur=106, cdn-cache; desc=MISS
Content-Length: 168
Cache-Control: private
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://cdns.us1.gigya.com
x-callid: 1b993597ea0f4b799b701e45f5e66fc5
Connection: keep-alive
x-server: us1d-nomad-g18
Access-Control-Allow-Credentials: true
x-robots-tag: none

GET
H2 200 cb83e551-aded-466c-968d-3104a05a08c1.json Show response
cdn.cookielaw.org/consent/cb83e551-aded-466c-968d-3104a05a08c1/ 4 KB
2 KB 43ms
24ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cb83e551-aded-466c-968d-3104a05a08c1/cb83e551-aded-466c-968d-3104a05a08c1.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c6b6c88f5b754a0ba191624b6be58052d43ff87a321826fbda7b4921f921bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ttBXWJP9J3+LaKlnLkZ6xg==
age: 3691
vary: Accept-Encoding
content-length: 1396
x-ms-lease-status: unlocked
last-modified: Thu, 26 Aug 2021 18:19:02 GMT
server: cloudflare
etag: 0x8D968BDFB234ECE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 78b8e27d-901e-00f2-6e0e-f60a72000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cc87594ac852b12-FRA
expires: Wed, 12 Jan 2022 22:31:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 83ms
54ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cc875950ea97049-FRA

GET
H2 200 api-0.8.0.js Show response
apps.bazaarvoice.com/apps/api/ 32 KB
10 KB 11ms
11ms Script
text/javascript 2600:9000:223f:4c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/apps/api/api-0.8.0.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c3669397a0d6ab57176fa267184cf71c62cac31cd57d6d26aa0f5cdd1797d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:38:26 GMT
content-encoding: br
age: 9294755
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 9446
last-modified: Mon, 28 Jun 2021 05:46:14 GMT
server: AmazonS3
etag: "2a3c8257e39e8d832f9d916dfab964bf"
x-amz-version-id: Mjyam6ROxf61rZzf3IoVa2q9qmgyZxNz
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: fsQ9AUx9efH8f8es-wZ0AC7Ma6SZZODiStOFBKi6ezkVPzDZZgCPvQ==

GET
H2 200 api-config.js Show response
apps.bazaarvoice.com/deployments/theraflu/main_site/staging/en_US/ 393 B
716 B 125ms
124ms Script
text/javascript 2600:9000:223f:4c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/deployments/theraflu/main_site/staging/en_US/api-config.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c62f3ce88fe69a778b9748d24ad7d8210f384722b88e64ad081eea936bcb5c2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: B7nWM56hK1y78n.CEGBgHixf9yrlKj8b
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 15:10:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "51e73b46fb56541d0cad501e688e8370"
x-cache: RefreshHit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 12 Jan 2022 18:31:01 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 274
x-amz-cf-id: vsSfW5a4zEzMUaYP95F03hsNA0gCS431ZFsoXgxifWx8fSR2NDykng==

GET
H2 200 inline_ratings-2.2.3.js Show response
apps.bazaarvoice.com/apps/inline_ratings/ 115 KB
34 KB 13ms
12ms Script
text/javascript 2600:9000:223f:4c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/apps/inline_ratings/inline_ratings-2.2.3.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dac442d83b1787ebe3ddfbc0426119b8ff4d9f4503294d36e0a909531dedc12d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:08:47 GMT
content-encoding: gzip
age: 7197734
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34321
last-modified: Thu, 21 Oct 2021 10:58:24 GMT
server: AmazonS3
etag: "f6c0bac02b40e7f2b18f6fe4b2a06e5e"
x-amz-version-id: HjN2ywpnMJubnuajZiy3ItKr3fgxk6H6
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: vQv1VBU1vgWHPkELt1Mq8Y18GwWhp0byopM6rrOWXO28_E7dHd7Euw==

GET
H2 200 inline_ratings-config.js Show response
apps.bazaarvoice.com/deployments/theraflu/main_site/staging/en_US/ 2 KB
2 KB 125ms
125ms Script
text/javascript 2600:9000:223f:4c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/deployments/theraflu/main_site/staging/en_US/inline_ratings-config.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a05937cb7ec6c7a611094d04b31317dc9a530364ef2eade618796c8a61bdf60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: QCjg0nswslfBBAU7_gwhjpaRzEB4y2cj
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 15:10:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "3c1a1304273b3cb8ccda173bb78cba39"
x-cache: RefreshHit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 12 Jan 2022 18:31:01 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1261
x-amz-cf-id: xyDN8-QNU53cwO15RkdtFPSvcv6I-LV309firmJckRRgGG0XvdjzsA==

GET
H/1.1 200
OK sso.htm Show response
cdns.us1.gigya.com/gs/ Frame 39F3 75 KB
27 KB 18ms
18ms Document
text/html 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-254-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

a2eebdcd8408499d32001fcada14087edbda84166bb7240cc4a56679353c20b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 27499
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g3
x-callid: e7d8e41b0e3f410b94d0622837c39f22
Accept-Ranges: bytes
x-robots-tag: none
Cache-Control: public, max-age=86400, s-maxage=3600
Date: Wed, 12 Jan 2022 18:31:00 GMT
Connection: keep-alive

GET
H/1.1 200
OK sso.htm Show response
cdns.us1.gigya.com/gs/ Frame 4DD4 75 KB
27 KB 31ms
17ms Document
text/html 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-254-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

a2eebdcd8408499d32001fcada14087edbda84166bb7240cc4a56679353c20b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 27499
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g3
x-callid: e7d8e41b0e3f410b94d0622837c39f22
Accept-Ranges: bytes
x-robots-tag: none
Cache-Control: public, max-age=86400, s-maxage=3600
Date: Wed, 12 Jan 2022 18:31:00 GMT
Connection: keep-alive

GET
H2 200 bv-analytics.js Show response
analytics-static.ugc.bazaarvoice.com/prod/static/3/ 37 KB
12 KB 46ms
8ms Script
application/javascript 2600:9000:223c:a400:1c:58a3:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/3/bv-analytics.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a400:1c:58a3:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cd6b3d20d6e963f30ba287515f4ad3ef82591eb02d42c0b7bb69910e0c2dc1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: T1rOOG.tjhLCS5caRA3mVK3Pts2JHKce
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 05:34:35 GMT
server: AmazonS3
age: 203813
etag: "d3aef93c253c3ba2da5bac29c7fe2d27"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Mon, 10 Jan 2022 09:54:08 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 12152
x-amz-cf-id: gtg9XJ6JrIIig26BSNaOimKxEl1UhFZt31megGft89ywbo1f1nyK9A==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.22.0/ 311 KB
74 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 10307
vary: Accept-Encoding
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
server: cloudflare
etag: 0x8D962BA8ADAEF03
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7c0f5ba0-a01e-011b-749f-02b021000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cc875957e894e0d-FRA

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame 39F3 3 KB
2 KB 16ms
16ms Fetch
text/javascript 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&pageURL=https%3A%2F%2Fwww.theraflu.com
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c02e9aaf56e37972d16e74d9f00b3d162556ccc5ac2fcbc6a30ed735c2d5db2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: f7b3a8754c8c457c8c83d3148722d4f1
Cache-Control: public, max-age=86400
x-server: us1d-nomad-g9
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1183

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/cb83e551-aded-466c-968d-3104a05a08c1/df52410d-6bdb-4546-b97f-71defa588bbc/ 45 KB
12 KB 54ms
54ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cb83e551-aded-466c-968d-3104a05a08c1/df52410d-6bdb-4546-b97f-71defa588bbc/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

260346cc4d23c6bfc6ce793b18c0724c6d1b119e3c6c9527216e0716f1041693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BT9cSZRauI77QyYdPKae7w==
age: 3690
vary: Accept-Encoding
content-length: 12153
x-ms-lease-status: unlocked
last-modified: Thu, 26 Aug 2021 18:19:05 GMT
server: cloudflare
etag: 0x8D968BDFD191485
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 799e74f7-f01e-0061-573f-029c39000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cc87595bee32b12-FRA
expires: Wed, 12 Jan 2022 22:31:00 GMT

GET
H/1.1 200
OK sid.gif
network-stg.bazaarvoice.com/ 43 B
676 B 542ms
135ms Image
image/gif 34.229.5.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network-stg.bazaarvoice.com/sid.gif?_=v6owet
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.5.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-5-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
Cache-Control: no-cache, no-transform, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK sid.gif
network-stg.bazaarvoice.com/ 43 B
676 B 542ms
136ms Image
image/gif 34.229.5.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network-stg.bazaarvoice.com/sid.gif?_=txyt2l
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.5.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-5-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
Cache-Control: no-cache, no-transform, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame 4DD4 3 KB
2 KB 17ms
17ms Fetch
text/javascript 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&pageURL=https%3A%2F%2Fwww.theraflu.com
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c02e9aaf56e37972d16e74d9f00b3d162556ccc5ac2fcbc6a30ed735c2d5db2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: f7b3a8754c8c457c8c83d3148722d4f1
Cache-Control: public, max-age=86400
x-server: us1d-nomad-g9
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1183

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 13 KB
3 KB 35ms
35ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
age: 7414543
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA867F281F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1c740b10-901e-00b6-4f73-c4d61e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cc875964ff12b12-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 57 KB
14 KB 205ms
205ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f149e7c38f464d9bd33c60ec2f2cf3ef8b9ff5a713015193a5122b06b955a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: q+A0UmQu4DkuMO5ekBd+gg==
vary: Accept-Encoding
content-length: 14253
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:11 GMT
server: cloudflare
etag: 0x8D962BA870DA01B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6c61f2fd-b01e-006d-623f-0272c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cc875964ff42b12-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 20 KB
4 KB 35ms
35ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
age: 7414543
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 61566826-001e-00b8-0873-c43a15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6cc875964ff62b12-FRA

GET
H/1.1 200
OK statistics.json Show response
stg.api.bazaarvoice.com/data/ 824 B
1 KB 187ms
87ms Fetch
application/json 34.253.97.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.api.bazaarvoice.com/data/statistics.json?apiversion=5.4&passkey=caoItwGXGy2aZUxjwxz6to9AqlCxUAzgQnMmiZd2M6M7s&stats=Reviews&filter=ContentLocale:en_US,en&filter=ProductId:tea-infusion-day-night,cough-relief,day-time,sinus-and-pain
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/apps/inline_ratings/inline_ratings-2.2.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.253.97.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-97-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dfa7587a4b375e1771756cbbf7df6b2f7075eadc1a84d69e142df205b7453d05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:00 GMT
Content-Encoding: gzip
X-Bazaarvoice-Quota-Allotted: 1728000
Transfer-Encoding: chunked
X-Bazaarvoice-Api-Version: 5.4
Connection: keep-alive
X-Bazaarvoice-Quota-Current: 0
X-Bazaarvoice-QPM-Current: 1
X-Bazaarvoice-QPM-Allotted: 2400
Server: nginx
X-Bazaarvoice-QPS-Allotted: 40
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.theraflu.com
Access-Control-Expose-Headers: X-Bazaarvoice-Api-Version,X-Bazaarvoice-Original-MessageId,X-Bazaarvoice-Platform-Version,X-Bazaarvoice-QPM-Allotted,X-Bazaarvoice-QPM-Current,X-Bazaarvoice-QPS-Allotted,X-Bazaarvoice-QPS-Current,X-Bazaarvoice-Quota-Allotted,X-Bazaarvoice-Quota-Current,X-Bazaarvoice-Quota-Reset,X-Requested-With,X-CSRF-Token,Content-Type
X-Bazaarvoice-Platform-Version: 2
X-Bazaarvoice-Original-MessageId: rrt-075fb686a83de90e3-a-wo-17121-30632845-1
X-Bazaarvoice-QPS-Current: 1
X-Bazaarvoice-Quota-Reset: 2022-01-12T19:00:00.000Z

GET
H/1.1 200
OK sso.htm Show response
cdns.us1.gigya.com/gs/ Frame 551B 75 KB
27 KB 39ms
39ms Document
text/html 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-254-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

a2eebdcd8408499d32001fcada14087edbda84166bb7240cc4a56679353c20b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 27499
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g3
x-callid: e7d8e41b0e3f410b94d0622837c39f22
Accept-Ranges: bytes
x-robots-tag: none
Cache-Control: public, max-age=86400, s-maxage=3600
Date: Wed, 12 Jan 2022 18:31:00 GMT
Connection: keep-alive

GET
H/1.1 200
OK accounts.getScreenSets Show response
accounts.us1.gigya.com/ Frame 2834 48 KB
9 KB 161ms
161ms XHR
text/javascript 23.37.32.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.us1.gigya.com/accounts.getScreenSets?screenSetIDs=Theraflu-Coupons-Mail&include=html%2Ccss%2Cjavascript%2Ctranslations%2C&lang=en&APIKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdkBuild=12563&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=12563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.32.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-32-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8bb6a6e16ed4df5f6e51ac24b64b93769eb8ebe08c5313e28c1ee4c52287b5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdns.us1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
x-soa: true, Gator
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Server-Timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=31
Content-Length: 8490
Cache-Control: private
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://cdns.us1.gigya.com
x-callid: edc6cf84b0e7427d9c7f0bde5742c3a2
Connection: keep-alive
x-server: us1d-nomad-g5
Access-Control-Allow-Credentials: true
x-robots-tag: none

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame 551B 3 KB
2 KB 40ms
39ms Fetch
text/javascript 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&pageURL=https%3A%2F%2Fwww.theraflu.com
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c02e9aaf56e37972d16e74d9f00b3d162556ccc5ac2fcbc6a30ed735c2d5db2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=12563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: f7b3a8754c8c457c8c83d3148722d4f1
Cache-Control: public, max-age=86400
x-server: us1d-nomad-g9
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1183

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 197ms
109ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TN9NWLYCYS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7ce07146a919596ea7faa00c396b802f9ca940c4ef2c5e8b616213e48f40fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62749
x-xss-protection: 0
expires: Wed, 12 Jan 2022 18:31:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 188ms
100ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Q47Q3C7RV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd1cca88fd10116d00e3e66056eb4b257f451629198d506fffd4d75a3ba94ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62764
x-xss-protection: 0
expires: Wed, 12 Jan 2022 18:31:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3367
date: Wed, 12 Jan 2022 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 12 Jan 2022 19:34:54 GMT

GET
H3

200

activityi;dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F... Show response
9174324.fls.doubleclick.net/ Frame 7753
Redirect Chain

https://9174324.fls.doubleclick.net/activityi;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%...
https://9174324.fls.doubleclick.net/activityi;dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=therafl...

492 B
387 B

126ms
64ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9174324.fls.doubleclick.net/activityi;dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

34c24b5f8bb1f249910819e1d2cd9260f6f660fafa693df0f7ae3ddf583bcaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jan 2022 18:31:01 GMT
expires: Wed, 12 Jan 2022 18:31:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jan 2022 18:31:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9174324.fls.doubleclick.net/activityi;dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F Show response
5116519.fls.doubleclick.net/ Frame 3803
Redirect Chain

https://5116519.fls.doubleclick.net/activityi;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
https://5116519.fls.doubleclick.net/activityi;dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%...

399 B
352 B

135ms
62ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5116519.fls.doubleclick.net/activityi;dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

4b064664b3e286b37c396a22267abbcd19126ca4b5efc94e0770fe5b2fc1dbef

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jan 2022 18:31:01 GMT
expires: Wed, 12 Jan 2022 18:31:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jan 2022 18:31:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5116519.fls.doubleclick.net/activityi;dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 232ms
43ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200097-IAD, cache-fra19147-FRA

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 189ms
40ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-96-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 16:07:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 8592
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: 2Ju9xu7GMoYifVhEw9aFdnhdzHfpVZGRFB8B9-Bgly-xrcULDueihQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 281ms
75ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:00 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8C28A3B9E7B46FCA7827100B5FD499E Ref B: FRAEDGE1213 Ref C: 2022-01-12T18:31:01Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 192ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: mXe2IbZ//kfn/PEfk7XH1URygLXKP/vFzZMJRqztsKiwITjiF/AnkC1+ZA+5jTqgJfpVpq6AbzIhs9jHBGh0YQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 12 Jan 2022 18:31:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activityi;register_conversion=1;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.thera...
9174324.fls.doubleclick.net/ 0
0 417ms
81ms Image
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9174324.fls.doubleclick.net/activityi;register_conversion=1;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766...

43 B
932 B

143ms
143ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1995709930&dcc=t

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Jan 2022 18:31:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 26YKZWGVRTMXX7WZ6BP8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Jan 2022 18:31:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: F35KD9X9BTDMQA4R3B67
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1995709930&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activityi;register_conversion=1;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F
5116519.fls.doubleclick.net/ 0
0 409ms
83ms Image
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5116519.fls.doubleclick.net/activityi;register_conversion=1;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 211ms
67ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=2obq2qw&ct=0:eys241p&fmt=3&gtmcb=1194119308
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK bigLoader.gif
cdns1.gigya.com/gs/i//accounts/ 3 KB
3 KB 350ms
49ms Image
image/gif 92.122.254.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdns1.gigya.com/gs/i//accounts/bigLoader.gif
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.203 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45a4c07e164d3d803b62494a3d2ded0555eee1c6fb4940de3f98fa9c4fb08c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-version: 1
Date: Wed, 12 Jan 2022 18:31:01 GMT
Content-Type: image/gif
Last-Modified: Mon, 16 Aug 2021 10:11:05 GMT
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-legacyproxy: true
Cache-Control: max-age=86400
x-server: us1d-web501
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 3208

GET
H/1.1 200
OK accounts.getSchema Show response
accounts.us1.gigya.com/ Frame 2834 114 KB
9 KB 166ms
165ms XHR
text/javascript 23.37.32.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.us1.gigya.com/accounts.getSchema?APIKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdkBuild=12563&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=12563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.32.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-32-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 565b1232d7b1d1caa39f6802820170671f7c9fa5a9629a6ebd337c019697e82e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdns.us1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
x-soa: true, Gator
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Server-Timing: edge; dur=2, origin; dur=111, cdn-cache; desc=MISS
Content-Length: 8165
Cache-Control: private
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://cdns.us1.gigya.com
x-callid: 935c4b3bee1a460c89dd6977efb748e0
Connection: keep-alive
x-server: us1d-nomad-g8
Access-Control-Allow-Credentials: true
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 230ms
119ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-38587364-3&cid=2092247982.1642012261&jid=398232829&gjid=1296925104&_gid=1735575253.1642012261&_u=YGBAgEABAAAAAE~&z=809603797

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theraflu.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 12 Jan 2022 18:31:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 169ms
84ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=41635891&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&ul=en-us&de=UTF-8&dt=Cold%20and%20Flu%20Relief%20Medicine%20%7C%20Theraflu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=1708601106&gjid=499254602&cid=2092247982.1642012261&tid=UA-135635203-1&_gid=1735575253.1642012261&_r=1&gtm=2wg1a05CHPKDL&z=55618180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theraflu.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 161ms
76ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=41635891&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&ul=en-us&de=UTF-8&dt=Cold%20and%20Flu%20Relief%20Medicine%20%7C%20Theraflu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=398232829&gjid=1296925104&cid=2092247982.1642012261&tid=UA-38587364-3&_gid=1735575253.1642012261&gtm=2wg1a05CHPKDL&z=1715224099

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 23:04:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69965
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id.json Show response
network-stg.bazaarvoice.com/ 123 B
339 B 132ms
131ms Script
application/javascript 34.229.5.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://network-stg.bazaarvoice.com/id.json?_=jfk6gu&callback=_bvajsonp1
Requested by: Host: analytics-static.ugc.bazaarvoice.com
URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/3/bv-analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.5.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-5-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 601ffefcc9221352038115c23861b39731187cf6d25d498d153254112d328f35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Cache-Control: no-cache, no-transform
Server: nginx
Connection: keep-alive
Content-Length: 123
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK id.json Show response
network-stg.bazaarvoice.com/ 123 B
339 B 131ms
131ms Script
application/javascript 34.229.5.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://network-stg.bazaarvoice.com/id.json?_=x1cfy1&callback=_bvajsonp2
Requested by: Host: analytics-static.ugc.bazaarvoice.com
URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/3/bv-analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.5.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-5-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5576ef200829995dab20e4b238da5dea3599036a7fe7ad324722d51db64718ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Cache-Control: no-cache, no-transform
Server: nginx
Connection: keep-alive
Content-Length: 123
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 421904308779386 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 146ms
96ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/421904308779386?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc0a9b77a00ba661df5a95f09ccb8f775662bf657d776c6509f48776fd7d4ca7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: zuQtvlgcuOtX/fYJVqt66eSGNvBn12bLEiKsqLqzji3zaN7JYIqXDi+n3dGb+AqrhFIasTxvuYpP6lmQ4MaKgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 12 Jan 2022 18:31:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 273ms
118ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4o1k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8cb7a987-46cf-43a3-9962-392770624ca7&tw_document_href=https%3A%2F%2Fwww.theraflu.com%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Wed, 12 Jan 2022 18:31:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: befec8855c6d35de645b0f76b1e725bb4eec742e8dc554386d615332e95c5403
x-transaction: fbb28b2bc4a4cb6f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
469 B 254ms
136ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4o1k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8cb7a987-46cf-43a3-9962-392770624ca7&tw_document_href=https%3A%2F%2Fwww.theraflu.com%2F

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Wed, 12 Jan 2022 18:31:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b1ac41889cb0d09129ba0783fffcd67db4dbddc0af1ec3ecd57619e2bb72b648
x-transaction: 3febc0226a353e41
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 Theraflu_Badge_Brandmark_1000.png
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 131 KB
131 KB 292ms
292ms Image
image/png 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/Theraflu_Badge_Brandmark_1000.png

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

d69a6abf613d9a93ddef9e91dca9343b6cc8ad3425fab992a985fa5b53a19334

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
last-modified: Tue, 16 Nov 2021 02:11:59 GMT
server: Apache
etag: "20afa-5d0de734879c0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public, s-maxage=86400
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 133882

GET
H2 200 36002515.js Show response
bat.bing.com/p/action/ 682 B
760 B 161ms
161ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/36002515.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 892d3afcc2c0628080bf0c32db0e8a101fb31b15cbab83c84b18c294d44aa64d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 30E860035B93480887B455BD2982E155 Ref B: FRAEDGE1213 Ref C: 2022-01-12T18:31:01Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 587

GET
H2 204 0
bat.bing.com/action/ 0
150 B 63ms
63ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=36002515&Ver=2&mid=62b84805-d488-45f7-8e69-ff5c0f880486&sid=cb1c1b8073d511ecadb1d9a3a6dc3f65&vid=cb1c2da073d511ecaaf58df8cb80522c&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cold%20and%20Flu%20Relief%20Medicine%20%7C%20Theraflu&p=https%3A%2F%2Fwww.theraflu.com%2F&r=&lt=1082&evt=pageLoad&msclkid=N&sv=1&rn=553377
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 483726C8EAA04F49A2F981CBEDDAB978 Ref B: FRAEDGE1213 Ref C: 2022-01-12T18:31:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK st.gif
network-stg.bazaarvoice.com/ 43 B
676 B 135ms
135ms Image
image/gif 34.229.5.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network-stg.bazaarvoice.com/st.gif?loadId=a6d63aedfc246900&BVBRANDID=e46c8084-6f50-4156-b32f-719f3f02e99e&BVBRANDSID=68df39ab-bb44-49d0-9290-c9edd57a9d89&tz=0&sourceVersion=3.14.0&magpieJsVersion=3.14.0&source=bv-loader&environment=prod&client=theraflu&dc=15779&host=www.theraflu.com&r_batch=!((bvProduct:bv-loader,bvProductVersion:%2713.4.0%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:%271.8000%27,endTime:%271462.0000%27,locale:en_US,name:timeToRunScout,startTime:%271460.2000%27,type:Performance))&_=ouftz2
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.5.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-5-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
Cache-Control: no-cache, no-transform, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK st.gif
network-stg.bazaarvoice.com/ 43 B
676 B 135ms
135ms Image
image/gif 34.229.5.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network-stg.bazaarvoice.com/st.gif?cl=PageView&loadId=a6d63aedfc246900&type=Embedded&BVBRANDID=e46c8084-6f50-4156-b32f-719f3f02e99e&BVBRANDSID=68df39ab-bb44-49d0-9290-c9edd57a9d89&tz=0&sourceVersion=3.14.0&magpieJsVersion=3.14.0&source=bv-loader&environment=prod&client=theraflu&dc=15779&host=www.theraflu.com&locale=en_US&deploymentZone=main_site&displaySegment=baseline&bvProduct=InlineRatings&bvProductVersion=2.2.3&href=https://www.theraflu.com/&canurl=https://www.theraflu.com/&res=1600x1200&lang=en-us&charset=UTF-8&geo=1&cookies=1&r_t=(con:192,dns:10,load:-1642012259955,req:322,res:2,tot:-1642012259223)&_=ifpewq&ref=
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.5.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-5-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 18:31:01 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
Cache-Control: no-cache, no-transform, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: -1

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 77ms
76ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TN9NWLYCYS&gtm=2oe1a0&_p=41635891&sr=1600x1200&ul=en-us&cid=2092247982.1642012261&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&dt=Cold%20and%20Flu%20Relief%20Medicine%20%7C%20Theraflu&sid=1642012261&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TN9NWLYCYS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theraflu.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 79ms
78ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4Q47Q3C7RV&gtm=2oe1a0&_p=41635891&sr=1600x1200&ul=en-us&cid=2092247982.1642012261&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&dt=Cold%20and%20Flu%20Relief%20Medicine%20%7C%20Theraflu&sid=1642012261&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Q47Q3C7RV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theraflu.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 67ms
12ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=421904308779386&ev=PageView&dl=https%3A%2F%2Fwww.theraflu.com%2F&rl=&if=false&ts=1642012261590&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642012261589.1396719197&it=1642012261347&coo=false&rqm=GET

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 12 Jan 2022 18:31:01 GMT

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.31/ 52 KB
23 KB 304ms
102ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/36002515.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:01 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E5E202F7A49D491F8278F858D0DF2CAB&RedC=c.clarity.ms&MXFR=3620D2B3F66C6F501F92C399F26C6174
https://c.clarity.ms/c.gif?CtsSyncId=E5E202F7A49D491F8278F858D0DF2CAB&MUID=27847775B59165E327FE665FB443644D

42 B
369 B

27ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E5E202F7A49D491F8278F858D0DF2CAB&MUID=27847775B59165E327FE665FB443644D
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F084C879FDCD4A0AADF534B85F449C29 Ref B: FRAEDGE1213 Ref C: 2022-01-12T18:31:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E5E202F7A49D491F8278F858D0DF2CAB&MUID=27847775B59165E327FE665FB443644D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F
adservice.google.com/ddm/fls/z/ Frame 3803 42 B
107 B 189ms
86ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F

Requested by

Host: 5116519.fls.doubleclick.net
URL: https://5116519.fls.doubleclick.net/activityi;dc_pre=CN_cv6zsrPUCFdXM1QodwBcAXw;src=5116519;type=thera001;cat=thera0;ord=3562697645371;gtm=2wg1a0;auiddc=355442827.1642012261;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5116519.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=*;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F...
adservice.google.com/ddm/fls/z/ Frame 7753 42 B
494 B 187ms
84ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=*;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F

Requested by

Host: 9174324.fls.doubleclick.net
URL: https://9174324.fls.doubleclick.net/activityi;dc_pre=CMShwKzsrPUCFUPt1QodBMIP8Q;src=9174324;type=unvfls;cat=unvfls;ord=8551072400850;gtm=2wg1a0;auiddc=355442827.1642012261;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;ps=1;~oref=https%3A%2F%2Fwww.theraflu.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9174324.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 162ms
73ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38587364-3&cid=2092247982.1642012261&jid=398232829&_u=YGBAgEABAAAAAE~&z=1558643011

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 163ms
74ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38587364-3&cid=2092247982.1642012261&jid=398232829&_u=YGBAgEABAAAAAE~&z=1558643011

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jan 2022 18:31:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 79BB 0
181 B 31ms
31ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=2obq2qw&ref=https%3A%2F%2Fwww.theraflu.com%2F&upid=4uicnfj&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/

Response headers

date: Wed, 12 Jan 2022 18:31:02 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 theraflu-Symptoms-Cold-Flu-section-1-MB-body.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/article-body/ 16 KB
16 KB 15ms
15ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/article-body/theraflu-Symptoms-Cold-Flu-section-1-MB-body.jpg?auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3da524488bf6579ea07ff9694413134c700132a97c9f1cc77f2153ead773cd0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 16:45:46 GMT
server: imgix
age: 2943915
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: bc54b283068c91861b4dff611f75886539a54119
accept-ranges: bytes
content-length: 16025
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10080-SJC, cache-fra19181-FRA

GET
H2 200 theraflu-Symptoms-Cold-Flu-section-2-MB-body.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/article-body/ 10 KB
10 KB 11ms
11ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/article-body/theraflu-Symptoms-Cold-Flu-section-2-MB-body.jpg?auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fea4bac18c7b5a8c1bcbabc23d1f6b34fcadf79435c199e2d48a0f94fa34ca0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 23:08:03 GMT
server: imgix
age: 2834579
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: a6188802c9370680ab89b28ad0168d3438acbe4a
accept-ranges: bytes
content-length: 10568
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10038-SJC, cache-fra19181-FRA

GET
H2 200 theraflu-Symptoms-Cold-Flu-section-3-MB-body.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/article-body/ 19 KB
19 KB 28ms
27ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/article-body/theraflu-Symptoms-Cold-Flu-section-3-MB-body.jpg?auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7ee56cc60098f72099cf2bca262ad3aeda0560e0857768f9ec531a73334af7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:31:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Dec 2021 18:53:56 GMT
server: imgix
age: 2849826
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 332898786ae0cddaf035d62e44ff3eec5cc3040f
accept-ranges: bytes
content-length: 18983
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10027-SJC, cache-fra19181-FRA

POST
H2 204 collect Show response
d.clarity.ms/ 0
71 B 103ms
102ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theraflu.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.theraflu.com
date: Wed, 12 Jan 2022 18:31:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 179D 0
18 B 17ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.theraflu.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theraflu.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Wed, 12 Jan 2022 18:31:02 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 601ms
600ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theraflu.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.theraflu.com
date: Wed, 12 Jan 2022 18:31:02 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 110ms
110ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theraflu.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.theraflu.com
date: Wed, 12 Jan 2022 18:31:05 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theraflu.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
www.theraflu.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
www.theraflu.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
.www.theraflu.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.theraflu.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 12765-3-27366840
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: u8Bhx5lgY9c
.youtube.com/	1970-01-20 04:26:04	Name: VISITOR_INFO1_LIVE Value: 4EGT889AhiY
.cdns.us1.gigya.com/	1970-01-20 08:52:28	Name: apiDomain_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz Value: us1.gigya.com
.gigya.com/	1970-01-20 08:52:28	Name: gmid Value: gmid.ver4.AcbH5Pb7zw.lyuwiY1I5rRd1r4h-1ZowDBbCWg7x_DAKjI4tL6s8_WR_8Cn1DJJ5oC_7j0JzQF8.G-lQHGW9HT6HoaKDNZ7yTOmlJL8Wo4zqHHixB_OTwPZ-shXUU0_uxVVnE5zO2ym436agz4Yj-bCvWH34SO9dAw.sc3
.gigya.com/	1970-01-20 08:52:28	Name: ucid Value: mwVcOh1FPf4DjFm2WdgM5A
.gigya.com/	1970-01-20 04:27:27	Name: hasGmid Value: ver4
.theraflu.com/	1970-01-20 08:52:28	Name: gig_bootstrap_3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ Value: _gigya_ver4
.theraflu.com/	1970-01-20 08:52:28	Name: BVBRANDID Value: e46c8084-6f50-4156-b32f-719f3f02e99e
.theraflu.com/	1970-01-20 00:06:54	Name: BVBRANDSID Value: 68df39ab-bb44-49d0-9290-c9edd57a9d89
.cdns.us1.gigya.com/	1970-01-20 08:52:28	Name: gig_canary_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz Value: false
.cdns.us1.gigya.com/	1970-01-20 08:52:28	Name: gig_canary_ver_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz Value: 12765-3-27366840
.theraflu.com/	1970-01-20 02:16:28	Name: _gcl_au Value: 1.1.355442827.1642012261
.theraflu.com/	1970-01-20 08:52:28	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jan+12+2022+18%3A31%3A01+GMT%2B0000+(GMT)&version=6.22.0&isIABGlobal=false&hosts=&consentId=1419849e-8997-4ff4-845f-26621efd150a&interactionCount=0&landingPath=https%3A%2F%2Fwww.theraflu.com%2F&groups=1%3A1%2C3%3A1%2C2%3A1%2C4%3A1%2C5%3A1
.theraflu.com/	1970-01-20 00:08:18	Name: _gid Value: GA1.2.1735575253.1642012261
.theraflu.com/	1970-01-20 00:06:52	Name: _dc_gtm_UA-38587364-3 Value: 1
.theraflu.com/	1970-01-20 00:06:52	Name: _gat_UA-135635203-1 Value: 1
.network-stg.bazaarvoice.com/	1970-01-20 08:52:28	Name: BVID Value: e14a174c-126f-417e-90e0-77e3dd2157e2
.network-stg.bazaarvoice.com/	1970-01-20 00:06:54	Name: BVSID Value: fdcfa320-81b4-489c-bb6b-821e962aaf36
.bing.com/	1970-01-20 09:28:28	Name: MUID Value: 27847775B59165E327FE665FB443644D
.theraflu.com/	1970-01-20 00:08:18	Name: _uetsid Value: cb1c1b8073d511ecadb1d9a3a6dc3f65
.theraflu.com/	1970-01-20 09:28:28	Name: _uetvid Value: cb1c2da073d511ecaaf58df8cb80522c
.theraflu.com/	1970-01-20 17:38:04	Name: _ga_TN9NWLYCYS Value: GS1.1.1642012261.1.0.1642012261.0
.theraflu.com/	1970-01-20 17:38:04	Name: _ga Value: GA1.1.2092247982.1642012261
.theraflu.com/	1970-01-20 17:38:04	Name: _ga_4Q47Q3C7RV Value: GS1.1.1642012261.1.0.1642012261.0
.theraflu.com/	1970-01-20 02:16:28	Name: _fbp Value: fb.1.1642012261589.1396719197
.twitter.com/	1970-01-20 17:38:04	Name: personalization_id Value: "v1_Jb7WnPvPZH0Eu4peSa+1qg=="
.doubleclick.net/	1970-01-20 09:28:28	Name: IDE Value: AHWqTUkRvn14fxHaYQzV6LvhRPs9AWWn7UymGm5Eur1AuY9bTG2OBijwx0tTxyeT-iM
.amazon-adsystem.com/	1970-01-20 06:24:09	Name: ad-id Value: Aylw239Z7kbJgjT_dniUCM8
.amazon-adsystem.com/	1970-01-21 21:50:04	Name: ad-privacy Value: 0
.c.bing.com/	1970-01-20 09:28:28	Name: SRM_B Value: 27847775B59165E327FE665FB443644D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:28:28	Name: MUID Value: 27847775B59165E327FE665FB443644D
.c.clarity.ms/	1970-01-20 00:06:52	Name: ANONCHK Value: 0
.theraflu.com/	1970-01-20 08:52:28	Name: _clck Value: 1sll4ht\|1\|ey2\|0
.theraflu.com/	1970-01-20 00:08:18	Name: _clsk Value: cre3em\|1642012262298\|1\|1\|d.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5116519.fls.doubleclick.net
9174324.fls.doubleclick.net
a-cf65.ch-static.com
accounts.us1.gigya.com
adservice.google.com
analytics-static.ugc.bazaarvoice.com
analytics.twitter.com
apps.bazaarvoice.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cdns.gigya.com
cdns.us1.gigya.com
cdns1.gigya.com
connect.facebook.net
d.clarity.ms
d22xmn10vbouk4.cloudfront.net
geolocation.onetrust.com
i-cf65.ch-static.com
insight.adsrvr.org
js.adsrvr.org
network-stg.bazaarvoice.com
s.amazon-adsystem.com
static.ads-twitter.com
stats.g.doubleclick.net
stg.api.bazaarvoice.com
t.co
theraflu.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.theraflu.com
www.youtube.com
104.244.42.133
104.244.42.195
142.250.186.166
151.101.12.157
18.66.137.15
18.66.96.113
23.37.32.195
2600:9000:223c:a400:1c:58a3:4780:93a1
2600:9000:223f:4c00:d:274d:a6c0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b844
2606:4700::6810:9440
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c0b::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::720
34.229.5.226
34.253.97.172
35.71.131.137
40.76.174.66
52.142.114.2
52.251.65.90
52.46.130.91
92.122.254.203
051ab643438de53f1682edbbae1effcd49553a609bdf8ac07c7f27d333fe8f24
066e1fc1ab8d326d3e0b9036c0e96a5699f9decabce185f40459d447d9073586
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0ae4c000a8769e9407ff17747131308f9a5c93381c798dd757b4c254c8b6d8f9
0af50c57bcd2b8a53688589779ec00cf23588d698422ef60c63063ca514332cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b1ed45698d8402655737dc3f812a2e5d436383daa6c1f3c9d1e28f8ed580fe
14a5a4c93777f509dbd63c51fa05a10822058457addba41572357aa2ba962b4d
1eeea71bb6568c67df0e693457ae9caf1f9c85a835e4ba3a480cf9bfbedeb48a
260346cc4d23c6bfc6ce793b18c0724c6d1b119e3c6c9527216e0716f1041693
2f149e7c38f464d9bd33c60ec2f2cf3ef8b9ff5a713015193a5122b06b955a7b
2f4a323987d6f3af5714f7de29513c581c56129d590d45b6849056c71231c78c
34c24b5f8bb1f249910819e1d2cd9260f6f660fafa693df0f7ae3ddf583bcaff
37904ffe567d054211e8b921bc611c9a11f21349a658bd7f7b56a25190c0994f
3c3669397a0d6ab57176fa267184cf71c62cac31cd57d6d26aa0f5cdd1797d19
3da524488bf6579ea07ff9694413134c700132a97c9f1cc77f2153ead773cd0b
3fd26b2b4969eaf06cc8d7564d783a3240e0d35c357268f95c423a0b3d031470
40c6b6c88f5b754a0ba191624b6be58052d43ff87a321826fbda7b4921f921bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c07e164d3d803b62494a3d2ded0555eee1c6fb4940de3f98fa9c4fb08c7e
4b064664b3e286b37c396a22267abbcd19126ca4b5efc94e0770fe5b2fc1dbef
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5576ef200829995dab20e4b238da5dea3599036a7fe7ad324722d51db64718ea
55d386bb5f32e83974b9f630ada5421e96d9f499243e212e248343093ddede51
565b1232d7b1d1caa39f6802820170671f7c9fa5a9629a6ebd337c019697e82e
56ffacf7e1adcff39289ad8604b9978aac8dffcf73c7356ba3c3d2577742e6c0
5b3438659036fd1e8b8253e0781f539ecd90191e061387614c6db42c3669dfa4
5e7e5c63baa18222e60c2fa584531b8a2e68f87a6396f427ae0f85e9c36c6404
601ffefcc9221352038115c23861b39731187cf6d25d498d153254112d328f35
6a05937cb7ec6c7a611094d04b31317dc9a530364ef2eade618796c8a61bdf60
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7ee56cc60098f72099cf2bca262ad3aeda0560e0857768f9ec531a73334af7a4
81acf086c428c0d3d2df7b6d9aa0049687361294841d3420f597b241d3abd82f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b08206e98c7c8daf067d0301b3319a1723bb65f97177c1e6203ffc4a261682
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872fe02b3b3066df44c3fa1002114869a3541da2fcc5b1f563c6d3cf490a6134
892d3afcc2c0628080bf0c32db0e8a101fb31b15cbab83c84b18c294d44aa64d
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
8aa9db25d3e08c98dd34d7a1a896ff8a23568c2381ef1434f31ec3818daa6787
8ac1f94cd02384d19224ad4b31edd4e57738576464599b55761ae4fd57d03575
8b089e7e52cd9da0cb10fe87e0f4195cd4a2ac05c53c8d4782095c3aa0a82f36
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
917b71cee12e8a0f5b51b2e526125f5e40f459d5c2fc895af3ebd410a168ce66
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cd6b3d20d6e963f30ba287515f4ad3ef82591eb02d42c0b7bb69910e0c2dc1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2eebdcd8408499d32001fcada14087edbda84166bb7240cc4a56679353c20b3
a30076cdaa39643830ad596a4b7dc619fff468f03c1efa3b84dfe023566373bf
ac1cc4e3e97a9060e28544653033159c1b37bfd65d77219c890457703ac47026
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af142e7e56c1482d6bde1f9ef0b14c7aba6d065e16ef86109c0e0d636b4eb52e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b69c12e7a4564cb8f5d275487011ef3b8a26b47431686fab6b11b2f7c38b1f23
bd099964d132c1d17f1ac2b6914342430c36c9b8e14d5bb733f1e140a9b80d1a
c02e9aaf56e37972d16e74d9f00b3d162556ccc5ac2fcbc6a30ed735c2d5db2d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2446c5c86484b6b006c35fbc4fc7e6afe71e5eca1859a399d64a4787a8891e3
c49d6e28f3de7e7856b87bdb62d554544f0c67ec5e16224d2f194b31e26440cf
c62f3ce88fe69a778b9748d24ad7d8210f384722b88e64ad081eea936bcb5c2e
c82668106a46ff4624d06f82252d79db40081cba3cfaefe6e99abac02bc2848e
ca4fe3091b444698c291cae5b81f908cdfaa2a20d4fe6b1d8c25c52d0e341d57
d4401c654ee7ec5176c30494ea95a9fa33283f5235128a732915a09c84814de7
d69a6abf613d9a93ddef9e91dca9343b6cc8ad3425fab992a985fa5b53a19334
dac442d83b1787ebe3ddfbc0426119b8ff4d9f4503294d36e0a909531dedc12d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1cca88fd10116d00e3e66056eb4b257f451629198d506fffd4d75a3ba94ba2
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfa7587a4b375e1771756cbbf7df6b2f7075eadc1a84d69e142df205b7453d05
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e09899b8901eea8c77d681427930b5e25aea5ac19bd3a2889c7defc379f7af7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56a9b4c334ee9d05f44f62cd3078fa545b43054de5ef791fa140c4024a3faeb
e68683445de234abc922683ad4cb3b1f0e5db14a08ecd48df0fe928cad639429
e7ce07146a919596ea7faa00c396b802f9ca940c4ef2c5e8b616213e48f40fc9
e8bb6a6e16ed4df5f6e51ac24b64b93769eb8ebe08c5313e28c1ee4c52287b5c
e9941ab7996a8182be387670f418ad6aa7c759b60d40520f17fd93466a639093
e9f7df343feb67a20b622d43d1f9d744e534214754566659a36c16fb12040734
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40209e22b8a414f7bcb814f5b570460b1dc47ed8a8acad273c89f8423375434
f4ff09114fe8347b049da92e9d0fbf377e13516bd38924187a7bc727e3b5307f
f7cba4888800d0b93e3bbec3967bfbdc8a66b4fec3d3e1afecfa2015dd0de42a
fc0a9b77a00ba661df5a95f09ccb8f775662bf657d776c6509f48776fd7d4ca7
fea4bac18c7b5a8c1bcbabc23d1f6b34fcadf79435c199e2d48a0f94fa34ca0e

www.theraflu.com Open in urlscan Pro 52.251.65.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

98 %HTTPS

52 %IPv6

23 Domains

37 Subdomains

32 IPs

5 Countries

13013 kBTransfer

16532 kBSize

40 Cookies

22 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theraflu.com Open in urlscan Pro
52.251.65.90 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

98 %
HTTPS

52 %
IPv6

23
Domains

37
Subdomains

32
IPs

5
Countries

13013 kB
Transfer

16532 kB
Size

40
Cookies

106 HTTP transactions
3 data transactions