www.theraflu.com Open in urlscan Pro
52.251.65.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theraflu.com.mcas-df.ms/
Effective URL:
https://www.theraflu.com/
Submission: On January 08 via api (January 8th 2023, 11:54:30 pm UTC) from US — Scanned from US

Summary HTTP 127 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 36 IPs in 1 countries across 27 domains to perform 127 HTTP transactions. The main IP is 52.251.65.90, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.theraflu.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on December 14th 2022. Valid for: a year.

This is the only time www.theraflu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	20.241.142.98 20.241.142.98	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:1400:900... 2600:1400:9000::687e:76f8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 8	52.251.65.90 52.251.65.90	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2600:9000:214... 2600:9000:2140:5000:d:274d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
12	184.29.133.16 184.29.133.16	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a04:4e42:79:... 2a04:4e42:79::720	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
8	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:24e... 2600:9000:24eb:4a00:1c:58a3:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.156.104 65.9.156.104	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.84.68.49 54.84.68.49	14618 (AMAZON-AES) (AMAZON-AES)
6	44.233.92.92 44.233.92.92	() ()
2	52.54.236.87 52.54.236.87	14618 (AMAZON-AES) (AMAZON-AES)
3	104.127.182.98 104.127.182.98	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2607:f8b0:400... 2607:f8b0:4006:80e::200e	() ()
3 6	142.251.40.166 142.251.40.166	() ()
1	146.75.36.157 146.75.36.157	() ()
2	143.204.138.162 143.204.138.162	() ()
1 4	2620:1ec:c11:... 2620:1ec:c11::200	() ()
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	() ()
1 2	209.54.182.161 209.54.182.161	() ()
1 6	3.33.220.150 3.33.220.150	() ()
2 2	142.250.80.98 142.250.80.98	() ()
1	104.244.42.133 104.244.42.133	() ()
1	104.244.42.131 104.244.42.131	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	() ()
2	2620:1ec:49::40 2620:1ec:49::40	() ()
1	2607:f8b0:400... 2607:f8b0:4006:821::2004	() ()
2 2	68.67.160.114 68.67.160.114	() ()
2 2	52.45.33.138 52.45.33.138	() ()
1 1	8.43.72.97 8.43.72.97	() ()
1 2	20.110.81.91 20.110.81.91	() ()
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	() ()
2	40.76.174.66 40.76.174.66	() ()
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	() ()
127	36

1 20.241.142.98 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

theraflu.com.mcas-df.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1400:9000::687e:76f8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.251.65.90 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

theraflu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theraflu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

a-cf65.ch-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2140:5000:d:274d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

apps.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 184.29.133.16 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-133-16.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:4e42:79::720 (United States)

ASN54113 (FASTLY, US)

i-cf65.ch-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24eb:4a00:1c:58a3:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics-static.ugc.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.156.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-156-104.qro51.r.cloudfront.net

d22xmn10vbouk4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.68.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-68-49.compute-1.amazonaws.com

api.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.233.92.92 (None, )

ASN- ()

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.236.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-236-87.compute-1.amazonaws.com

network-a.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.127.182.98 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-182-98.deploy.static.akamaitechnologies.com

accounts.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80e::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.166 (None, ) 3 redirects

ASN- ()

9174324.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5116519.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (None, )

ASN- ()

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (None, )

ASN- ()

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (None, ) 1 redirects

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.33.220.150 (None, ) 1 redirects

ASN- ()

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.98 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (None, )

ASN- ()

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (None, )

ASN- ()

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:49::40 (None, )

ASN- ()

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.114 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.81.91 (None, ) 1 redirects

ASN- ()

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.76.174.66 (None, )

ASN- ()

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	ch-static.com a-cf65.ch-static.com — Cisco Umbrella Rank: 206881 i-cf65.ch-static.com — Cisco Umbrella Rank: 202249	622 KB
15	gigya.com cdns.gigya.com — Cisco Umbrella Rank: 9355 cdns.us1.gigya.com — Cisco Umbrella Rank: 10957 accounts.us1.gigya.com — Cisco Umbrella Rank: 27509 cdns1.gigya.com	447 KB
14	userway.org cdn.userway.org — Cisco Umbrella Rank: 7734 api.userway.org	102 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 682	144 KB
9	doubleclick.net 5 redirects 9174324.fls.doubleclick.net 5116519.fls.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	4 KB
9	bazaarvoice.com apps.bazaarvoice.com — Cisco Umbrella Rank: 3286 analytics-static.ugc.bazaarvoice.com — Cisco Umbrella Rank: 5599 api.bazaarvoice.com — Cisco Umbrella Rank: 3241 network-a.bazaarvoice.com — Cisco Umbrella Rank: 5022	81 KB
8	adsrvr.org 1 redirects js.adsrvr.org insight.adsrvr.org match.adsrvr.org	8 KB
8	theraflu.com 1 redirects theraflu.com www.theraflu.com	150 KB
6	clarity.ms 1 redirects www.clarity.ms c.clarity.ms d.clarity.ms	21 KB
5	google-analytics.com www.google-analytics.com	20 KB
4	google.com www.google.com adservice.google.com	1 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	239 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 113365	44 KB
2	facebook.com www.facebook.com	203 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	615 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	facebook.net connect.facebook.net	116 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	63 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	914 B
1	twitter.com analytics.twitter.com	393 B
1	t.co t.co	376 B
1	ads-twitter.com static.ads-twitter.com	15 KB
1	cloudfront.net d22xmn10vbouk4.cloudfront.net	24 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1311	44 KB
1	mcas-df.ms theraflu.com.mcas-df.ms	1 KB
127	27

	Domain	Requested by
14	i-cf65.ch-static.com	www.theraflu.com
11	a-cf65.ch-static.com	www.theraflu.com a-cf65.ch-static.com
10	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
9	cdns.us1.gigya.com	cdns.gigya.com cdns.us1.gigya.com
8	cdn.userway.org	www.theraflu.com cdn.userway.org
7	www.theraflu.com	www.theraflu.com a-cf65.ch-static.com
6	api.userway.org	cdn.userway.org
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	apps.bazaarvoice.com	www.theraflu.com apps.bazaarvoice.com
4	match.adsrvr.org	js.adsrvr.org
4	5116519.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	adservice.google.com	5116519.fls.doubleclick.net 9174324.fls.doubleclick.net
3	bat.bing.com	theraflu.com.mcas-df.ms bat.bing.com
3	accounts.us1.gigya.com	cdns.us1.gigya.com
3	www.googletagmanager.com	www.theraflu.com www.googletagmanager.com
3	mcasproxy.azureedge.net	theraflu.com.mcas-df.ms mcasproxy.azureedge.net
2	www.facebook.com
2	d.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ib.adnxs.com	2 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	cm.g.doubleclick.net	2 redirects
2	insight.adsrvr.org	1 redirects js.adsrvr.org
2	s.amazon-adsystem.com	1 redirects
2	connect.facebook.net	theraflu.com.mcas-df.ms connect.facebook.net
2	js.adsrvr.org	www.googletagmanager.com insight.adsrvr.org
2	9174324.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	network-a.bazaarvoice.com	www.theraflu.com
2	www.youtube.com	a-cf65.ch-static.com www.youtube.com
2	cdns.gigya.com	www.theraflu.com cdns.gigya.com
1	cdns1.gigya.com
1	c.bing.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com
1	t.co
1	static.ads-twitter.com	www.googletagmanager.com
1	api.bazaarvoice.com	apps.bazaarvoice.com
1	d22xmn10vbouk4.cloudfront.net	www.googletagmanager.com
1	analytics-static.ugc.bazaarvoice.com	apps.bazaarvoice.com
1	www.googleoptimize.com	www.theraflu.com
1	theraflu.com	1 redirects
1	theraflu.com.mcas-df.ms
127	45

This site contains links to these domains. Also see Links.

Domain
us.gsk.com
theraflu.ba
theraflu.bg
theraflu.hr
theraflu.cz
theraflu.co.kr
theraflu.com.mx
theraflu.pl
theraflu.ro
theraflu.ru
theraflu.sk
theraflu.ua
privacy.gsk.com
haleon-privacy.my.onetrust.com
cookies.gsk.com
terms.gsk.com
www.facebook.com
www.youtube.com
twitter.com
privacy.haleon.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
sensodynepr.com Sectigo RSA Organization Validation Secure Server CA	`2022-12-14` - `2023-12-14`	a year	crt.sh
a-stage-cf65.ch-static.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-14` - `2023-09-14`	a year	crt.sh
*.bazaarvoice.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-19` - `2023-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-04`	a year	crt.sh
*.ch-static.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-01` - `2024-01-02`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-01-02` - `2023-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
analytics-static.ugc.bazaarvoice.com Amazon	`2022-09-05` - `2023-10-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.api.bazaarvoice.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
api.userway.org Amazon	`2022-10-02` - `2023-10-31`	a year	crt.sh
gigya.com GeoTrust RSA CA 2018	`2022-02-03` - `2023-02-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-18` - `2023-01-16`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.theraflu.com/
Frame ID: 28694A4D96B7CB16B7E671348949E001
Requests: 102 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.27.11/html/session-context-restore.html
Frame ID: B797A851675ADA00005F9DFB013447EC
Requests: 2 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13549
Frame ID: 641BAA8A959C7FD76602151F621FD68B
Requests: 5 HTTP requests in this frame

Frame: https://9174324.fls.doubleclick.net/activityi;dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F
Frame ID: 94424A91693DADF8E0B779C9DB5664B6
Requests: 1 HTTP requests in this frame

Frame: https://5116519.fls.doubleclick.net/activityi;dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F
Frame ID: 5D2EE6BAC76DC0984F84CF9E64380A40
Requests: 1 HTTP requests in this frame

Frame: https://5116519.fls.doubleclick.net/activityi;dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F
Frame ID: 4C7F69A64F0F40C5A7C84E54ABF7B0D2
Requests: 1 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
Frame ID: 2ABDCE58AA9D4DECB037E46B49C56D72
Requests: 2 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
Frame ID: C933C0914903AE722525F2CD251A5CDC
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2obq2qw&ref=https%3A%2F%2Fwww.theraflu.com%2F%3F&upid=4uicnfj&upv=1.1.0
Frame ID: DB36792DF7FDAC8E1A447B9B78B0695C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4494474885909848782&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328
Frame ID: ECA018596D0E3107C6367F3FD1F309D2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-u.Z0MkdE2uK5n0XsPYPdIMxvkF3S2BA-~A&gdpr=0
Frame ID: 1553D1BD75EE0E9A7CAF52E63AC89C7C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 3C6E5BA841B1F6D4173A8863BFA00DB8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F
Frame ID: AF4F0A32B6A82A621A803D832D6D7F71
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F
Frame ID: A9BAD8FAD90169B50A649743F0179E0F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F
Frame ID: 1C377145A456471E4E5E9CAEA2CAEC5A
Requests: 1 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
Frame ID: 1085A6EC546DA37D5B57CE2C4FC0F942
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B35C912022A39787CA3061AC12D9002E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Powerful Relief from Cold and Flu Symptoms | TherafluBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://theraflu.com.mcas-df.ms/ Page URL
https://theraflu.com/ HTTP 301
https://www.theraflu.com/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

127
Requests

97 %
HTTPS

46 %
IPv6

27
Domains

45
Subdomains

36
IPs

1
Countries

2159 kB
Transfer

6477 kB
Size

49
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://us.gsk.com/

Search URL Search Domain Scan URL

URL: https://theraflu.ba/
Title: Bosnia and Herzegovina

Search URL Search Domain Scan URL

URL: https://theraflu.bg/
Title: Bulgaria

Search URL Search Domain Scan URL

URL: https://theraflu.hr/
Title: Croatia

Search URL Search Domain Scan URL

URL: https://theraflu.cz/
Title: Czech Republic

Search URL Search Domain Scan URL

URL: https://theraflu.co.kr/
Title: Korea

Search URL Search Domain Scan URL

URL: https://theraflu.com.mx/
Title: Mexico

Search URL Search Domain Scan URL

URL: https://theraflu.pl/
Title: Poland

Search URL Search Domain Scan URL

URL: https://theraflu.ro/
Title: Romania

Search URL Search Domain Scan URL

URL: https://theraflu.ru/
Title: Russia

Search URL Search Domain Scan URL

URL: https://theraflu.sk/
Title: Slovakia

Search URL Search Domain Scan URL

URL: https://theraflu.ua/ru
Title: Ukraine

Search URL Search Domain Scan URL

URL: https://privacy.gsk.com/en-us/consumer-healthcare/default/
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://haleon-privacy.my.onetrust.com/webform/9ff761e6-6f16-4e20-800d-92706b153697/aab0d980-b305-4dc6-ac75-08f4a44b3442
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://cookies.gsk.com/en-us/consumer-healthcare/default/
Title: Cookies

Search URL Search Domain Scan URL

URL: https://terms.gsk.com/en-us/consumer-healthcare/default/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TherafluUS

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4zl7KFQ8wIcMBsJpMZb4LA

Search URL Search Domain Scan URL

URL: https://twitter.com/theraflu

Search URL Search Domain Scan URL

URL: https://privacy.haleon.com/en-us/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theraflu.com.mcas-df.ms/ Page URL
https://theraflu.com/ HTTP 301
https://www.theraflu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://9174324.fls.doubleclick.net/activityi;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F HTTP 302
https://9174324.fls.doubleclick.net/activityi;dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F

Request Chain 69

https://5116519.fls.doubleclick.net/activityi;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F HTTP 302
https://5116519.fls.doubleclick.net/activityi;dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F

Request Chain 71

https://5116519.fls.doubleclick.net/activityi;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F HTTP 302
https://5116519.fls.doubleclick.net/activityi;dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F

Request Chain 79

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=578360504 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=578360504&dcc=t

Request Chain 80

https://insight.adsrvr.org/track/pxl/?adv=2obq2qw&ct=0:eys241p&fmt=3&gtmcb=1001854048 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OThmODViNjQtODkxNS00ZWQ4LTgzMGItZWZhMjU2OTY0MzI4&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=OThmODViNjQtODkxNS00ZWQ4LTgzMGItZWZhMjU2OTY0MzI4&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328&google_tc= HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328&google_gid=CAESEILai0S6D7lK41Y_t9W5zpY&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D98f85b64-8915-4ed8-830b-efa256964328 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4494474885909848782&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328

Request Chain 100

https://ups.analytics.yahoo.com/ups/55953/sync?uid=98f85b64-8915-4ed8-830b-efa256964328&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=98f85b64-8915-4ed8-830b-efa256964328&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-u.Z0MkdE2uK5n0XsPYPdIMxvkF3S2BA-~A&gdpr=0

Request Chain 101

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=98f85b64-8915-4ed8-830b-efa256964328&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 103

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C76627F7FCB7461AB42090B3090562AD&RedC=c.clarity.ms&MXFR=107EB13223226ED61372A3A127226016 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C76627F7FCB7461AB42090B3090562AD&MUID=228FFC2C9FE56FD01043EEBF9E9B6E6F

127 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
theraflu.com.mcas-df.ms/ 1 KB
1 KB 176ms
48ms Document
text/html 20.241.142.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://theraflu.com.mcas-df.ms/

Protocol

HTTP/1.1

Server

20.241.142.98 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

d44689f4ff03c26b192f55158ea868c6c8d802597d0a3cceb37ae6c1d580d9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Jan 2023 23:54:23 GMT
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-MCAS-Cache-Status: MISS
X-MCAS-Processing-Time: 7
X-MCAS-Request-Id: bc82aa71dcb4a8fe342213eef4df7f16
X-MCAS-Upstream-Time: n/a

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.27.11/js/ 5 KB
5 KB 154ms
41ms Script
application/javascript 2600:1400:9000::687e:76f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.27.11/js/session-context-store-helper.min.js
Requested by: Host: theraflu.com.mcas-df.ms
URL: http://theraflu.com.mcas-df.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://theraflu.com.mcas-df.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:23 GMT
last-modified: Fri, 30 Dec 2022 04:35:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Dor7jY9XuhzpOAkbPbiHoQ==
etag: 0x8DAEA1F52FABD42
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 582c6fd4-e01e-0004-720a-1cff34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30689887
x-ms-version: 2009-09-19
content-length: 4832

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.27.11/html/ Frame B797 209 B
659 B 42ms
42ms Document
text/html 2600:1400:9000::687e:76f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.27.11/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.27.11/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer: http://theraflu.com.mcas-df.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30689840
content-length: 209
content-md5: xcQ/+x+i42xZPwR88wJc4A==
content-type: text/html
date: Sun, 08 Jan 2023 23:54:23 GMT
etag: 0x8DAEA1F50ABF340
last-modified: Fri, 30 Dec 2022 04:35:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 0e1e7fcf-f01e-0059-160a-1c431c000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.27.11/js/ Frame B797 38 KB
38 KB 42ms
41ms Script
application/javascript 2600:1400:9000::687e:76f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.27.11/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.27.11/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 50c7a6bc126f23bed4e86844e23471bc2b77bdf396bfe93fee9eb364bc99f9f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.27.11/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:23 GMT
last-modified: Fri, 30 Dec 2022 04:35:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: /YaMyLrHn30aHcVLtQfmcw==
etag: 0x8DAEA1F529A82DB
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 582c6ff0-e01e-0004-090a-1cff34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30689888
x-ms-version: 2009-09-19
content-length: 38628

GET
H2

200

Primary Request / Show response
www.theraflu.com/
Redirect Chain

https://theraflu.com/?
https://www.theraflu.com/?

109 KB
13 KB

729ms
711ms

Document
text/html

52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

b2ad59396cd1b434518c3b3b5904b5e29c4e71db97129c9e2e03f151931ab943

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://theraflu.com.mcas-df.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=0, s-maxage=86400
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 08 Jan 2023 23:54:23 GMT
link: <https://www.googletagmanager.com>; rel=preconnect; crossorigin, <https://www.googletagmanager.com>; rel=dns-prefetch; crossorigin, <https://a-cf65.ch-static.com>; rel=preconnect; crossorigin, <https://a-cf65.ch-static.com>; rel=dns-prefetch; crossorigin, <https://i-cf65.ch-static.com>; rel=preconnect; crossorigin, <https://i-cf65.ch-static.com>; rel=dns-prefetch; crossorigin
server: Apache
strict-transport-security: max-age=63072000;
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 234
content-type: text/html; charset=iso-8859-1
date: Sun, 08 Jan 2023 23:54:23 GMT
location: https://www.theraflu.com/?
server: Apache

GET
H2 200 design.default.bootstrap.v0-0-1.ts202212160729.css
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/ 785 KB
96 KB 601ms
28ms Stylesheet
text/css 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/061C) /

Resource Hash

c0bfea7132f284aa47cb959ea9013095274e2df53663fc4d192a388aefbbe325

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
age: 43803
x-cache: HIT
content-length: 98252
last-modified: Fri, 16 Dec 2022 06:03:14 GMT
server: ECAcc (cha/061C)
etag: "c4447-5efebb99d4c80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 23:54:25 GMT

GET
H2 200 head.v0-0-1.ts202212160726.js Show response
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.fileAsset.js/zg/basic/desktop/js/head/ 24 KB
10 KB 599ms
27ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.fileAsset.js/zg/basic/desktop/js/head/head.v0-0-1.ts202212160726.js

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/0614) /

Resource Hash

af142e7e56c1482d6bde1f9ef0b14c7aba6d065e16ef86109c0e0d636b4eb52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
age: 44524
x-cache: HIT
content-length: 10192
last-modified: Fri, 16 Dec 2022 06:29:51 GMT
server: ECAcc (cha/0614)
etag: "5e75-5efec18cd95c0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 23:54:25 GMT

GET
H2 200 bv.js Show response
apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/ 65 KB
21 KB 306ms
47ms Script
text/javascript 2600:9000:2140:5000:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/bv.js

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:5000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9fad81ea82bcde8b8400cae57772da4c6edc2ccb2cc7f4ace0d10f79ce88fd69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: MyHdX5TYnawGTPuuU6R0uUxf_KOOOugE
content-encoding: gzip
via: 1.1 a00eb4657c3b62cedb9b6571825eb82c.cloudfront.net (CloudFront)
date: Sun, 08 Jan 2023 23:51:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: EWR52-C1
age: 195
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 20851
last-modified: Thu, 25 Aug 2022 14:20:23 GMT
server: AmazonS3
etag: "b0cdaf283a83d3bfb9cfdc63e8d53050"
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: hQk4dyW3HXSUUeMMjUwujIdPNCrrh_1SpJ-0-UgpWJxKWkli4H8D8g==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 111 KB
44 KB 621ms
55ms Script
application/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PKPMGMZ

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa276e63693f261f43cd7e1a0e9996f435bc6dc2b46c36c62d5935270764be99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44569
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Jan 2023 23:54:25 GMT

GET
H/1.1 200
OK gigya.js Show response
cdns.gigya.com/JS/ 470 KB
148 KB 607ms
44ms Script
text/javascript 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 130c4c39643c503ab0ec5da7f219341a608fb78ae86b76f732dd21f1fc120844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:25 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 9a85141a9d5445159126ee89002d11ed
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g44
Connection: keep-alive
x-robots-tag: none
Content-Length: 150812
Expires: Mon, 09 Jan 2023 00:09:25 GMT

GET
H2 200 gsk-logo.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 2 KB
2 KB 304ms
45ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/gsk-logo.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2aefaf2bb21644a48498e278a4ab9535d0453a5567e903276bd2b567626e9af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 5321983
x-cache: HIT, HIT
x-imgix-id: 02b836696d82186e7dd56b0811169dff6f6a113b
cross-origin-resource-policy: cross-origin
content-length: 1605
x-served-by: cache-sjc10073-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.1104
last-modified: Tue, 08 Nov 2022 09:34:41 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 theraflu-brand.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 24 KB
4 KB 177ms
170ms Image
image/svg+xml 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/theraflu-brand.svg

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

408287a1bd01b7b9953ff00cbbf098138868b6c447324e3dd834a066834c54ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
content-encoding: br
last-modified: Thu, 15 Sep 2022 09:22:29 GMT
server: Apache
etag: "6103-5e8b3c8c99f40-br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 4003

GET
H2 200 icon-18-px-plus.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 552 B
528 B 75ms
67ms Image
image/svg+xml 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-18-px-plus.svg

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

e68683445de234abc922683ad4cb3b1f0e5db14a08ecd48df0fe928cad639429

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
content-encoding: br
last-modified: Thu, 15 Sep 2022 09:24:59 GMT
server: Apache
etag: "228-5e8b3d1ba70c0-br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 250

GET
H2 200 icon-18-px-minus.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 437 B
470 B 76ms
68ms Image
image/svg+xml 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-18-px-minus.svg

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

f4ff09114fe8347b049da92e9d0fbf377e13516bd38924187a7bc727e3b5307f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
content-encoding: br
last-modified: Thu, 15 Sep 2022 09:24:59 GMT
server: Apache
etag: "1b5-5e8b3d1ba70c0-br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 192

GET
H2 200 Theraflu-logo-155x76.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 4 KB
5 KB 302ms
45ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/Theraflu-logo-155x76.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

93ee439f9d69f954c2d09dfcafe981898ef7f03d8efb0adcac942eb5e9d385e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 4620394
x-cache: HIT, HIT
x-imgix-id: 5f90e3b83708e483423e65d6ed65930d3f2769b8
cross-origin-resource-policy: cross-origin
content-length: 4458
x-served-by: cache-sjc10071-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Wed, 16 Nov 2022 12:27:51 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hp-banner-theraflu.jpg.rendition.2000.706.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 45 KB
45 KB 319ms
62ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/hp-banner-theraflu.jpg.rendition.2000.706.jpg?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

286fdacfe4ef414dfbfe334c540a80bd9dcdf5a23ef430296da7974c2f8d7299

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 4173773
x-cache: HIT, HIT
x-imgix-id: a386944430dc3316676896ab3d850703c9de302d
cross-origin-resource-policy: cross-origin
content-length: 45971
x-served-by: cache-sjc10082-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Mon, 21 Nov 2022 16:31:33 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 anytime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 21 KB
21 KB 363ms
106ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/anytime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1debfa5a3db821b38298aa1aaf3599e86c8ed17728309c968d58cad26e24c242

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 5329391
x-cache: HIT, HIT
x-imgix-id: 76ee5cb3684d53aa28537b646aa4f635f3ff2537
cross-origin-resource-policy: cross-origin
content-length: 21637
x-served-by: cache-sjc10025-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.1104
last-modified: Tue, 08 Nov 2022 07:31:15 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 nighttime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 24 KB
24 KB 371ms
114ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/nighttime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fcc3ba6f990b4233df69c23f0cfd205059e4bad4d4a8038a6b475d10f736a764

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 3328761
x-cache: HIT, HIT
x-imgix-id: c3c033b67348717478902adc145a45be6862e73f
cross-origin-resource-policy: cross-origin
content-length: 24627
x-served-by: cache-sjc10058-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Thu, 01 Dec 2022 11:15:05 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 multisymtoms.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 19 KB
19 KB 305ms
48ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/multisymtoms.png.rendition.516.516.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

01774528ba9b62783c0e66ed383697b4a5aebe62cf26d961c25e1c4488a6f25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 2902524
x-cache: HIT, HIT
x-imgix-id: fc372fb94504dd7e1b80f50fff6003a96736ba9d
cross-origin-resource-policy: cross-origin
content-length: 19095
x-served-by: cache-sjc10040-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.1104
last-modified: Tue, 06 Dec 2022 09:39:01 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 night.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 21 KB
21 KB 125ms
124ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/night.png.rendition.516.516.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

264ed42866ef7ecd8dbb14666ee620b32d43136fb56424740e7a9687025037ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 3332049
x-cache: HIT, HIT
x-imgix-id: 715e4b380a87a100941e007fb034e5f9abf31944
cross-origin-resource-policy: cross-origin
content-length: 21253
x-served-by: cache-sjc10034-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Thu, 01 Dec 2022 10:20:16 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 Theraflu-banner-new.jpg.rendition.2000.706.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 14 KB
15 KB 125ms
123ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/Theraflu-banner-new.jpg.rendition.2000.706.jpg?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2729b38585f0e93bf5072f9405e5f7a15bbaaaf79379e983a1e64006f5ae372c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 5080498
x-cache: HIT, HIT
x-imgix-id: e5d208421729bb54e226d2c19890c1cf05083938
cross-origin-resource-policy: cross-origin
content-length: 14747
x-served-by: cache-sjc10025-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.1104
last-modified: Fri, 11 Nov 2022 04:39:27 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 icon-facebook.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 1 KB
1 KB 132ms
131ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-facebook.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

32226224fc783f4505f237c1c8b724eabe387796785b714ca907ec91b3544261

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 4725102
x-cache: HIT, HIT
x-imgix-id: e1540aee33ebb27b29e697713969c1f7ca1d2ebc
cross-origin-resource-policy: cross-origin
content-length: 1229
x-served-by: cache-sjc10030-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Tue, 15 Nov 2022 07:22:43 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 icon-facebook-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 1 KB
2 KB 133ms
132ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-facebook-lightblue.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e0887e40e08128ea5ab270e32e3f43762459fa59f4db0c17b6fd3f49d8a542ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 5236763
x-cache: HIT, HIT
x-imgix-id: 75678ba568804d18e3be64eb08d8e9e7466afea5
cross-origin-resource-policy: cross-origin
content-length: 1284
x-served-by: cache-sjc10081-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Wed, 09 Nov 2022 09:15:02 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 icon-youtube.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 1 KB
1 KB 133ms
131ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-youtube.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9da515728c9e04f63bfc84894e899fb538ce44ad1c53d2e91e92579ad19c47be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 4716088
x-cache: HIT, HIT
x-imgix-id: 9fbc57a1118e133fccb16f8419aa566083665201
cross-origin-resource-policy: cross-origin
content-length: 1393
x-served-by: cache-sjc10035-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Tue, 15 Nov 2022 09:52:58 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 icon-youtube-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 1 KB
2 KB 131ms
130ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-youtube-lightblue.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

06c0a8ec8fcbce53e10a7157f2b7aa9cbffbcc8c80d5f26df2481fa38e42731b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 5306498
x-cache: HIT, HIT
x-imgix-id: 691ded3f4244d41fc9585a17abd8a87cc19fd4c5
cross-origin-resource-policy: cross-origin
content-length: 1462
x-served-by: cache-sjc10049-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.1104
last-modified: Tue, 08 Nov 2022 13:52:47 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 icon-twitter.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 2 KB
2 KB 132ms
131ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-twitter.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

bfd841fc2fd58f52cf9581ffe06f11ae4832e8ea71e6fd2b167658100da09b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 2907749
x-cache: HIT, HIT
x-imgix-id: 3e0311406b8eb5e0b2909cdffea71479da882fc0
cross-origin-resource-policy: cross-origin
content-length: 1580
x-served-by: cache-sjc10036-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Tue, 06 Dec 2022 08:11:56 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 icon-twitter-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 2 KB
2 KB 133ms
132ms Image
image/avif 2a04:4e42:79::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-twitter-lightblue.png?auto=format

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cbbeee8ccca4b8afb33798cbfcfcb398c60c0fe88152aba04e5111e64965f375

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
x-content-type-options: nosniff
age: 4716087
x-cache: HIT, HIT
x-imgix-id: 76c7e8c1876c326e5256e4b03a635140b5e29dc8
cross-origin-resource-policy: cross-origin
content-length: 1644
x-served-by: cache-sjc10035-SJC, cache-iad-kcgs7200027-IAD
x-imgix-render-farm: 01.592
last-modified: Tue, 15 Nov 2022 09:52:57 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 design.default.bootstrap.v0-0-1.ts202212160729.js Show response
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/ 600 KB
189 KB 26ms
26ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202212160729.js

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/8129) /

Resource Hash

227e346e856d8026d10e54a4574bd2f209afb4f35884296d6d2b5bc56674cd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
age: 44523
x-cache: HIT
content-length: 193168
last-modified: Fri, 16 Dec 2022 06:29:41 GMT
server: ECAcc (cha/8129)
etag: "95fe7-5efec1834ff40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 23:54:25 GMT

GET
H2 200 GothamNarrow-Book.woff
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 31 KB
32 KB 98ms
26ms Font
font/woff 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Book.woff

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/81C1) /

Resource Hash

e09899b8901eea8c77d681427930b5e25aea5ac19bd3a2889c7defc379f7af7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css
Origin: https://www.theraflu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
last-modified: Fri, 16 Dec 2022 07:18:19 GMT
server: ECAcc (cha/81C1)
age: 32223
etag: "7d38-5efecc62224c0"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 32056
expires: Mon, 08 Jan 2024 23:54:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
86 KB 298ms
70ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Requested by

Host: www.theraflu.com
URL: https://www.theraflu.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a6c87136278e8c965166288bd2477033e3001d8547a6987571a6ef12b2bd2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87106
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Jan 2023 23:54:25 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ 4 KB
2 KB 300ms
50ms Fetch
text/javascript 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&httpStatusCodes=true
Requested by: Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 63814d6d8b73a534b9c689f87da7d17a0c32525b810b83e459623a1d7fb57db9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:25 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 12cb31fee3d54e36ad8993314ea9cd51
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=120
x-server: us1d-nomad-g35
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1480

GET
H2 200 GothamNarrow-Medium.woff
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 32 KB
32 KB 28ms
27ms Font
font/woff 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Medium.woff

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/810A) /

Resource Hash

84b08206e98c7c8daf067d0301b3319a1723bb65f97177c1e6203ffc4a261682

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css
Origin: https://www.theraflu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
last-modified: Fri, 16 Dec 2022 07:38:31 GMT
server: ECAcc (cha/810A)
age: 10168
etag: "7f48-5efed0e5fcbc0"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 32584
expires: Mon, 08 Jan 2024 23:54:25 GMT

GET
DATA 200
OK truncated
/ 486 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fd26b2b4969eaf06cc8d7564d783a3240e0d35c357268f95c423a0b3d031470

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f40209e22b8a414f7bcb814f5b570460b1dc47ed8a8acad273c89f8423375434

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 GothamNarrow-Bold.woff
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 32 KB
32 KB 28ms
27ms Font
font/woff 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Bold.woff

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/8105) /

Resource Hash

11b1ed45698d8402655737dc3f812a2e5d436383daa6c1f3c9d1e28f8ed580fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css
Origin: https://www.theraflu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
last-modified: Fri, 16 Dec 2022 08:27:17 GMT
server: ECAcc (cha/8105)
age: 11546
etag: "7f8c-5efedbcc70340"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 32652
expires: Mon, 08 Jan 2024 23:54:25 GMT

GET
H2 200 GothamForThera-BlkItalic.woff2
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 33 KB
33 KB 29ms
29ms Font
font/woff2 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamForThera-BlkItalic.woff2

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/0649) /

Resource Hash

d585ea90b33024f593c4a3665e8767e9dfdf8b84b7b0874a163c266b8b2f3ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css
Origin: https://www.theraflu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
last-modified: Fri, 16 Dec 2022 06:34:13 GMT
server: ECAcc (cha/0649)
age: 10104
etag: "8218-5efec286b6340"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 33304
expires: Mon, 08 Jan 2024 23:54:25 GMT

GET
H2 200 .token.json Show response
www.theraflu.com/ 2 B
196 B 67ms
66ms XHR
application/json 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theraflu.com/.token.json

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202212160729.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.theraflu.com/?
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
content-length: 2
expires: -1

GET
H2 200 gigya.ssolink.js Show response
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/ 2 KB
1 KB 27ms
27ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/gigya.ssolink.js

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202212160729.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/816B) /

Resource Hash

c9af4fed899c107f0bb35755515dc435ce692d298d90433f076c168acf038f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
age: 2953
x-cache: HIT
content-length: 1189
last-modified: Fri, 16 Dec 2022 08:39:44 GMT
server: ECAcc (cha/816B)
etag: "9a6-5efede94d5400-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 23:54:25 GMT

GET
H2 200 czech.lng Show response
www.theraflu.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/languages/ 273 B
529 B 51ms
50ms XHR
text/plain 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theraflu.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/languages/czech.lng

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202212160729.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

c82668106a46ff4624d06f82252d79db40081cba3cfaefe6e99abac02bc2848e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
last-modified: Fri, 16 Dec 2022 07:25:37 GMT
server: Apache
etag: "111-5efece03d7e40"
x-frame-options: SAMEORIGIN
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
content-length: 273
expires: Mon, 09 Jan 2023 23:54:25 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 181ms
51ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d7c0e2a17e92548dd4d14101dc107c9eeb6bd6f052b283f9864b730ea694834e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:25 GMT
via: 1.1 70fd8dd903406754b301439f9111e256.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YTO50-P2
age: 253
x-cache: HIT
x-77-cache: HIT
x-age: 2699
x-77-nzt: AZySJBaP0aT/iwoAAA
x-accel-expires: @1673222966
last-modified: Thu, 05 Jan 2023 22:02:45 GMT
server: CDN77-Turbo
etag: W/"9556d354ebf4e4aba24832a3e7186bd1"
x-77-nzt-ray: 1e192d08a9df0f9eb157bb637007c42d
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: nmO7arj0HqOaUr45hb6Xd0Kc2DkfewtdQ4fqBliK0DUJJ-7DrifHdw==

GET
H2 200 GothamForThera-BlkItalic.woff
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 34 KB
34 KB 28ms
27ms Font
font/woff 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamForThera-BlkItalic.woff

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/066D) /

Resource Hash

570c43086cde7e26fb4eaedba2f0360ce566720f760be20d53e59b60f9eb64eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202212160729.css
Origin: https://www.theraflu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=63072000;
last-modified: Fri, 16 Dec 2022 06:21:41 GMT
server: ECAcc (cha/066D)
age: 25512
etag: "878c-5efebfb98c740"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 34700
expires: Mon, 08 Jan 2024 23:54:25 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 157ms
64ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202212160729.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 08 Jan 2023 23:54:25 GMT

GET
H/1.1 200
OK Api.aspx Show response
cdns.us1.gigya.com/gs/webSdk/ Frame 641B 119 KB
41 KB 175ms
44ms Document
text/html 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13549

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-133-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

84dcde857a5e24d98bf9fdc2af4e8e23951c11a0b40eef41dcae809065a3a1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 41552
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Jan 2023 23:54:25 GMT
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-callid: b4f5aca05da043e7bea76ce0ec057fbf
x-robots-tag: none
x-server: us1d-nomad-g43
x-soa: true, Gator

GET
H2 200 gigya.raas.extension.js Show response
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/ 9 KB
3 KB 26ms
26ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/gigya.raas.extension.js

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202212160729.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/8146) /

Resource Hash

e1259e8ccc9e83819d0e30ef5a2260b41b75bce4e16733280fc2fab1ed8969f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
age: 2407
x-cache: HIT
content-length: 2749
last-modified: Fri, 16 Dec 2022 07:18:25 GMT
server: ECAcc (cha/8146)
etag: "2334-5efecc67db240-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 23:54:25 GMT

GET
H2 200 api-0.8.2.js Show response
apps.bazaarvoice.com/apps/api/ 32 KB
11 KB 46ms
45ms Script
text/javascript 2600:9000:2140:5000:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/apps/api/api-0.8.2.js

Requested by

Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:5000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:46:29 GMT
content-encoding: gzip
via: 1.1 a00eb4657c3b62cedb9b6571825eb82c.cloudfront.net (CloudFront)
x-amz-version-id: kvnMIwPjpbNt45nTgF9mmYA0x1y87znz
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: EWR52-C1
age: 2041677
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10599
last-modified: Tue, 28 Jun 2022 11:19:05 GMT
server: AmazonS3
etag: "86a440b08f71ad9de17500c8946fa7a1"
vary: Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GTHALm4CogCsjuD36uRfTnxxR3wYtiLIetrAsTI8afWe8v8jJoT6-A==

GET
H2 200 api-config.js Show response
apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/ 2 KB
1 KB 67ms
66ms Script
text/javascript 2600:9000:2140:5000:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/api-config.js

Requested by

Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:5000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1fcce68211ce42ba911ee532c5c07020ba0779f22af953bddf2dd9e2a71aca2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Pya.mPRLJS70JSOzei0rQYnOseV0oe8I
content-encoding: gzip
via: 1.1 a00eb4657c3b62cedb9b6571825eb82c.cloudfront.net (CloudFront)
date: Sun, 08 Jan 2023 23:53:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: EWR52-C1
age: 38
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 779
last-modified: Thu, 25 Aug 2022 14:20:18 GMT
server: AmazonS3
etag: "47186bfe51a461e12c2a74c6f52d5460"
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 9FEMrzuhJZtjzw63N9utYP8P0yiw01LuTZniYLa_YH-qKhJyZIlCgg==

GET
H2 200 inline_ratings-2.3.3.js Show response
apps.bazaarvoice.com/apps/inline_ratings/ 108 KB
32 KB 54ms
54ms Script
text/javascript 2600:9000:2140:5000:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/apps/inline_ratings/inline_ratings-2.3.3.js

Requested by

Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:5000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b58eed50f50fb815c1924ed5d571f41316ea94e22cb7974a736c7a179781415

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 08:12:25 GMT
content-encoding: gzip
via: 1.1 a00eb4657c3b62cedb9b6571825eb82c.cloudfront.net (CloudFront)
x-amz-version-id: yPcDzs4o7Uq8opwWVkgM1suSa4hH.U85
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: EWR52-C1
age: 4290121
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 31965
last-modified: Thu, 03 Mar 2022 05:53:42 GMT
server: AmazonS3
etag: "88a737544bf33b4ddd04a6d4cd0f124e"
vary: Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 1F4Aj-Dkr7k0EtefuIQWaoM3SqzGQX-NKwicNd1rzdflRycIJ2v-fQ==

GET
H2 200 inline_ratings-config.js Show response
apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/ 2 KB
2 KB 68ms
68ms Script
text/javascript 2600:9000:2140:5000:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/inline_ratings-config.js

Requested by

Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:5000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6af73e1c9deec74f341b333a4631365f9c2b36866959357d6019dc6007280d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Ee2PoRmUnzr_.9J70J5cdny5mz2oMIx0
content-encoding: gzip
via: 1.1 a00eb4657c3b62cedb9b6571825eb82c.cloudfront.net (CloudFront)
date: Sun, 08 Jan 2023 23:53:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: EWR52-C1
age: 38
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 1261
last-modified: Thu, 25 Aug 2022 14:20:18 GMT
server: AmazonS3
etag: "5d7011dfbc604af54ef066a886292574"
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: YwLjYZr9hUzCc2bK9bARVGbfZnNf-6V4ETjHH-ufnG6Bt0_tsCEzZA==

GET
H2 200 bv-analytics.js Show response
analytics-static.ugc.bazaarvoice.com/prod/static/latest/ 40 KB
13 KB 460ms
50ms Script
application/javascript 2600:9000:24eb:4a00:1c:58a3:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/latest/bv-analytics.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24eb:4a00:1c:58a3:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6da6438a54bfeed12781384b58259bdfe3daf27302eb5d7cf1c8540a0c5ced5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: YIERItXeno7xn72mo43vzwMfN.AVch.W
content-encoding: gzip
via: 1.1 686b8b1de76ae1d6db612f0359961e26.cloudfront.net (CloudFront)
date: Tue, 03 Jan 2023 20:46:34 GMT
x-amz-cf-pop: BOS50-P1
age: 443273
x-cache: Hit from cloudfront
content-length: 12858
last-modified: Mon, 24 Oct 2022 05:03:22 GMT
server: AmazonS3
etag: "769a24c3d600d99bb3f748dd82f4f2d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: ColB4Oc1T1xEdCuJAmu2NU5sJXMXmd7ILzp1cCRKyI-SnX99ajopvw==

GET
H/1.1 200
OK gigya.services.plugins.base.min.js Show response
cdns.gigya.com/js/ 462 KB
134 KB 44ms
44ms Script
text/javascript 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/js/gigya.services.plugins.base.min.js?services=gigya.services.accounts.plugins.screenSet&lang=en
Requested by: Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bdce0895b63cd23f230d6af09c50bb90a837f70cc504839ce4e76d5cdd5910e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:25 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: f2377fb2de474ecaad0c797c5509ec21
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g56
Connection: keep-alive
x-robots-tag: none
Content-Length: 136456
Expires: Mon, 09 Jan 2023 00:09:25 GMT

GET
H2 200 5a3192ca6f1b11eaa422f218989845bc.js Show response
d22xmn10vbouk4.cloudfront.net/ 99 KB
24 KB 566ms
130ms Script
text/javascript 65.9.156.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22xmn10vbouk4.cloudfront.net/5a3192ca6f1b11eaa422f218989845bc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.156.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-156-104.qro51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ac5d0480f4698b35ad02f1f04d53a6ae216b7c180bacdbe2e3525b0366e296e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 07:13:34 GMT
content-encoding: gzip
via: 1.1 4c4ec100ebac4fb397b69307b05f9e68.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 17:22:13 GMT
server: AmazonS3
x-amz-cf-pop: QRO51-C1
age: 60053
etag: W/"1d0155cdf3c2ada9f97d9b1b3b3f29d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=601
x-amz-cf-id: HVxgBuBxe3ziTJohKQ2j6AVQn3ThuOkw6a9AlFovWVLlNvgkS0P2bQ==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 24 KB
8 KB 373ms
313ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WdCEPqU1pnnoNr/cT9hHyQ==
age: 78771
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8053
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jan 2023 16:07:56 GMT
server: cloudflare
etag: 0x8DAF0002C908A6C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 98f26f26-d01e-013d-372c-222b95000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7868dbb83846e239-ORD

GET
H2 200 widget_app_base_1672956009845.js Show response
cdn.userway.org/widgetapp/2023-01-05/ 129 KB
38 KB 372ms
372ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cd060121c116c6e69f9e53ef17340d2e6dba01645bcb0b5da498afad49f36af6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:25 GMT
via: 1.1 a7af18c87ffc07d74544efce5f2b0f9c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YTO50-P2
age: 27
x-cache: HIT
x-77-cache: HIT
x-age: 265796
x-77-nzt: AZySJBbO+DL/RA4EAA
x-accel-expires: @1698876269
last-modified: Thu, 05 Jan 2023 22:02:42 GMT
server: CDN77-Turbo
etag: W/"d76a724b935ce2ec72161fb0be492d76"
x-77-nzt-ray: 1e192d08a9df0f9eb157bb637f432736
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: AONaBNTmtDqWl9kbnfMUtYOEOLW2T6kKz9lzajKl3Q2cNANQj2ZPcA==

GET
H2 200 gigya.raas.adobeaudience.extension.js Show response
a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/ 801 B
541 B 34ms
34ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/gigya.raas.adobeaudience.extension.js

Requested by

Host: a-cf65.ch-static.com
URL: https://a-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202212160729.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/819B) /

Resource Hash

78c8665d0f5bac8262af308a41b51deb34cdbbeda47c691d51cce6ebee77211b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:25 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
age: 3962
x-cache: HIT
content-length: 438
last-modified: Fri, 16 Dec 2022 08:09:26 GMT
server: ECAcc (cha/819B)
etag: "321-5efed7cf0d980-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public, s-maxage=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 23:54:25 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/ 184 KB
62 KB 43ms
40ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 10:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62997
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 08 Jan 2024 10:31:26 GMT

GET
H/1.1 200
OK statistics.json Show response
api.bazaarvoice.com/data/ 692 B
1 KB 396ms
56ms Fetch
application/json 54.84.68.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bazaarvoice.com/data/statistics.json?apiversion=5.4&passkey=cadrx5NGBIe1K9x4n2wOWT9DeopcwvAmImNovl4E0WlVY&stats=Reviews&filter=ContentLocale:en_US,en&filter=ProductId:day-time,tea-infusion-night,night-time
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/apps/inline_ratings/inline_ratings-2.3.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.84.68.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-68-49.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 282a1d96c1ea7514a874bc39c11ed669702273372e1406c09ce45fcbc99352f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:26 GMT
Content-Encoding: gzip
X-Bazaarvoice-Quota-Allotted: 7200000
X-Bazaarvoice-Quota-Reset: 2023-01-09T00:00:00.000Z
Transfer-Encoding: chunked
X-Bazaarvoice-Api-Version: 5.4
Connection: keep-alive
X-Bazaarvoice-Quota-Current: 0
X-Bazaarvoice-QPM-Current: 2
X-Bazaarvoice-QPM-Allotted: 6000
Server: nginx
X-Bazaarvoice-QPS-Allotted: 100
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.theraflu.com
Access-Control-Expose-Headers: X-Bazaarvoice-Api-Version,X-Bazaarvoice-Original-MessageId,X-Bazaarvoice-Platform-Version,X-Bazaarvoice-QPM-Allotted,X-Bazaarvoice-QPM-Current,X-Bazaarvoice-QPS-Allotted,X-Bazaarvoice-QPS-Current,X-Bazaarvoice-Quota-Allotted,X-Bazaarvoice-Quota-Current,X-Bazaarvoice-Quota-Reset,X-Requested-With,X-CSRF-Token,Content-Type
X-Bazaarvoice-Platform-Version: 2
X-Bazaarvoice-Original-MessageId: rrt-0b3486f444394df39-b-wo-17505-269063185-1
X-Bazaarvoice-QPS-Current: 1

GET
H2 200 69b1977b-e59e-4b20-b8ff-1f5bc6b0174d.json Show response
cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/ 3 KB
2 KB 80ms
33ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8a7d2af534cc8cfb3e0d05e2b4f4b8674081b369c374f4c9506996a7d2e886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7A8e2Gt5JFuW6GeUhtVJdg==
age: 16068
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1422
x-ms-lease-status: unlocked
last-modified: Mon, 05 Dec 2022 16:48:31 GMT
server: cloudflare
etag: 0x8DAD6E08AE26D16
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c32e265d-301e-013c-5fc9-082a68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7868dbbaaf9d2ba7-ORD
expires: Mon, 09 Jan 2023 23:54:26 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame 641B 4 KB
2 KB 41ms
41ms Fetch
text/javascript 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 63814d6d8b73a534b9c689f87da7d17a0c32525b810b83e459623a1d7fb57db9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:26 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 12cb31fee3d54e36ad8993314ea9cd51
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=120
x-server: us1d-nomad-g35
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1480

POST
H2 200 XJzryPgNCX Show response
api.userway.org/api/tunings/ 2 KB
2 KB 575ms
90ms XHR
application/json 44.233.92.92

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/XJzryPgNCX
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.92.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2d3a325f1bc6568399eff6e10a8fdf4bf657eca0feb9b058921bc92907dd5b

Request headers

Referer: https://www.theraflu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 08 Jan 2023 23:54:26 GMT
etag: W/"7c9-nvvphmGxdxbJwlehUNB4VtudPZk"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr7dcbd9ae06de494
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 1993
x-service-version: uw-pr

GET
H2 200 a.gif
network-a.bazaarvoice.com/ 43 B
231 B 162ms
45ms Image
image/gif 52.54.236.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network-a.bazaarvoice.com/a.gif?loadId=596210506ef5257b4db&BVBRANDID=0ecb5da0-2c6a-440b-9bad-b10635badb7d&BVBRANDSID=cddea2b4-fb5c-45e2-8df5-e97238db7e85&tz=0&sourceVersion=3.17.1&magpieJsVersion=3.17.1&source=bv-loader&environment=prod&client=theraflu&dc=15779&host=www.theraflu.com&r_batch=!((bvProduct:bv-loader,bvProductVersion:%2713.9.3%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:%274.2000%27,endTime:%272348.0000%27,locale:en_US,name:timeToRunScout,startTime:%272343.8000%27,type:Performance))&_=ws8az0
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.236.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-236-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
date: Sun, 08 Jan 2023 23:54:26 GMT
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
server: nginx
content-length: 43
expires: -1

GET
H2 200 a.gif
network-a.bazaarvoice.com/ 43 B
230 B 163ms
46ms Image
image/gif 52.54.236.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network-a.bazaarvoice.com/a.gif?cl=PageView&loadId=596210506ef5257b4db&type=Embedded&BVBRANDID=0ecb5da0-2c6a-440b-9bad-b10635badb7d&BVBRANDSID=cddea2b4-fb5c-45e2-8df5-e97238db7e85&tz=0&sourceVersion=3.17.1&magpieJsVersion=3.17.1&source=bv-loader&environment=prod&client=theraflu&dc=15779&host=www.theraflu.com&locale=en_US&deploymentZone=main_site&displaySegment=baseline&bvProduct=InlineRatings&bvProductVersion=2.3.3&href=https://www.theraflu.com/%3F&canurl=https://www.theraflu.com/&res=1600x1200&lang=en-us&charset=UTF-8&geo=1&cookies=1&r_t=(con:0,dns:0,load:-1673222064563,req:730,res:3,tot:-1673222063480)&_=7mvkex&ref=http://theraflu.com.mcas-df.ms/
Requested by: Host: www.theraflu.com
URL: https://www.theraflu.com/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.236.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-236-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
date: Sun, 08 Jan 2023 23:54:26 GMT
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
server: nginx
content-length: 43
expires: -1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/ 383 KB
92 KB 43ms
43ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
age: 14995
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93485
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:30:03 GMT
server: cloudflare
etag: 0x8DADEA07933BD54
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e3dbcf52-f01e-014c-2807-1159ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7868dbbafcb8e239-ORD

GET
H/1.1 200
OK accounts.webSdkBootstrap Show response
accounts.us1.gigya.com/ Frame 641B 199 B
1 KB 232ms
80ms XHR
text/javascript 104.127.182.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.us1.gigya.com/accounts.webSdkBootstrap?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdk=js_latest&sdkBuild=13549&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.182.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-182-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e58762c22de8c53637f13ac7f4c1a9771b48d0e21d1c9753d3453e006260ab77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdns.us1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:26 GMT
Content-Encoding: gzip
x-soa: true, Gator
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=16
Content-Length: 174
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://cdns.us1.gigya.com
x-callid: 67c8b6c5f95f41fd92a4fa530f111a51
Cache-Control: private
Access-Control-Allow-Credentials: true
x-server: us1d-nomad-g58
Vary: Origin, Accept-Encoding
x-robots-tag: none

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/2eb7393b-091c-4a3d-a078-4cd0db6819bd/ 48 KB
11 KB 37ms
36ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/2eb7393b-091c-4a3d-a078-4cd0db6819bd/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3cdaec30c179724e1bf53842f55923ecad668316a3b6f165515d0f978b7260f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8bveyYVbDmdVAOMswN/tnQ==
age: 16068
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 10968
x-ms-lease-status: unlocked
last-modified: Mon, 05 Dec 2022 16:48:33 GMT
server: cloudflare
etag: 0x8DAD6E08BD66F05
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 60a0309f-201e-0063-03c9-089ec3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7868dbbb88cf2ba7-ORD
expires: Mon, 09 Jan 2023 23:54:26 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/ 10 KB
3 KB 35ms
34ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6054f85484eeeb3551c49bdddc94a8de681ca45d9064b3c24590ccec9b12290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mbyXo0V0mKt8h3foRqspxg==
age: 16067
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2645
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:29:55 GMT
server: cloudflare
etag: 0x8DADEA0742617BA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 70899a6a-701e-0130-45a9-10c499000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7868dbbbe95a2ba7-ORD

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/ 63 KB
13 KB 31ms
31ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91b80678c5813dbb5f3fd19c6999b64d7e9b1b85edaff78c0071af1943a798d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: INBRdfRA0GLoPxFzK+N/DQ==
age: 16067
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12585
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:29:57 GMT
server: cloudflare
etag: 0x8DADEA075A74DF7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 563c4a47-301e-00ff-27a9-10e57e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7868dbbbe95c2ba7-ORD

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/ 21 KB
4 KB 38ms
38ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 14780
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:30:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c6a6ea10-b01e-006d-03a9-1072c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7868dbbbe95f2ba7-ORD

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 33ms
33ms Fetch
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 14739
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jan 2023 16:07:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 04addae0-a01e-00d8-4cf8-217f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7868dbbc8a822ba7-ORD

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 139ms
47ms Script
text/javascript 2607:f8b0:4006:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 22:44:02 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 09 Jan 2023 00:44:02 GMT

GET
H3

200

activityi;dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2... Show response
9174324.fls.doubleclick.net/ Frame 9442
Redirect Chain

https://9174324.fls.doubleclick.net/activityi;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A...
https://9174324.fls.doubleclick.net/activityi;dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraf...

621 B
339 B

148ms
63ms

Document
text/html

142.251.40.166

General

Check archive.org

Show headers Download Go to

Full URL

https://9174324.fls.doubleclick.net/activityi;dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

834f4645a5c0608ee147ac7693d817770ebb8f2fac838cd542e8bebdd5c211ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 314
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9174324.fls.doubleclick.net/activityi;dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F Show response
5116519.fls.doubleclick.net/ Frame 5D2E
Redirect Chain

https://5116519.fls.doubleclick.net/activityi;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?
https://5116519.fls.doubleclick.net/activityi;dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fww...

486 B
284 B

142ms
59ms

Document
text/html

142.251.40.166

General

Check archive.org

Show headers Download Go to

Full URL

https://5116519.fls.doubleclick.net/activityi;dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

2dc34e436e6ab015b3ceda670180f72c0573ad10888f214124eac931d11d8e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5116519.fls.doubleclick.net/activityi;dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 145ms
40ms Script
application/javascript 146.75.36.157

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200038-IAD

GET
H3

200

activityi;dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F Show response
5116519.fls.doubleclick.net/ Frame 4C7F
Redirect Chain

https://5116519.fls.doubleclick.net/activityi;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?
https://5116519.fls.doubleclick.net/activityi;dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2F...

488 B
285 B

153ms
69ms

Document
text/html

142.251.40.166

General

Check archive.org

Show headers Download Go to

Full URL

https://5116519.fls.doubleclick.net/activityi;dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3ef6176c75c6ba70f478938afe85264800bac3608b42de93051d9156a719540b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 260
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5116519.fls.doubleclick.net/activityi;dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 148ms
43ms Script
application/x-javascript 143.204.138.162

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 17:00:10 GMT
Content-Encoding: gzip
Via: 1.1 4b935afa75041435c91e2b3ed1ab1d26.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 24857
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: zGnjRzBrGfPY5MNOgMbEkE_IAa3PevdmzMqu3EpB2sx5s9nDEzcP_w==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 85ms
29ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: theraflu.com.mcas-df.ms
URL: http://theraflu.com.mcas-df.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 08 Jan 2023 23:54:26 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3290DA20DC76416FA5E1BC54794F6B68 Ref B: CHGEDGE1712 Ref C: 2023-01-08T23:54:26Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11472

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
28 KB 140ms
48ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: theraflu.com.mcas-df.ms
URL: http://theraflu.com.mcas-df.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 08 Jan 2023 23:54:26 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27613
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NYLNoj8hTbaHNvNjUhUJQ7/0S6zjnNjNox/FysF9DQrM0CjQalI7AFAqaUqsip6nv8befFbPtzOzdFiktEIxPQ==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 139ms
57ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TN9NWLYCYS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa16105a1b3412fde7a31a58822e3dbed474412b9bf462849c5af0400e5a9ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Jan 2023 23:54:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 150ms
68ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Q47Q3C7RV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99217b7b7dcb1540af7a5396b7e5883011b12899c9a99f8206319863e5529dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Jan 2023 23:54:26 GMT

GET
H2 200 GSK_logo_2022.svg.png
cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/5134b4a3-e86a-4d2b-aa0e-a9cdabeb89e7/b895fb40-1364-4058-8b98-bca37bbd0252/ 9 KB
9 KB 66ms
65ms Image
image/png 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/5134b4a3-e86a-4d2b-aa0e-a9cdabeb89e7/b895fb40-1364-4058-8b98-bca37bbd0252/GSK_logo_2022.svg.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f84a6c332c38a069befd1d0296d505d676669082f96af7febe686c85ec7e16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iR4Y9oWny193xllb9v58Ug==
age: 15754
content-length: 9262
x-ms-lease-status: unlocked
last-modified: Wed, 23 Nov 2022 14:31:56 GMT
server: cloudflare
etag: 0x8DACD5F794ED564
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4e163a57-801e-0003-6aef-04dbe1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7868dbbd391ee239-ORD

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 36ms
35ms Image
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Jan 2023 23:54:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 20847
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jan 2023 16:07:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f5a88de3-e01e-011c-4c43-2246a4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7868dbbd3921e239-ORD

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766...

43 B
855 B

79ms
79ms

Image
image/gif

209.54.182.161

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=578360504&dcc=t

Protocol

HTTP/1.1

Server

209.54.182.161 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Jan 2023 23:54:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 864TBW28R4FPQN0E3KNN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 08 Jan 2023 23:54:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VP9VAPHMSYCT1WHJ85TJ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=578360504&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

google
match.adsrvr.org/track/cmf/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=2obq2qw&ct=0:eys241p&fmt=3&gtmcb=1001854048
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OThmODViNjQtODkxNS00ZWQ4LTgzMGItZWZhMjU2OTY0MzI4&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa25...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=OThmODViNjQtODkxNS00ZWQ4LTgzMGItZWZhMjU2OTY0MzI4&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328&google_gid=CAESEILai0S6D7lK41Y_t9W5zpY&google_cver=1

70 B
614 B

45ms
44ms

Image
image/gif

3.33.220.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328&google_gid=CAESEILai0S6D7lK41Y_t9W5zpY&google_cver=1
Protocol: H2
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328&google_gid=CAESEILai0S6D7lK41Y_t9W5zpY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 386
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sso.htm Show response
cdns.us1.gigya.com/gs/ Frame 2ABD 90 KB
31 KB 54ms
52ms Document
text/html 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-133-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

03ff83e99dc2184adbe27d576e4e147252d1acd3ee673d2d867271a09fd532b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 30934
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Jan 2023 23:54:26 GMT
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-callid: f6ba61c7976a4ea0ad43ed3e1c4a7524
x-robots-tag: none
x-server: us1d-nomad-g53
x-soa: true, Gator

GET
H/1.1 200
OK sso.htm Show response
cdns.us1.gigya.com/gs/ Frame C933 90 KB
31 KB 106ms
51ms Document
text/html 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-133-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

03ff83e99dc2184adbe27d576e4e147252d1acd3ee673d2d867271a09fd532b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 30934
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Jan 2023 23:54:26 GMT
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-callid: f6ba61c7976a4ea0ad43ed3e1c4a7524
x-robots-tag: none
x-server: us1d-nomad-g53
x-soa: true, Gator

GET
H2 200 36002515.js Show response
bat.bing.com/p/action/ 3 KB
2 KB 70ms
70ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/36002515.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e6ed78cbbb31a5df51f288b2e978a4d85382fc48b2e4c7e8d869910acd0fc6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 08 Jan 2023 23:54:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FBA5841B39C54B209D45AE4747056931 Ref B: CHGEDGE1712 Ref C: 2023-01-08T23:54:26Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 1446

GET
H2 204 0
bat.bing.com/action/ 0
175 B 48ms
47ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=36002515&Ver=2&mid=7ba1c0aa-53bd-4e04-8691-fa08d4791cc0&sid=c8ca6c508faf11edb13787fea49b9ead&vid=c8d04f708faf11edad04152c7ef250ae&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&p=https%3A%2F%2Fwww.theraflu.com%2F%3F&r=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F&lt=3079&evt=pageLoad&sv=1&rn=484504

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 08 Jan 2023 23:54:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0D3481C656184F4388D4FFF4BF4EE062 Ref B: CHGEDGE1712 Ref C: 2023-01-08T23:54:26Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 246ms
47ms Image
image/gif 104.244.42.133

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=8da4c66b-f053-4774-b1e5-539e5883fcf8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=96558ab1-7420-44c5-b238-d63343e11b3f&tw_document_href=https%3A%2F%2Fwww.theraflu.com%2F%3F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4o1k&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 -, , ASN (),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 7
date: Sun, 08 Jan 2023 23:54:27 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 2abc2fb7dbee3d9c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d27da716fe1c8ad237cea08f3fef57e2297138b1a51675296d537661051e25ca
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 243ms
45ms Image
image/gif 104.244.42.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8da4c66b-f053-4774-b1e5-539e5883fcf8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=96558ab1-7420-44c5-b238-d63343e11b3f&tw_document_href=https%3A%2F%2Fwww.theraflu.com%2F%3F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4o1k&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 -, , ASN (),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 7
date: Sun, 08 Jan 2023 23:54:26 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 7ded4bafa77a765e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d71eef85d16c5d3c39c8dcbec31fee49ade3ce4caa8e6f83f8be1f2cdbebcb72
content-length: 43

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
441 B 211ms
46ms XHR
text/plain 2607:f8b0:4004:c08::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38587364-3&cid=591521397.1673222067&jid=493533193&gjid=194812191&_gid=178569508.1673222067&_u=YGBAgEABAAAAAEAEK~&z=1658457320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theraflu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 08 Jan 2023 23:54:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 136ms
54ms XHR
text/plain 2607:f8b0:4006:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=428924231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&dr=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F&ul=en-us&de=UTF-8&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAEK~&jid=294901526&gjid=329452023&cid=591521397.1673222067&tid=UA-135635203-1&_gid=178569508.1673222067&_r=1&gtm=2wg1205CHPKDL&z=1341284641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theraflu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 121ms
41ms Image
image/gif 2607:f8b0:4006:80e::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=428924231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&dr=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F&ul=en-us&de=UTF-8&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAEK~&jid=493533193&gjid=194812191&cid=591521397.1673222067&tid=UA-38587364-3&_gid=178569508.1673222067&gtm=2wg1205CHPKDL&z=1201306675

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 18:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20817
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame 2ABD 4 KB
2 KB 43ms
42ms Fetch
text/javascript 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3f4a34cdaddaef2e8cf5a21b95fdb3da4d414e70cf676587ae31a49b001e469

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:27 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: d7a5407f197844079df6bf5d6b6bf32b
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=120
x-server: us1d-nomad-g58
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1472

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame DB36 878 B
1 KB 50ms
49ms Document
text/html 3.33.220.150

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=2obq2qw&ref=https%3A%2F%2Fwww.theraflu.com%2F%3F&upid=4uicnfj&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15655e1ab7c3715d9cf39759aa989cb26e0f467cfbaedb38beecf41cb921b871

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sun, 08 Jan 2023 23:54:27 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-01-05/locales/ 433 B
832 B 154ms
51ms XHR
application/json 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-01-05/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:27 GMT
via: 1.1 6889869bf680fe34cca722f0a05e1106.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YTO50-P2
age: 31
x-cache: HIT
x-77-cache: HIT
x-age: 265793
x-77-nzt: AZySJBY5DgP/QQ4EAA
x-accel-expires: @1698876274
last-modified: Thu, 05 Jan 2023 22:02:41 GMT
server: CDN77-Turbo
etag: W/"0c4b53012957584c54e80867ff489590"
x-77-nzt-ray: 1e192d08f1e3e3adb357bb6303a4c708
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-id: naYi4-EHu9rFrPJU66yPoShVvv61zcBH52Txk88v0MkexK5fhFgRzA==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 67ms
54ms Ping
text/plain 2607:f8b0:4006:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TN9NWLYCYS&gtm=2oe120&_p=428924231&cid=591521397.1673222067&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673222067&sct=1&seg=0&dl=https%3A%2F%2Fwww.theraflu.com%2F&dr=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TN9NWLYCYS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 54ms
54ms Ping
text/plain 2607:f8b0:4006:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4Q47Q3C7RV&gtm=2oe120&_p=428924231&cid=591521397.1673222067&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673222067&sct=1&seg=0&dl=https%3A%2F%2Fwww.theraflu.com%2F&dr=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Q47Q3C7RV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theraflu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 36002515 Show response
www.clarity.ms/tag/uet/ 1 KB
1 KB 166ms
43ms Script
application/x-javascript 2620:1ec:49::40

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/36002515
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/36002515.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::40 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 344babca66f4e8a2ea442ef683f7cb600e8bf34d80e4a05435e15ecde788b1eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Sun, 08 Jan 2023 23:54:26 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0s1e7YwAAAACs8+XIUiTFQLXdtKho2PcUQ0gxQUEyMDIwNjA3MDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame C933 4 KB
2 KB 42ms
41ms Fetch
text/javascript 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3f4a34cdaddaef2e8cf5a21b95fdb3da4d414e70cf676587ae31a49b001e469

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:27 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: d7a5407f197844079df6bf5d6b6bf32b
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=120
x-server: us1d-nomad-g58
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1472

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame DB36 487 B
987 B 43ms
42ms Script
application/x-javascript 143.204.138.162

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=2obq2qw&ref=https%3A%2F%2Fwww.theraflu.com%2F%3F&upid=4uicnfj&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 09:59:04 GMT
Via: 1.1 4b935afa75041435c91e2b3ed1ab1d26.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 50124
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: xsaE-LzgBt_xNE_i7o-xwxkZFLhvpi9ToetzccZqmXzvf4-SvTiQyg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 149ms
60ms Image
image/gif 2607:f8b0:4006:821::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-38587364-3&cid=591521397.1673222067&jid=493533193&_u=YGBAgEABAAAAAEAEK~&z=2039638817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame ECA0
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D98f85b64-8915-4ed8-830b-efa256964328
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4494474885909848782&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328

70 B
614 B

56ms
55ms

Document
image/gif

3.33.220.150

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4494474885909848782&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 08 Jan 2023 23:54:27 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

AN-X-Request-Uuid: 28881fd4-f40f-45f8-add9-55112ccfe0b7
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Jan 2023 23:54:27 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4494474885909848782&ttd_tdid=98f85b64-8915-4ed8-830b-efa256964328
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 1553
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=98f85b64-8915-4ed8-830b-efa256964328&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=98f85b64-8915-4ed8-830b-efa256964328&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-u.Z0MkdE2uK5n0XsPYPdIMxvkF3S2BA-~A&gdpr=0

70 B
614 B

46ms
45ms

Document
image/gif

3.33.220.150

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-u.Z0MkdE2uK5n0XsPYPdIMxvkF3S2BA-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 08 Jan 2023 23:54:27 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Sun, 08 Jan 2023 23:54:27 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-u.Z0MkdE2uK5n0XsPYPdIMxvkF3S2BA-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 3C6E
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=98f85b64-8915-4ed8-830b-efa256964328&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
614 B

57ms
46ms

Document
image/gif

3.33.220.150

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 08 Jan 2023 23:54:27 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 368ba1c92c09ff88b641150fbbf94341
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.7.1/ 55 KB
19 KB 32ms
26ms Script
application/javascript 2620:1ec:49::40

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/36002515
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::40 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:26 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0eYm6YwAAAABJDdXKt5L/R74Big3Ice5PRE0yQUExMDkxMjA4MDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d9162aa06b059e"
x-azure-ref: 0s1e7YwAAAACkldLx2EP1TLI+4kJF6jeeQ0gxQUEyMDIwNjA3MDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C76627F7FCB7461AB42090B3090562AD&RedC=c.clarity.ms&MXFR=107EB13223226ED61372A3A127226016
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C76627F7FCB7461AB42090B3090562AD&MUID=228FFC2C9FE56FD01043EEBF9E9B6E6F

42 B
445 B

42ms
42ms

Image
image/gif

20.110.81.91

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C76627F7FCB7461AB42090B3090562AD&MUID=228FFC2C9FE56FD01043EEBF9E9B6E6F
Protocol: H2
Server: 20.110.81.91 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
last-modified: Thu, 05 Jan 2023 17:36:49 GMT
server: Microsoft-IIS/10.0
etag: "fee4664a2c21d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 08 Jan 2023 23:54:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C6BF94C263DC44FBA7E3BE057B469387 Ref B: CHGEDGE1712 Ref C: 2023-01-08T23:54:27Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C76627F7FCB7461AB42090B3090562AD&MUID=228FFC2C9FE56FD01043EEBF9E9B6E6F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F Show response
adservice.google.com/ddm/fls/i/ Frame AF4F 194 B
533 B 153ms
58ms Document
text/html 2607:f8b0:4006:824::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F

Requested by

Host: 5116519.fls.doubleclick.net
URL: https://5116519.fls.doubleclick.net/activityi;dc_pre=CKezt_eVufwCFQGvnwodcgQMjg;src=5116519;type=thera001;cat=thera0;ord=3997301153307;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5116519.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:27 GMT
expires: Sun, 08 Jan 2023 23:54:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.th... Show response
adservice.google.com/ddm/fls/i/ Frame A9BA 194 B
150 B 155ms
60ms Document
text/html 2607:f8b0:4006:824::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F

Requested by

Host: 9174324.fls.doubleclick.net
URL: https://9174324.fls.doubleclick.net/activityi;dc_pre=CInAt_eVufwCFckNaAgdr0cGgg;src=9174324;type=unvfls;cat=unvfls;ord=1889076223805;gtm=2wg120;auiddc=1357111287.1673222067;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F%3F;u5=%2F;u6=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9174324.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:27 GMT
expires: Sun, 08 Jan 2023 23:54:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F Show response
adservice.google.com/ddm/fls/i/ Frame 1C37 194 B
150 B 146ms
59ms Document
text/html 2607:f8b0:4006:824::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F

Requested by

Host: 5116519.fls.doubleclick.net
URL: https://5116519.fls.doubleclick.net/activityi;dc_pre=CJi6t_eVufwCFctFDQodYLIG6w;src=5116519;type=therpgvw;cat=therpgvw;ord=7184908166456;gtm=2wg120;auiddc=1357111287.1673222067;~oref=https%3A%2F%2Fwww.theraflu.com%2F%3F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5116519.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:27 GMT
expires: Sun, 08 Jan 2023 23:54:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK sso.htm Show response
cdns.us1.gigya.com/gs/ Frame 1085 90 KB
31 KB 51ms
50ms Document
text/html 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-133-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

03ff83e99dc2184adbe27d576e4e147252d1acd3ee673d2d867271a09fd532b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 30934
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Jan 2023 23:54:27 GMT
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-callid: f6ba61c7976a4ea0ad43ed3e1c4a7524
x-robots-tag: none
x-server: us1d-nomad-g53
x-soa: true, Gator

GET
H/1.1 200
OK accounts.getScreenSets Show response
accounts.us1.gigya.com/ Frame 641B 48 KB
9 KB 60ms
60ms XHR
text/javascript 104.127.182.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.us1.gigya.com/accounts.getScreenSets?screenSetIDs=Theraflu-Coupons-Mail&include=html%2Ccss%2Cjavascript%2Ctranslations%2C&lang=en&APIKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdkBuild=13549&format=json&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.182.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-182-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 562dbae945fb768488d18f2ccb66a68b9aae188cce16ba011d5fdfbf23b5f6e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdns.us1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:27 GMT
Content-Encoding: gzip
x-soa: true, Gator
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=16
Content-Length: 8390
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://cdns.us1.gigya.com
x-callid: 12a5fc77fb4c444081f85b71222e07de
Cache-Control: private
Access-Control-Allow-Credentials: true
x-server: us1d-nomad-g59
Vary: Origin, Accept-Encoding
x-robots-tag: none

GET
H2 200 remediation_1672956009845.js Show response
cdn.userway.org/widgetapp/2023-01-05/remediation/ 154 KB
41 KB 95ms
95ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-01-05/remediation/remediation_1672956009845.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7ac23c3d76c90e7b1836e7969fbe34e1ac3ec3c4d7a13119646d2d175de80211

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:27 GMT
via: 1.1 67dd4d73b80aece69a8e725c6d612b6e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YTO50-P2
age: 9
x-cache: HIT
x-77-cache: HIT
x-age: 265780
x-77-nzt: AZySJBarNvH/NA4EAA
x-accel-expires: @1698876287
last-modified: Thu, 05 Jan 2023 22:02:42 GMT
server: CDN77-Turbo
etag: W/"e141051c48efd6021044bb217aef2d7c"
x-77-nzt-ray: 1e192d08a9df0f9eb357bb6362b41e21
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 7W-Crg5mtKGgM5xGZvI92gkkypeVGlGmTu3vICpcrxfMOijM22yiqg==

GET
H2 200 rqaEPjEcofLBFMCI.json Show response
cdn.userway.org/remediations/consolidated/1826520/ 80 KB
9 KB 65ms
64ms XHR
application/json 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1826520/rqaEPjEcofLBFMCI.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 996ee8718301809bfe406bf53e579bb89652ab2efce2825b65254fcb8ba7868b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:27 GMT
via: 1.1 71eaa9eb77c2eecb57c03cdcdad1cf76.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YTO50-P2
age: 110
x-cache: HIT
x-77-cache: HIT
x-age: 187256
x-77-nzt: AZySJBYDo7P/eNsCAA
x-accel-expires: @1704570811
last-modified: Fri, 06 Jan 2023 19:51:37 GMT
server: CDN77-Turbo
etag: W/"f59bd7eb58ba03b80a308a1096072700"
x-77-nzt-ray: 1e192d08f1e3e3adb357bb63b6292021
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: U7M3bMyC_AxClHfrWTB9TmGbNLWU28RQlpaHJIEYiuXm-6MO0jV8UA==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 115ms
114ms Image
image/svg+xml 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:27 GMT
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 78297
x-cache: HIT
x-77-cache: HIT
x-age: 2957971
x-77-nzt: AZySJBbCeiD/kyItAA
x-accel-expires: @1696184096
last-modified: Mon, 22 Aug 2022 17:36:51 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 1e192d08a9df0f9eb357bb63d2c71c23
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-id: sUIjmTaRPTq2VQJeU3VBFm2zC8Yqd3yJAzvwpV_PDK0gs2p_dOpzpQ==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 117ms
117ms Image
image/svg+xml 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:27 GMT
via: 1.1 828380fdf2467860fea66d7412803418.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 9711
x-cache: HIT
x-77-cache: HIT
x-age: 2957971
x-77-nzt: AZySJBYHnw//kyItAA
x-accel-expires: @1696184096
last-modified: Mon, 22 Aug 2022 17:36:51 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 1e192d08a9df0f9eb357bb63a2ae2023
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: btXlg_XcTWEwJkosA7jRtJFueW4CjxVmZZn-u0FahgDO24mrfJmjRQ==

POST
H2 204 collect Show response
d.clarity.ms/ 0
166 B 199ms
71ms XHR
text/plain 40.76.174.66

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theraflu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.theraflu.com
date: Sun, 08 Jan 2023 23:54:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 421904308779386 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 101ms
52ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/421904308779386?v=2.9.91&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

bdae19be3c51d326c5e901dba6793578e5ee79501df6d1e8fe20bc57a1d4efc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 08 Jan 2023 23:54:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 90216
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QYSvbXKPjApbkadERVdFoBgDv6qKGNGFeGjTKX6G8nU7yH1VzWeFppJOwW+KH1ULRGZEY+dSskU0adhhXAvA3g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK bigLoader.gif
cdns1.gigya.com/gs/i//accounts/ 3 KB
3 KB 420ms
43ms Image
image/gif 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdns1.gigya.com/gs/i//accounts/bigLoader.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45a4c07e164d3d803b62494a3d2ded0555eee1c6fb4940de3f98fa9c4fb08c7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-version: 1
Date: Sun, 08 Jan 2023 23:54:28 GMT
Last-Modified: Sun, 23 Oct 2022 21:46:03 GMT
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-legacyproxy: true
Content-Type: image/gif
Cache-Control: max-age=86400
x-server: us1d-web507
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 3208

GET
H/1.1 200
OK accounts.getSchema Show response
accounts.us1.gigya.com/ Frame 641B 118 KB
9 KB 62ms
61ms XHR
text/javascript 104.127.182.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.us1.gigya.com/accounts.getSchema?APIKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdkBuild=13549&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.127.182.98 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-182-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c11cf62d2f6c84aeb2230528af7eb7f19298b64ee3770f81dc8b8014858c440

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdns.us1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:27 GMT
Content-Encoding: gzip
x-soa: true, Gator
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=17
Content-Length: 8320
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://cdns.us1.gigya.com
x-callid: b69565a15a724807a4983a3e69f3535d
Cache-Control: private
Access-Control-Allow-Credentials: true
x-server: us1d-nomad-g53
Vary: Origin, Accept-Encoding
x-robots-tag: none

GET
H/1.1 200
OK sdk.config.get Show response
cdns.us1.gigya.com/ Frame 1085 4 KB
2 KB 42ms
41ms Fetch
text/javascript 184.29.133.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.133.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3f4a34cdaddaef2e8cf5a21b95fdb3da4d414e70cf676587ae31a49b001e469

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 23:54:27 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: d7a5407f197844079df6bf5d6b6bf32b
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=120
x-server: us1d-nomad-g58
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1472

GET
H2 200 mega_menu_helper1672956009845.js Show response
cdn.userway.org/widgetapp/2023-01-05/remediation/ 6 KB
3 KB 47ms
47ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-01-05/remediation/mega_menu_helper1672956009845.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 08 Jan 2023 23:54:27 GMT
via: 1.1 41c02c3f5acef4f58284b65a8f7a983a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: YTO50-P2
age: 10
x-cache: HIT
x-77-cache: HIT
x-age: 265779
x-77-nzt: AZySJBZljoD/Mw4EAA
x-accel-expires: @1698876288
last-modified: Thu, 05 Jan 2023 22:02:41 GMT
server: CDN77-Turbo
etag: W/"958b69af992f3dd795e8cc5960298ea2"
x-77-nzt-ray: 1e192d08a9df0f9eb357bb6316d29236
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: NcoLJB8_kIjl_0bPs94a91_eNYZEZ6izvNjufRPrTduRaOPtgNBkSQ==

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 298 B
638 B 89ms
88ms XHR
application/json 44.233.92.92

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.92.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6d18b4912214948c26883ebbc4d7204b453c10de013c3e96b2013487c3fd8ad

Request headers

Referer: https://www.theraflu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Jan 2023 23:54:28 GMT
etag: W/"12a-Yyma8qjnyho94psAdUbIc3edFJk"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 298
x-service-version: apps-58c69cfb

GET
H2 200 Theraflu_Badge_Brandmark_1000.png
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 131 KB
131 KB 100ms
100ms Image
image/png 52.251.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/Theraflu_Badge_Brandmark_1000.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

d69a6abf613d9a93ddef9e91dca9343b6cc8ad3425fab992a985fa5b53a19334

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:28 GMT
strict-transport-security: max-age=63072000;
last-modified: Tue, 08 Nov 2022 13:36:10 GMT
server: Apache
etag: "20afa-5ecf59f75e680"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public, s-maxage=86400
accept-ranges: bytes
content-length: 133882

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ Frame 0
0 94ms
93ms Preflight 44.233.92.92

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.92.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theraflu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Sun, 08 Jan 2023 23:54:27 GMT
x-service-version: apps-58c69cfb

GET
H2 200 3009624906045363 Show response
api.userway.org/api/remediation/moderation/by-page/1826520/ 3 KB
4 KB 89ms
89ms XHR
application/json 44.233.92.92

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/moderation/by-page/1826520/3009624906045363
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.92.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:54:28 GMT
etag: W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr879827754d9a4ca
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 3350
x-service-version: uw-pr

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 142ms
141ms XHR
text/plain 40.76.174.66

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theraflu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.theraflu.com
date: Sun, 08 Jan 2023 23:54:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 476ms
47ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=421904308779386&ev=PageView&dl=https%3A%2F%2Fwww.theraflu.com%2F%3F&rl=http%3A%2F%2Ftheraflu.com.mcas-df.ms%2F&if=false&ts=1673222068607&sw=1600&sh=1200&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673222068588.1936918463&ic=fbpixel&it=1673222067594&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.theraflu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 08 Jan 2023 23:54:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 16 B
355 B 88ms
88ms XHR
application/json 44.233.92.92

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-01-05/widget_app_base_1672956009845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.92.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d64c0f6803a5aa71811cd41042f1ec93970a2108b6f2525bba1266e275f97ff

Request headers

Referer: https://www.theraflu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Jan 2023 23:54:28 GMT
etag: W/"10-M4rzzouXWtBua5Y8KRdwuzlKY/k"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 16
x-service-version: apps-58c69cfb

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ Frame 0
0 87ms
87ms Preflight 44.233.92.92

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.92.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theraflu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Sun, 08 Jan 2023 23:54:28 GMT
x-service-version: apps-58c69cfb

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B35C 0
18 B 95ms
45ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.theraflu.com
Referer: https://www.theraflu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.theraflu.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:54:29 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theraflu.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 8e3b7a98507b031a406235a134a18181
theraflu.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 8e3b7a98507b031a406235a134a18181
www.theraflu.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
www.theraflu.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
.www.theraflu.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.theraflu.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13549-3-27887010
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Z_vUw48PNOc
.youtube.com/	1970-01-20 13:06:14	Name: VISITOR_INFO1_LIVE Value: NFpBNDQT8O4
.theraflu.com/	1970-01-20 17:32:38	Name: BVBRANDID Value: 0ecb5da0-2c6a-440b-9bad-b10635badb7d
.theraflu.com/	1970-01-20 08:47:03	Name: BVBRANDSID Value: cddea2b4-fb5c-45e2-8df5-e97238db7e85
.cdns.us1.gigya.com/	1970-01-20 17:32:38	Name: apiDomain_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz Value: us1.gigya.com
.gigya.com/	1970-01-20 17:32:38	Name: gmid Value: gmid.ver4.AcbHAW_Fmw.sMzxpkCj2LjYfSGrt2kHJge70byT-YWKzQiC7U1bL2Vfi0INspWq672mQT70JC7B.9FkdK_6JL15ZHEQS4hsPTl55H38eTS9ZGgab7SHu36Lezn0fLftxzv7UhR7N1yn2zgTfzXlgkz1W0CrH4WjdaQ.sc3
.gigya.com/	1970-01-20 17:32:38	Name: ucid Value: TQF8Kr9c1yVZd6zkuGtlyQ
.gigya.com/	1970-01-20 13:07:36	Name: hasGmid Value: ver4
.theraflu.com/	1970-01-20 10:56:38	Name: _gcl_au Value: 1.1.1357111287.1673222067
.theraflu.com/	1970-01-20 17:32:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Jan+08+2023+23%3A54%3A26+GMT%2B0000+(GMT)&version=202211.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.theraflu.com%2F%3F&groups=1%3A1%2C3%3A1%2CBG643%3A1%2C2%3A1%2C4%3A1%2C5%3A1
.theraflu.com/	1970-01-20 17:32:38	Name: gig_bootstrap_3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ Value: _gigya_ver4
.bing.com/	1970-01-20 18:08:38	Name: MUID Value: 228FFC2C9FE56FD01043EEBF9E9B6E6F
.bat.bing.com/	1970-01-20 08:57:06	Name: MR Value: 0
.adsrvr.org/	1970-01-20 17:32:38	Name: TDID Value: 98f85b64-8915-4ed8-830b-efa256964328
.theraflu.com/	1970-01-20 08:48:28	Name: _uetsid Value: c8ca6c508faf11edb13787fea49b9ead
.theraflu.com/	1970-01-20 18:08:38	Name: _uetvid Value: c8d04f708faf11edad04152c7ef250ae
.theraflu.com/	1970-01-20 08:48:28	Name: _gid Value: GA1.2.178569508.1673222067
.theraflu.com/	1970-01-20 08:47:02	Name: _dc_gtm_UA-38587364-3 Value: 1
.theraflu.com/	1970-01-20 08:47:02	Name: _gat_UA-135635203-1 Value: 1
.theraflu.com/	1970-01-20 18:23:02	Name: _ga_TN9NWLYCYS Value: GS1.1.1673222067.1.0.1673222067.0.0.0
.theraflu.com/	1970-01-20 18:23:02	Name: _ga Value: GA1.1.591521397.1673222067
.theraflu.com/	1970-01-20 18:23:02	Name: _ga_4Q47Q3C7RV Value: GS1.1.1673222067.1.0.1673222067.0.0.0
.amazon-adsystem.com/	1970-01-20 15:10:04	Name: ad-id Value: A0Dbcx7Ur0Aomy_8cg6lSXE
.amazon-adsystem.com/	1970-01-20 18:23:02	Name: ad-privacy Value: 0
.cdns.us1.gigya.com/	1970-01-20 17:32:38	Name: gig_canary_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz Value: false
.cdns.us1.gigya.com/	1970-01-20 17:32:38	Name: gig_canary_ver_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz Value: 13549-3-27887010
.twitter.com/	1970-01-20 18:23:02	Name: personalization_id Value: "v1_f3TaWIpb1eu+uYO0N9MfBg=="
.t.co/	1970-01-20 18:23:02	Name: muc_ads Value: 8525c69c-43e8-4439-ba62-11f63423f16a
www.clarity.ms/	1970-01-20 17:32:38	Name: CLID Value: c0fce19460734b6db3fb657305959b1a.20230108.20240108
.doubleclick.net/	1970-01-20 18:23:02	Name: IDE Value: AHWqTUnlzNTDtjSARX2-29X8n4hribMMCejvyTC58K_Oo_6qd9HH9_P3nWsVWEVcg4o
.yahoo.com/	1970-01-20 17:32:59	Name: A3 Value: d=AQABBLNXu2MCENx1nTcFtEFPzud8CjeEjLEFEgEBAQGpvGPFYwAAAAAA_eMAAA&S=AQAAAvw-ZqMiTQ3tfG_RLSmGlFs
.adnxs.com/	1970-01-20 10:56:38	Name: uuid2 Value: 4494474885909848782
.theraflu.com/	1970-01-20 17:32:38	Name: _clck Value: 1jb8gyl\|1\|f83\|0
.rubiconproject.com/	1970-01-20 17:32:38	Name: khaos Value: LCO17U24-16-6XKD
.rubiconproject.com/	1970-01-20 17:32:38	Name: audit Value: 1\|xmNpxFHzZZDO0K+e1t/MahVAcAKpt1goBWhRclQWzLtz+9LtiDVAhgpn5QA7UVkr9yBtQrkcEUgwHTRO1/p4iHX0qfg68IpFQAPcN3ARK85sJIdjqrEp9XxlmpdgETJJPaznaWPvE5ZJR2U2TwvnYgNjtt3JT42cauKvwcj6ch/REvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.analytics.yahoo.com/	1970-01-20 17:32:38	Name: IDSYNC Value: 1769~29bb
.adsrvr.org/	1970-01-20 17:32:38	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIzq_g2bb3uDsQBRIXCghhcHBuZXh1cxILCJasj9e297g7EAUSGQoKcmlnaHRtZWRpYRILCJasj9e297g7EAUSFgoHcnViaWNvbhILCJasj9e297g7EAUYBSABKAMyCwiipv-Dzfe4OxAFQg8iDQgBEgkKBXRpZXIxEAFaBzJvYnEycXdgAQ..
.c.bing.com/	1970-01-20 08:57:06	Name: MR Value: 0
.c.bing.com/	1970-01-20 18:08:38	Name: SRM_B Value: 228FFC2C9FE56FD01043EEBF9E9B6E6F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 18:08:38	Name: MUID Value: 228FFC2C9FE56FD01043EEBF9E9B6E6F
.c.clarity.ms/	1970-01-20 08:57:06	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 08:47:02	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5116519.fls.doubleclick.net
9174324.fls.doubleclick.net
a-cf65.ch-static.com
accounts.us1.gigya.com
adservice.google.com
analytics-static.ugc.bazaarvoice.com
analytics.twitter.com
api.bazaarvoice.com
api.userway.org
apps.bazaarvoice.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cdn.userway.org
cdns.gigya.com
cdns.us1.gigya.com
cdns1.gigya.com
cm.g.doubleclick.net
connect.facebook.net
d.clarity.ms
d22xmn10vbouk4.cloudfront.net
i-cf65.ch-static.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
mcasproxy.azureedge.net
network-a.bazaarvoice.com
pixel.rubiconproject.com
s.amazon-adsystem.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
theraflu.com
theraflu.com.mcas-df.ms
ups.analytics.yahoo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.theraflu.com
www.youtube.com
104.127.182.98
104.244.42.131
104.244.42.133
142.250.80.98
142.251.40.166
143.204.138.162
146.75.36.157
184.29.133.16
20.110.81.91
20.241.142.98
209.54.182.161
2600:1400:9000::687e:76f8
2600:9000:2140:5000:d:274d:a6c0:93a1
2600:9000:24eb:4a00:1c:58a3:4780:93a1
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700::6810:9540
2607:f8b0:4004:c08::9b
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:821::2004
2607:f8b0:4006:824::2002
2620:1ec:49::40
2620:1ec:c11::200
2a02:6ea0:c400::11
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:79::720
3.33.220.150
40.76.174.66
44.233.92.92
52.251.65.90
52.45.33.138
52.54.236.87
54.84.68.49
65.9.156.104
68.67.160.114
8.43.72.97
0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98
01774528ba9b62783c0e66ed383697b4a5aebe62cf26d961c25e1c4488a6f25b
03ff83e99dc2184adbe27d576e4e147252d1acd3ee673d2d867271a09fd532b4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06c0a8ec8fcbce53e10a7157f2b7aa9cbffbcc8c80d5f26df2481fa38e42731b
0c11cf62d2f6c84aeb2230528af7eb7f19298b64ee3770f81dc8b8014858c440
11b1ed45698d8402655737dc3f812a2e5d436383daa6c1f3c9d1e28f8ed580fe
130c4c39643c503ab0ec5da7f219341a608fb78ae86b76f732dd21f1fc120844
15655e1ab7c3715d9cf39759aa989cb26e0f467cfbaedb38beecf41cb921b871
1a6c87136278e8c965166288bd2477033e3001d8547a6987571a6ef12b2bd2d3
1debfa5a3db821b38298aa1aaf3599e86c8ed17728309c968d58cad26e24c242
1fcce68211ce42ba911ee532c5c07020ba0779f22af953bddf2dd9e2a71aca2f
227e346e856d8026d10e54a4574bd2f209afb4f35884296d6d2b5bc56674cd85
264ed42866ef7ecd8dbb14666ee620b32d43136fb56424740e7a9687025037ed
2729b38585f0e93bf5072f9405e5f7a15bbaaaf79379e983a1e64006f5ae372c
282a1d96c1ea7514a874bc39c11ed669702273372e1406c09ce45fcbc99352f2
286fdacfe4ef414dfbfe334c540a80bd9dcdf5a23ef430296da7974c2f8d7299
2aefaf2bb21644a48498e278a4ab9535d0453a5567e903276bd2b567626e9af3
2dc34e436e6ab015b3ceda670180f72c0573ad10888f214124eac931d11d8e0b
32226224fc783f4505f237c1c8b724eabe387796785b714ca907ec91b3544261
344babca66f4e8a2ea442ef683f7cb600e8bf34d80e4a05435e15ecde788b1eb
3b58eed50f50fb815c1924ed5d571f41316ea94e22cb7974a736c7a179781415
3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c
3ef6176c75c6ba70f478938afe85264800bac3608b42de93051d9156a719540b
3fd26b2b4969eaf06cc8d7564d783a3240e0d35c357268f95c423a0b3d031470
408287a1bd01b7b9953ff00cbbf098138868b6c447324e3dd834a066834c54ef
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c07e164d3d803b62494a3d2ded0555eee1c6fb4940de3f98fa9c4fb08c7e
50c7a6bc126f23bed4e86844e23471bc2b77bdf396bfe93fee9eb364bc99f9f6
562dbae945fb768488d18f2ccb66a68b9aae188cce16ba011d5fdfbf23b5f6e3
570c43086cde7e26fb4eaedba2f0360ce566720f760be20d53e59b60f9eb64eb
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
5ac5d0480f4698b35ad02f1f04d53a6ae216b7c180bacdbe2e3525b0366e296e
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
63814d6d8b73a534b9c689f87da7d17a0c32525b810b83e459623a1d7fb57db9
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
6af73e1c9deec74f341b333a4631365f9c2b36866959357d6019dc6007280d62
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da6438a54bfeed12781384b58259bdfe3daf27302eb5d7cf1c8540a0c5ced5c
78c8665d0f5bac8262af308a41b51deb34cdbbeda47c691d51cce6ebee77211b
7ac23c3d76c90e7b1836e7969fbe34e1ac3ec3c4d7a13119646d2d175de80211
7d64c0f6803a5aa71811cd41042f1ec93970a2108b6f2525bba1266e275f97ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834f4645a5c0608ee147ac7693d817770ebb8f2fac838cd542e8bebdd5c211ef
84b08206e98c7c8daf067d0301b3319a1723bb65f97177c1e6203ffc4a261682
84dcde857a5e24d98bf9fdc2af4e8e23951c11a0b40eef41dcae809065a3a1f4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93ee439f9d69f954c2d09dfcafe981898ef7f03d8efb0adcac942eb5e9d385e9
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99217b7b7dcb1540af7a5396b7e5883011b12899c9a99f8206319863e5529dfa
996ee8718301809bfe406bf53e579bb89652ab2efce2825b65254fcb8ba7868b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9da515728c9e04f63bfc84894e899fb538ce44ad1c53d2e91e92579ad19c47be
9f84a6c332c38a069befd1d0296d505d676669082f96af7febe686c85ec7e16a
9fad81ea82bcde8b8400cae57772da4c6edc2ccb2cc7f4ace0d10f79ce88fd69
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
a6054f85484eeeb3551c49bdddc94a8de681ca45d9064b3c24590ccec9b12290
aa276e63693f261f43cd7e1a0e9996f435bc6dc2b46c36c62d5935270764be99
aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af142e7e56c1482d6bde1f9ef0b14c7aba6d065e16ef86109c0e0d636b4eb52e
b2ad59396cd1b434518c3b3b5904b5e29c4e71db97129c9e2e03f151931ab943
b3cdaec30c179724e1bf53842f55923ecad668316a3b6f165515d0f978b7260f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bdae19be3c51d326c5e901dba6793578e5ee79501df6d1e8fe20bc57a1d4efc4
bdce0895b63cd23f230d6af09c50bb90a837f70cc504839ce4e76d5cdd5910e7
be2d3a325f1bc6568399eff6e10a8fdf4bf657eca0feb9b058921bc92907dd5b
bfd841fc2fd58f52cf9581ffe06f11ae4832e8ea71e6fd2b167658100da09b80
c0bfea7132f284aa47cb959ea9013095274e2df53663fc4d192a388aefbbe325
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c82668106a46ff4624d06f82252d79db40081cba3cfaefe6e99abac02bc2848e
c9af4fed899c107f0bb35755515dc435ce692d298d90433f076c168acf038f80
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
cbbeee8ccca4b8afb33798cbfcfcb398c60c0fe88152aba04e5111e64965f375
cd060121c116c6e69f9e53ef17340d2e6dba01645bcb0b5da498afad49f36af6
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3f4a34cdaddaef2e8cf5a21b95fdb3da4d414e70cf676587ae31a49b001e469
d44689f4ff03c26b192f55158ea868c6c8d802597d0a3cceb37ae6c1d580d9af
d585ea90b33024f593c4a3665e8767e9dfdf8b84b7b0874a163c266b8b2f3ab1
d69a6abf613d9a93ddef9e91dca9343b6cc8ad3425fab992a985fa5b53a19334
d7c0e2a17e92548dd4d14101dc107c9eeb6bd6f052b283f9864b730ea694834e
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0887e40e08128ea5ab270e32e3f43762459fa59f4db0c17b6fd3f49d8a542ba
e09899b8901eea8c77d681427930b5e25aea5ac19bd3a2889c7defc379f7af7c
e1259e8ccc9e83819d0e30ef5a2260b41b75bce4e16733280fc2fab1ed8969f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58762c22de8c53637f13ac7f4c1a9771b48d0e21d1c9753d3453e006260ab77
e68683445de234abc922683ad4cb3b1f0e5db14a08ecd48df0fe928cad639429
e6d18b4912214948c26883ebbc4d7204b453c10de013c3e96b2013487c3fd8ad
e6ed78cbbb31a5df51f288b2e978a4d85382fc48b2e4c7e8d869910acd0fc6d4
e91b80678c5813dbb5f3fd19c6999b64d7e9b1b85edaff78c0071af1943a798d
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f40209e22b8a414f7bcb814f5b570460b1dc47ed8a8acad273c89f8423375434
f4ff09114fe8347b049da92e9d0fbf377e13516bd38924187a7bc727e3b5307f
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
fa16105a1b3412fde7a31a58822e3dbed474412b9bf462849c5af0400e5a9ca2
fc8a7d2af534cc8cfb3e0d05e2b4f4b8674081b369c374f4c9506996a7d2e886
fcc3ba6f990b4233df69c23f0cfd205059e4bad4d4a8038a6b475d10f736a764
ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b

www.theraflu.com Open in urlscan Pro 52.251.65.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

97 %HTTPS

46 %IPv6

27 Domains

45 Subdomains

36 IPs

1 Countries

2159 kBTransfer

6477 kBSize

49 Cookies

21 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theraflu.com Open in urlscan Pro
52.251.65.90 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

97 %
HTTPS

46 %
IPv6

27
Domains

45
Subdomains

36
IPs

1
Countries

2159 kB
Transfer

6477 kB
Size

49
Cookies

127 HTTP transactions
2 data transactions