urlscan.io logo urlscan.io
SecurityTrails logo

www.theraflu.com Open in urlscan Pro
52.251.65.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://theraflu.com/
Effective URL: https://www.theraflu.com/
Submission: On September 17 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 6 countries across 24 domains to perform 124 HTTP transactions. The main IP is 52.251.65.90, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.theraflu.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 7th 2022. Valid for: a year.
This is the only time www.theraflu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 52.251.65.90 8075 (MICROSOFT...)
11 52.252.73.133 8075 (MICROSOFT...)
5 2600:9000:230... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
12 2.18.168.252 16625 (AKAMAI-AS)
14 2a04:4e42:1b:... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.137.15 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
7 54.201.120.27 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 6 142.250.186.134 15169 (GOOGLE)
1 199.232.16.157 54113 (FASTLY)
1 108.138.15.119 16509 (AMAZON-02)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 209.54.182.161 16509 (AMAZON-02)
2 52.223.40.198 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 2001:4860:480... 15169 (GOOGLE)
2 52.207.131.147 14618 (AMAZON-AES)
3 23.205.239.224 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 52.16.236.35 16509 (AMAZON-02)
1 2 20.234.93.27 8075 (MICROSOFT...)
3 20.75.32.255 8075 (MICROSOFT...)
124 37
8    52.251.65.90 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
theraflu.com
www.theraflu.com
11    52.252.73.133 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
origin-cf65.ch-static.com
5    2600:9000:2304:6000:d:274d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
apps.bazaarvoice.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
12    2.18.168.252 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-252.deploy.static.akamaitechnologies.com
cdns.gigya.com
cdns.us1.gigya.com
cdns1.gigya.com
14    2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)
i-cf65.ch-static.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    18.66.137.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-15.fra60.r.cloudfront.net
d22xmn10vbouk4.cloudfront.net
8    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
7    54.201.120.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-120-27.us-west-2.compute.amazonaws.com
api.userway.org
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
9174324.fls.doubleclick.net
5116519.fls.doubleclick.net
1    199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    2600:9000:206e:2200:1c:58a3:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
analytics-static.ugc.bazaarvoice.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    52.207.131.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-131-147.compute-1.amazonaws.com
network-a.bazaarvoice.com
3    23.205.239.224 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-224.deploy.static.akamaitechnologies.com
accounts.us1.gigya.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2620:1ec:27::cafe:2066 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    52.16.236.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-236-35.eu-west-1.compute.amazonaws.com
api.bazaarvoice.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
3    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
Apex Domain
Subdomains		 Transfer
25 ch-static.com
origin-cf65.ch-static.com — Cisco Umbrella Rank: 214340
i-cf65.ch-static.com — Cisco Umbrella Rank: 116536
629 KB
15 userway.org
cdn.userway.org — Cisco Umbrella Rank: 5442
api.userway.org — Cisco Umbrella Rank: 5286
90 KB
15 gigya.com
cdns.gigya.com — Cisco Umbrella Rank: 7400
cdns.us1.gigya.com — Cisco Umbrella Rank: 9018
accounts.us1.gigya.com — Cisco Umbrella Rank: 22371
cdns1.gigya.com — Cisco Umbrella Rank: 43000
456 KB
9 bazaarvoice.com
apps.bazaarvoice.com — Cisco Umbrella Rank: 4030
analytics-static.ugc.bazaarvoice.com — Cisco Umbrella Rank: 4587
network-a.bazaarvoice.com — Cisco Umbrella Rank: 6356
api.bazaarvoice.com — Cisco Umbrella Rank: 5378
81 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 410
132 KB
8 theraflu.com
theraflu.com
www.theraflu.com
150 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
c.clarity.ms — Cisco Umbrella Rank: 998
b.clarity.ms — Cisco Umbrella Rank: 5126
26 KB
7 doubleclick.net
9174324.fls.doubleclick.net — Cisco Umbrella Rank: 536917
5116519.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2989
20 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de — Cisco Umbrella Rank: 9081
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
2 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
c.bing.com — Cisco Umbrella Rank: 220
13 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1428
insight.adsrvr.org — Cisco Umbrella Rank: 624
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
229 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
315 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
113 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
54 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538
355 B
1 t.co
t.co — Cisco Umbrella Rank: 489
338 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 613
15 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
368 B
1 cloudfront.net
d22xmn10vbouk4.cloudfront.net
24 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1075
41 KB
124 24
Domain Requested by
14 i-cf65.ch-static.com www.theraflu.com
11 origin-cf65.ch-static.com www.theraflu.com
origin-cf65.ch-static.com
9 cdns.us1.gigya.com cdns.gigya.com
cdns.us1.gigya.com
8 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
www.theraflu.com
8 cdn.userway.org www.theraflu.com
cdn.userway.org
7 api.userway.org cdn.userway.org
7 www.theraflu.com www.theraflu.com
origin-cf65.ch-static.com
5 apps.bazaarvoice.com www.theraflu.com
apps.bazaarvoice.com
4 5116519.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 b.clarity.ms www.clarity.ms
3 adservice.google.de adservice.google.com
3 adservice.google.com 9174324.fls.doubleclick.net
5116519.fls.doubleclick.net
3 accounts.us1.gigya.com cdns.us1.gigya.com
3 bat.bing.com www.theraflu.com
bat.bing.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.theraflu.com
3 www.googletagmanager.com www.theraflu.com
www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.facebook.com www.theraflu.com
2 network-a.bazaarvoice.com www.theraflu.com
2 region1.google-analytics.com www.googletagmanager.com
2 insight.adsrvr.org www.theraflu.com
js.adsrvr.org
2 s.amazon-adsystem.com 1 redirects www.theraflu.com
2 connect.facebook.net www.theraflu.com
connect.facebook.net
2 9174324.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.youtube.com origin-cf65.ch-static.com
www.youtube.com
2 cdns.gigya.com www.theraflu.com
cdns.gigya.com
1 c.bing.com 1 redirects
1 cdns1.gigya.com www.theraflu.com
1 api.bazaarvoice.com apps.bazaarvoice.com
1 analytics.twitter.com www.theraflu.com
1 t.co www.theraflu.com
1 www.google.de www.theraflu.com
1 www.google.com www.theraflu.com
1 stats.g.doubleclick.net www.google-analytics.com
1 analytics-static.ugc.bazaarvoice.com apps.bazaarvoice.com
1 js.adsrvr.org www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 d22xmn10vbouk4.cloudfront.net www.googletagmanager.com
1 www.googleoptimize.com www.theraflu.com
1 theraflu.com 1 redirects
124 42
Subject Issuer Validity Valid
sensodynepr.com
Sectigo RSA Organization Validation Secure Server CA		 2022-01-07 -
2023-01-07		 a year crt.sh
a-stage-cf65.ch-static.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-14 -
2023-09-14		 a year crt.sh
*.bazaarvoice.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-19 -
2023-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
cdns.gigya.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-04		 a year crt.sh
*.ch-static.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-27 -
2023-03-31		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
api.userway.org
Amazon		 2021-11-02 -
2022-11-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-26 -
2022-09-24		 3 months crt.sh
analytics-static.ugc.bazaarvoice.com
Amazon		 2022-09-05 -
2023-10-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
gigya.com
GeoTrust RSA CA 2018		 2022-02-03 -
2023-02-03		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.api.bazaarvoice.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh

This page contains 16 frames:

Primary Page: https://www.theraflu.com/
Frame ID: 08E9E6BA198BD1C98696EF847C394B1F
Requests: 102 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13398
Frame ID: F1BC091A86FE036CAB55396B3CB941BD
Requests: 5 HTTP requests in this frame

Frame: https://9174324.fls.doubleclick.net/activityi;dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 8450E4549E20E3E2CE5F9F3B3DCCBCAD
Requests: 1 HTTP requests in this frame

Frame: https://5116519.fls.doubleclick.net/activityi;dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 937DF8F51B50967F6DE26D3A38FB893F
Requests: 1 HTTP requests in this frame

Frame: https://5116519.fls.doubleclick.net/activityi;dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 223B00F33ED4405C48E12DE9508DA7D2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 6A0129FB7712A0B66BA9C9B0124D4317
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 301A3E8484660E1D692863811B6A6470
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: EF975BB354489DE1DD18C73108243931
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: B985DCF33DFF5EC5611C732EE913CADC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 2C432D732FFF1B96816A6E49E8227B1E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Frame ID: 88EDBB6F030E059EA95ED8F588017311
Requests: 1 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Frame ID: ACC431C6D7F2DDCBCE9A8100098125FB
Requests: 2 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Frame ID: 23BBCD7DDF318C52B4DC09D952EC3A08
Requests: 2 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Frame ID: 780678474895FFC6293A0EAF29000A13
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B7ED3CA4C6EA391FB14C8C0E71AE3D89
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2obq2qw&ref=https%3A%2F%2Fwww.theraflu.com%2F&upid=4uicnfj&upv=1.1.0
Frame ID: 4A820C1B43FBB0F5D82FFA7511C651B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Powerful Relief from Cold and Flu Symptoms | TherafluBack ButtonFilter Button

Page URL History Show full URLs

  1. http://theraflu.com/ HTTP 301
    https://www.theraflu.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
Overall confidence: 100%
Detected patterns
  • \.gigya\.com/JS/gigya\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

124
Requests

98 %
HTTPS

53 %
IPv6

24
Domains

42
Subdomains

37
IPs

6
Countries

2084 kB
Transfer

6228 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theraflu.com/ HTTP 301
    https://www.theraflu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://9174324.fls.doubleclick.net/activityi;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F HTTP 302
  • https://9174324.fls.doubleclick.net/activityi;dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Request Chain 55
  • https://5116519.fls.doubleclick.net/activityi;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F HTTP 302
  • https://5116519.fls.doubleclick.net/activityi;dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Request Chain 57
  • https://5116519.fls.doubleclick.net/activityi;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F HTTP 302
  • https://5116519.fls.doubleclick.net/activityi;dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Request Chain 64
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1003113861 HTTP 302
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1003113861&dcc=t
Request Chain 114
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=CD90995906EA4150A77D4676850CACD4&RedC=c.clarity.ms&MXFR=1107997E164F6DC83FBE8B5C124F633E HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=CD90995906EA4150A77D4676850CACD4&MUID=3D5CE82EC5FD6A423FD5FA0CC4966B0B

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.theraflu.com/
Redirect Chain
  • http://theraflu.com/
  • https://www.theraflu.com/
110 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
c2b636a8478b30afb73d531830e2745c764e543c8d85fcc37ad1e30ec5501306
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 17 Sep 2022 01:45:31 GMT
link
<https://www.googletagmanager.com>; rel=preconnect; crossorigin, <https://www.googletagmanager.com>; rel=dns-prefetch; crossorigin, <https://origin-cf65.ch-static.com>; rel=preconnect; crossorigin, <https://origin-cf65.ch-static.com>; rel=dns-prefetch; crossorigin, <https://i-cf65.ch-static.com>; rel=preconnect; crossorigin, <https://i-cf65.ch-static.com>; rel=dns-prefetch; crossorigin
server
Apache
strict-transport-security
max-age=63072000;
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
233
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 17 Sep 2022 01:45:30 GMT
Location
https://www.theraflu.com/
Server
Apache
design.default.bootstrap.v0-0-1.ts202209151203.css
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/ 		758 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
f66b7f749bcdc2c9c8f0c2c266bc22f5ecf21157b23812d109916c6b2f6eb093
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:31 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 15 Sep 2022 12:03:46 GMT
server
Apache
etag
"bd953-5e8b6099e6951-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
expires
Sun, 18 Sep 2022 01:45:31 GMT
head.v0-0-1.ts202209151205.js
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.fileAsset.js/zg/basic/desktop/js/head/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.fileAsset.js/zg/basic/desktop/js/head/head.v0-0-1.ts202209151205.js
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
af142e7e56c1482d6bde1f9ef0b14c7aba6d065e16ef86109c0e0d636b4eb52e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:31 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 12:03:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"5e75-5e8b6099df487-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
10192
expires
Sun, 18 Sep 2022 01:45:31 GMT
bv.js
apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/bv.js
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fad81ea82bcde8b8400cae57772da4c6edc2ccb2cc7f4ace0d10f79ce88fd69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
MyHdX5TYnawGTPuuU6R0uUxf_KOOOugE
content-encoding
gzip
etag
"b0cdaf283a83d3bfb9cfdc63e8d53050"
x-amz-cf-pop
VIE50-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
vary
Accept-Encoding, Origin
content-length
20851
last-modified
Thu, 25 Aug 2022 14:20:23 GMT
server
AmazonS3
date
Sat, 17 Sep 2022 01:45:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
ifnK1ThTxGiQRF50f8zeu6nbEHnCxLTC7vL0gBfmXVU1aPvslNqTog==
optimize.js
www.googleoptimize.com/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-PKPMGMZ
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c546a56304aa4a54b59f5bb03a03c954dcdde4ffebe168411bd4a5b8f60ed358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41621
x-xss-protection
0
last-modified
Sat, 17 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Sep 2022 01:45:31 GMT
gigya.js
cdns.gigya.com/JS/ 		462 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08260f312712c787ddd4ad9bf7ff014132de69acadec85b14870d2ec57d0472c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:32 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
ae58f422b2424ca8a1f8ed78e6e85cc2
Cache-Control
public, max-age=900, s-maxage=3600
x-server
us1d-nomad-g41
Connection
keep-alive
x-robots-tag
none
Content-Length
154910
Expires
Sat, 17 Sep 2022 02:00:32 GMT
gsk-logo.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/gsk-logo.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
2aefaf2bb21644a48498e278a4ab9535d0453a5567e903276bd2b567626e9af3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144817
x-cache
HIT, HIT
x-imgix-id
9fd23381948bc7689fc3a16d6718b4a6e92bebcf
content-length
1605
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:31:55 GMT
server
imgix
x-served-by
cache-sjc10074-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
theraflu-brand.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 		24 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/theraflu-brand.svg
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
408287a1bd01b7b9953ff00cbbf098138868b6c447324e3dd834a066834c54ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 09:22:29 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"6103-5e8b3c8cec29e-br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
4003
icon-18-px-plus.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		552 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-18-px-plus.svg
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e68683445de234abc922683ad4cb3b1f0e5db14a08ecd48df0fe928cad639429
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 09:24:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"228-5e8b3d1c51618-br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
250
icon-18-px-minus.svg
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		437 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-18-px-minus.svg
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
f4ff09114fe8347b049da92e9d0fbf377e13516bd38924187a7bc727e3b5307f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
br
last-modified
Thu, 15 Sep 2022 09:24:59 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1b5-5e8b3d1c83ebc-br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
192
Theraflu-logo-155x76.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/Theraflu-logo-155x76.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
93ee439f9d69f954c2d09dfcafe981898ef7f03d8efb0adcac942eb5e9d385e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144817
x-cache
HIT, HIT
x-imgix-id
c75abe46d87cfb8b03fbdaed9d67af51a66a75ac
content-length
4458
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:31:55 GMT
server
imgix
x-served-by
cache-sjc10076-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
hp-banner-theraflu.jpg.rendition.2000.706.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/hp-banner-theraflu.jpg.rendition.2000.706.jpg?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
286fdacfe4ef414dfbfe334c540a80bd9dcdf5a23ef430296da7974c2f8d7299
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144488
x-cache
HIT, HIT
x-imgix-id
f47047a1588d9bd6fac12862a39fdef4c9011cd1
content-length
45971
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:37:23 GMT
server
imgix
x-served-by
cache-sjc10069-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
anytime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/anytime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1debfa5a3db821b38298aa1aaf3599e86c8ed17728309c968d58cad26e24c242
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144488
x-cache
HIT, HIT
x-imgix-id
9ab03761d51410d64183f6e50637d4e822d5fddc
content-length
21637
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:37:24 GMT
server
imgix
x-served-by
cache-sjc10049-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
nighttime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/nighttime-flu-relief-max-strength-hot-liquid-powder.jpg.rendition.550.550.jpg?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
fcc3ba6f990b4233df69c23f0cfd205059e4bad4d4a8038a6b475d10f736a764
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144488
x-cache
HIT, HIT
x-imgix-id
392cd6a3b1f3058b58ee6044bd1fc697f345a76b
content-length
24627
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:37:24 GMT
server
imgix
x-served-by
cache-sjc10026-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
multisymtoms.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/multisymtoms.png.rendition.516.516.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
01774528ba9b62783c0e66ed383697b4a5aebe62cf26d961c25e1c4488a6f25b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
34537
x-cache
HIT, HIT
x-imgix-id
16a1fe522e1743c79b4787bab56d00219ce6f0d4
content-length
19095
x-imgix-render-farm
01.592
last-modified
Fri, 16 Sep 2022 16:09:54 GMT
server
imgix
x-served-by
cache-sjc10040-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
night.png.rendition.516.516.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/products/night.png.rendition.516.516.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
264ed42866ef7ecd8dbb14666ee620b32d43136fb56424740e7a9687025037ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
34537
x-cache
HIT, HIT
x-imgix-id
66392c6cc1a979d41d91abdd3b510f0b7a821150
content-length
21253
x-imgix-render-farm
01.592
last-modified
Fri, 16 Sep 2022 16:09:54 GMT
server
imgix
x-served-by
cache-sjc10034-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
right-to-recover-desktop-v1.jpg.rendition.2000.584.jpg
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/pages/homepage/desktop/right-to-recover-desktop-v1.jpg.rendition.2000.584.jpg?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e590be76cc7da79523e4567b8f2f8f842e852bc6c24b22e048da562ec040aa76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
134882
x-cache
HIT, HIT
x-imgix-id
330afed296a207f3ae7dc6d8dbf741b0d18fdd65
content-length
27962
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 12:17:29 GMT
server
imgix
x-served-by
cache-sjc10070-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
icon-facebook.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-facebook.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
32226224fc783f4505f237c1c8b724eabe387796785b714ca907ec91b3544261
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144481
x-cache
HIT, HIT
x-imgix-id
ed07cc7c8e86c164dbefb6084c1831eced20cbfa
content-length
1229
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:37:31 GMT
server
imgix
x-served-by
cache-sjc10051-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
icon-facebook-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-facebook-lightblue.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e0887e40e08128ea5ab270e32e3f43762459fa59f4db0c17b6fd3f49d8a542ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144420
x-cache
HIT, HIT
x-imgix-id
8742d13ccee26100fd46109083c26f270d01b0d0
content-length
1284
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:38:31 GMT
server
imgix
x-served-by
cache-sjc10066-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
icon-youtube.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-youtube.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9da515728c9e04f63bfc84894e899fb538ce44ad1c53d2e91e92579ad19c47be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144420
x-cache
HIT, HIT
x-imgix-id
428da96c0a64e79c40264081de2a19865d76f712
content-length
1393
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:38:32 GMT
server
imgix
x-served-by
cache-sjc10021-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
icon-youtube-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-youtube-lightblue.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
06c0a8ec8fcbce53e10a7157f2b7aa9cbffbcc8c80d5f26df2481fa38e42731b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144420
x-cache
HIT, HIT
x-imgix-id
84e78cee14dff1dae4dfcd04f08e83ec510a7169
content-length
1462
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:38:32 GMT
server
imgix
x-served-by
cache-sjc10081-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
icon-twitter.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-twitter.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bfd841fc2fd58f52cf9581ffe06f11ae4832e8ea71e6fd2b167658100da09b80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144420
x-cache
HIT, HIT
x-imgix-id
d93a5f0e22b7810726cf4896c649982580b5350e
content-length
1580
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:38:32 GMT
server
imgix
x-served-by
cache-sjc10041-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
icon-twitter-lightblue.png
i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i-cf65.ch-static.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/src/icons/icon-twitter-lightblue.png?auto=format
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cbbeee8ccca4b8afb33798cbfcfcb398c60c0fe88152aba04e5111e64965f375
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
age
144420
x-cache
HIT, HIT
x-imgix-id
16539f2482b6378977dbbc62a79c7c75f413fd81
content-length
1644
x-imgix-render-farm
01.592
last-modified
Thu, 15 Sep 2022 09:38:32 GMT
server
imgix
x-served-by
cache-sjc10042-SJC, cache-hhn4081-HHN
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
design.default.bootstrap.v0-0-1.ts202209151206.js
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/ 		581 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202209151206.js
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
41d8a6394ab7e9055f7575f39d686b95ab74f61e12d393868c914e6396e44a80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 15 Sep 2022 12:03:41 GMT
server
Apache
etag
"913cc-5e8b6094e2216-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
expires
Sun, 18 Sep 2022 01:45:32 GMT
GothamNarrow-Book.woff
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Book.woff
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e09899b8901eea8c77d681427930b5e25aea5ac19bd3a2889c7defc379f7af7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Origin
https://www.theraflu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
last-modified
Thu, 15 Sep 2022 12:03:41 GMT
server
Apache
etag
"7d38-5e8b60951ac5b"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
32056
expires
Sun, 17 Sep 2023 01:45:32 GMT
gtm.js
www.googletagmanager.com/ 		255 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd55b351e9129e97cca1282c2331711420437adfc3c07de8c4f9228a32aa449f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84136
x-xss-protection
0
last-modified
Sat, 17 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Sep 2022 01:45:32 GMT
sdk.config.get
cdns.us1.gigya.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&httpStatusCodes=true
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f94f1b119780ba1de8898f05ebc190c039eafa857d0e9b82286bba6790f8bdc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:32 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
dff96069426f41ab86f64ce5d21f27cb
Cache-Control
public, max-age=86400, s-maxage=72000
x-server
us1d-nomad-g55
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
1343
GothamNarrow-Medium.woff
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Medium.woff
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
84b08206e98c7c8daf067d0301b3319a1723bb65f97177c1e6203ffc4a261682
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Origin
https://www.theraflu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
last-modified
Thu, 15 Sep 2022 12:03:41 GMT
server
Apache
etag
"7f48-5e8b609531831"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
32584
expires
Sun, 17 Sep 2023 01:45:32 GMT
truncated
/ 		486 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fd26b2b4969eaf06cc8d7564d783a3240e0d35c357268f95c423a0b3d031470

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f40209e22b8a414f7bcb814f5b570460b1dc47ed8a8acad273c89f8423375434

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
.token.json
www.theraflu.com/ 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theraflu.com/.token.json
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202209151206.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.theraflu.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/json;charset=iso-8859-1
cache-control
no-cache
strict-transport-security
max-age=63072000;
content-length
2
expires
-1
gigya.ssolink.js
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/gigya.ssolink.js
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202209151206.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
c9af4fed899c107f0bb35755515dc435ce692d298d90433f076c168acf038f80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 12:04:18 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"9a6-5e8b60b821474-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
1189
expires
Sun, 18 Sep 2022 01:45:32 GMT
czech.lng
www.theraflu.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/languages/ 		273 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theraflu.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/languages/czech.lng
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202209151206.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
c82668106a46ff4624d06f82252d79db40081cba3cfaefe6e99abac02bc2848e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
last-modified
Thu, 15 Sep 2022 12:05:48 GMT
server
Apache
etag
"111-5e8b610e81b3e"
x-frame-options
SAMEORIGIN
cache-control
max-age=86400, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
273
expires
Sun, 18 Sep 2022 01:45:32 GMT
widget.js
cdn.userway.org/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
389e39b80b5973ffc493d0877a65faa181f506e841d3330d1e64dd1ff9116b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:32 GMT
via
1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
etag
W/"cf5866627459c6ba303fb32b25aab67b"
age
354
x-77-cache
HIT
x-cache
HIT
x-age
3484
content-encoding
br
vary
Accept-Encoding
x-77-nzt
Abm0DAYUec//nA0AAA
x-accel-expires
@1663379248
last-modified
Thu, 15 Sep 2022 15:31:06 GMT
server
CDN77-Turbo
x-77-nzt-ray
Y63OuXqbeyY
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
s6fHtvDQufqeR_lej4Pmigf9vBpImsDCIuamEYSU7LViE2YR2aH7qQ==
GothamNarrow-Bold.woff
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamNarrow-Bold.woff
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
11b1ed45698d8402655737dc3f812a2e5d436383daa6c1f3c9d1e28f8ed580fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Origin
https://www.theraflu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
last-modified
Thu, 15 Sep 2022 12:03:41 GMT
server
Apache
etag
"7f8c-5e8b60953cb56"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
32652
expires
Sun, 17 Sep 2023 01:45:32 GMT
GothamForThera-BlkItalic.woff2
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamForThera-BlkItalic.woff2
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d585ea90b33024f593c4a3665e8767e9dfdf8b84b7b0874a163c266b8b2f3ab1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Origin
https://www.theraflu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
last-modified
Thu, 15 Sep 2022 12:05:06 GMT
server
Apache
etag
"8218-5e8b60e60e009"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
33304
expires
Sun, 17 Sep 2023 01:45:32 GMT
GothamForThera-BlkItalic.woff
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/assets/fonts/custom/GothamForThera-BlkItalic.woff
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
570c43086cde7e26fb4eaedba2f0360ce566720f760be20d53e59b60f9eb64eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/css.asset.css/core/design.default.bootstrap.v0-0-1.ts202209151203.css
Origin
https://www.theraflu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
last-modified
Thu, 15 Sep 2022 12:10:19 GMT
server
Apache
etag
"878c-5e8b62104194c"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
34700
expires
Sun, 17 Sep 2023 01:45:32 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202209151206.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2d4580826066e1532c01cc968fd02336e372b28773584a80c37801a22445a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 17 Sep 2022 01:45:32 GMT
gigya.raas.extension.js
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/gigya.raas.extension.js
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202209151206.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e1259e8ccc9e83819d0e30ef5a2260b41b75bce4e16733280fc2fab1ed8969f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 12:03:05 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"2334-5e8b6072d65cb-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
2749
expires
Sun, 18 Sep 2022 01:45:32 GMT
5a3192ca6f1b11eaa422f218989845bc.js
d22xmn10vbouk4.cloudfront.net/ 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d22xmn10vbouk4.cloudfront.net/5a3192ca6f1b11eaa422f218989845bc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-15.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f0b28265fa6a36c271288d34c43f42b4afeadb36c469f5d262eb319517314c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:34 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 01:36:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
W/"48b54c0e3350152778f7594e89bdd5ad"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
public, max-age=601
x-amz-cf-id
cyFw2lwPDnmlpgBPiVNVsIgkiVf_fdYH7SvaTYavUPqYy4Qy-xtWTA==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
14135
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 18:22:15 GMT
server
cloudflare
etag
0x8DA974737287FBC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74be29bb5da35c32-FRA
Api.aspx
cdns.us1.gigya.com/gs/webSdk/ Frame F1BC 		116 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13398
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ce5e4f249f1f4c10edf4c5c87b5edb22d137cc074a67c791a1cefe8ae72b3ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400, s-maxage=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
41974
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Sep 2022 01:45:32 GMT
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-callid
5e5c0a6439f6498bab6e7b260d5b38f7
x-robots-tag
none
x-server
us1d-nomad-g47
x-soa
true, Gator
gigya.services.plugins.base.min.js
cdns.gigya.com/js/ 		455 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.gigya.com/js/gigya.services.plugins.base.min.js?services=gigya.services.accounts.plugins.screenSet&lang=en
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9af46835a32014c65f82122e99073ae727a87222d7dc41935d44edc23f2507b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:32 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
e0c82e23da6a4d019699dd5114109315
Cache-Control
public, max-age=900, s-maxage=3600
x-server
us1d-nomad-g36
Connection
keep-alive
x-robots-tag
none
Content-Length
139756
Expires
Sat, 17 Sep 2022 02:00:32 GMT
widget_app_base_1663255681889.js
cdn.userway.org/widgetapp/2022-09-15/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7a4a40defad2f7ae3143a3e1d1ffd56926d1eb45e927a5b94a3e80a441476479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:32 GMT
via
1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
etag
W/"c8d03d7075c1752b8edba052f4af70cb"
age
50
x-77-cache
HIT
x-cache
HIT
x-age
122615
content-encoding
br
vary
Accept-Encoding
x-77-nzt
Abm0DAaPtlv/994BAA
x-accel-expires
@1689176517
last-modified
Thu, 15 Sep 2022 15:31:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
qlRjn/sUYiM
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
PzO-1-QOEOaNCvU9xCmMudU5us6AlSWl-ML7a1DzsD3zGDa_xHgzzg==
www-widgetapi.js
www.youtube.com/s/player/a97e97de/www-widgetapi.vflset/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a97e97de/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 23:18:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
8822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53518
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 21:54:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Sep 2023 23:18:30 GMT
69b1977b-e59e-4b20-b8ff-1f5bc6b0174d.json
cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6790583c22d819cf41d658edb354ebff6d5c483ef558b5c0c8b9b1af9a9ee31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
10ab1scSDSwmHG5NXJXFnA==
age
2959
vary
Accept-Encoding
content-length
1491
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jun 2022 20:51:13 GMT
server
cloudflare
etag
0x8DA44D9A16BDC45
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a98665e3-701e-00da-3e68-7b7dcd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74be29bb9bc39bbe-FRA
expires
Sat, 17 Sep 2022 05:45:32 GMT
gigya.raas.adobeaudience.extension.js
origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/ 		801 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js/components/gigya.raas.adobeaudience.extension.js
Requested by
Host: origin-cf65.ch-static.com
URL: https://origin-cf65.ch-static.com/etc/designs/zg/bp-theraflu-refresh/desktop/js.asset.js/core/design.default.bootstrap.v0-0-1.ts202209151206.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.252.73.133 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
78c8665d0f5bac8262af308a41b51deb34cdbbeda47c691d51cce6ebee77211b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 12:03:53 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"321-5e8b60a03136b-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
438
expires
Sun, 18 Sep 2022 01:45:32 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		153 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74be29bbfcbb9b33-FRA
access-control-allow-headers
Content-Type
XJzryPgNCX
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/XJzryPgNCX
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.120.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-120-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1b48e10556f97f46935c3b01669716113f92de668624393b6cfc2d8b08480e6f

Request headers

Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
etag
W/"7c9-tKCH8wZCsmEy/+RHPNXjl80GL0s"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
1993
x-service-version
uw-pr
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.36.0/ 		362 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8atDBk1Pe2rTtV5h1AnhkA==
age
14135
vary
Accept-Encoding
content-length
87793
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:29:06 GMT
server
cloudflare
etag
0x8DA48BBFD0F8D63
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
23691863-101e-00c1-31b0-7a535f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74be29bc1e285c32-FRA
en-us.json
cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/f6a1aee5-904a-4fbe-923c-bd1f0326ad0d/ 		52 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/69b1977b-e59e-4b20-b8ff-1f5bc6b0174d/f6a1aee5-904a-4fbe-923c-bd1f0326ad0d/en-us.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9bdf086f50ee9a169c5436a8e9f7484eff26555c4fc8dc3cc73ec54cc38c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
tciltZLKsTrLvGKg2I3www==
age
2958
vary
Accept-Encoding
content-length
13021
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jun 2022 21:02:15 GMT
server
cloudflare
etag
0x8DA44DB2C60B7C2
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8957fd4f-201e-0086-1268-7b8c34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74be29bc5c919bbe-FRA
expires
Sat, 17 Sep 2022 05:45:32 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fOX75b8gO1oiJUk/36PurQ==
age
2958
vary
Accept-Encoding
content-length
2959
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:28:56 GMT
server
cloudflare
etag
0x8DA48BBF6CB86AA
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
26fde1c0-001e-0091-4b68-7b4c57000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74be29bcbce39bbe-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 		58 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968c5a5b3f187b1b669bcdaed073b652d8b27645fd95c3bc38ce236ff4270764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
6hVcqMyQ+9TESc+BaMgY+A==
age
2958
vary
Accept-Encoding
content-length
14326
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:28:58 GMT
server
cloudflare
etag
0x8DA48BBF7D88A93
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0b9931d2-a01e-015f-0b68-7b6c4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74be29bcbce59bbe-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/wtHD+oYY7dZRzCx50GZrQ==
age
2958
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:29:11 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
8aabd03c-701e-001d-3c68-7b010c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74be29bcbce69bbe-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2613
date
Sat, 17 Sep 2022 01:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 17 Sep 2022 03:02:00 GMT
activityi;dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2...
9174324.fls.doubleclick.net/ Frame 8450
Redirect Chain
  • https://9174324.fls.doubleclick.net/activityi;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A...
  • https://9174324.fls.doubleclick.net/activityi;dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraf...
576 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9174324.fls.doubleclick.net/activityi;dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
19d28149d9198cb5239ccd57d22a11d02e0c24d56667441f958b5ed411b5210f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
413
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9174324.fls.doubleclick.net/activityi;dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
5116519.fls.doubleclick.net/ Frame 937D
Redirect Chain
  • https://5116519.fls.doubleclick.net/activityi;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
  • https://5116519.fls.doubleclick.net/activityi;dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fww...
483 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5116519.fls.doubleclick.net/activityi;dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
22a4b25b2bdaad655753272d16f571f8ae8841013897836942170bd7835c5d22
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
381
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5116519.fls.doubleclick.net/activityi;dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15317
x-served-by
cache-iad-kcgs7200063-IAD, cache-vie6327-VIE
activityi;dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
5116519.fls.doubleclick.net/ Frame 223B
Redirect Chain
  • https://5116519.fls.doubleclick.net/activityi;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
  • https://5116519.fls.doubleclick.net/activityi;dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2F...
485 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5116519.fls.doubleclick.net/activityi;dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
93af54adc33397f5066cab862cc3659487a50f87a2276408681709c85b2c44ac
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
382
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5116519.fls.doubleclick.net/activityi;dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:41:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
269
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
RgeYGWUVHtXkjdDdZ6ns0DRGPegnW1o63q5PLjPLlGDZyWXEeU7keg==
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 565AAF8F0A2742C6BBDE470CFAFF3D14 Ref B: FRAEDGE1510 Ref C: 2022-09-17T01:45:33Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Sat, 17 Sep 2022 01:45:32 GMT
accept-ranges
bytes
content-length
11367
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
ow8/JGZ195JAkOa180dpVpshVRDMUgDAULkIsHerVcDYfUDWyTCWZhloFnVxksx4n0T0+973aHNZ2RKBaDGoCw==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 17 Sep 2022 01:45:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		207 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TN9NWLYCYS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1e20aec5fa6e4057627c9e39a8f59270439c74b3c6d2a53f5f292c98ee88459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74628
x-xss-protection
0
expires
Sat, 17 Sep 2022 01:45:33 GMT
js
www.googletagmanager.com/gtag/ 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4Q47Q3C7RV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CHPKDL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26ae5f86ddbdac7fcbecfe5f5af3abe10c1d002ec3a3c4bf9e47ff9c3a523ed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75279
x-xss-protection
0
expires
Sat, 17 Sep 2022 01:45:33 GMT
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 17 Sep 2022 01:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
11405
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 18:22:23 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bb108369-501e-012c-1937-c91c8e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74be29bdaf625c32-FRA
iui3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766...
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766...
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1003113861&dcc=t
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 01:45:33 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
N1D3521TQNX2RGVGZ26D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 01:45:33 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
EKH2ACTSJHVY0D60CXTY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf4b6613-c033-8ad1-f6b4-14b4b67e9503%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.theraflu.com&ex-hargs=v%3D1.0%3Bc%3D1766344630501%3Bp%3DAF4B6613-C033-8AD1-F6B4-14B4B67E9503&gtmcb=1003113861&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=2obq2qw&ct=0:eys241p&fmt=3&gtmcb=834975006
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sdk.config.get
cdns.us1.gigya.com/ Frame F1BC 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&httpStatusCodes=true
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f94f1b119780ba1de8898f05ebc190c039eafa857d0e9b82286bba6790f8bdc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13398
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:33 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
dff96069426f41ab86f64ce5d21f27cb
Cache-Control
public, max-age=86400, s-maxage=72000
x-server
us1d-nomad-g55
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
1343
api-0.8.2.js
apps.bazaarvoice.com/apps/api/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/apps/api/api-0.8.2.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 00:17:16 GMT
content-encoding
gzip
age
1992498
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=63072000; includeSubDomains
content-length
10599
last-modified
Tue, 28 Jun 2022 11:19:05 GMT
server
AmazonS3
etag
"86a440b08f71ad9de17500c8946fa7a1"
vary
Origin
x-amz-version-id
kvnMIwPjpbNt45nTgF9mmYA0x1y87znz
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
hbvpD6xeOZwGzYp49sHnTyfB-jZKNt7WI9G56Z-fhDZEq0vqF9y2DQ==
api-config.js
apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/api-config.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fcce68211ce42ba911ee532c5c07020ba0779f22af953bddf2dd9e2a71aca2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:34 GMT
content-encoding
gzip
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=63072000; includeSubDomains
content-length
779
last-modified
Thu, 25 Aug 2022 14:20:18 GMT
server
AmazonS3
etag
"47186bfe51a461e12c2a74c6f52d5460"
vary
Origin
x-amz-version-id
Pya.mPRLJS70JSOzei0rQYnOseV0oe8I
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
cache-control
max-age=300
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
qsU_QrkzRtvxvLeuPc59vu9pxlZwe9vF22kzSEXTKBJPszT6yNTRHA==
inline_ratings-2.3.3.js
apps.bazaarvoice.com/apps/inline_ratings/ 		108 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/apps/inline_ratings/inline_ratings-2.3.3.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b58eed50f50fb815c1924ed5d571f41316ea94e22cb7974a736c7a179781415
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 09:38:35 GMT
content-encoding
gzip
age
2736419
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=63072000; includeSubDomains
content-length
31965
last-modified
Thu, 03 Mar 2022 05:53:42 GMT
server
AmazonS3
etag
"88a737544bf33b4ddd04a6d4cd0f124e"
vary
Origin
x-amz-version-id
yPcDzs4o7Uq8opwWVkgM1suSa4hH.U85
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
ilFpBulcUqabWBb4mI6ym3_xRp8f74Oob3OSVsjfh_3GshJdi1Rlhw==
inline_ratings-config.js
apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/deployments/theraflu/main_site/production/en_US/inline_ratings-config.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6000:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6af73e1c9deec74f341b333a4631365f9c2b36866959357d6019dc6007280d62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
Ee2PoRmUnzr_.9J70J5cdny5mz2oMIx0
content-encoding
gzip
etag
"5d7011dfbc604af54ef066a886292574"
x-amz-cf-pop
VIE50-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
vary
Accept-Encoding, Origin
content-length
1261
last-modified
Thu, 25 Aug 2022 14:20:18 GMT
server
AmazonS3
date
Sat, 17 Sep 2022 01:45:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
UIr9zz-WdQm7TJupAIEgJVF0TqyLglsMajW38lvtfOWteEX1gTrmaw==
bv-analytics.js
analytics-static.ugc.bazaarvoice.com/prod/static/latest/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-static.ugc.bazaarvoice.com/prod/static/latest/bv-analytics.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:2200:1c:58a3:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a105d7671a688f86c010879ab28395f3e7464d6d9da2a976fb1097dfd20f3ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UeufqCSnIvDiQNpt1V5uKG7cRZ2ig44f
content-encoding
gzip
etag
"5f1a0a2b51f7b738744102bdeba2b705"
age
493581
x-cache
Hit from cloudfront
content-length
12858
last-modified
Wed, 10 Aug 2022 10:58:22 GMT
server
AmazonS3
date
Sun, 11 Sep 2022 08:39:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
BsundeuLxIfIfHfF6g8kPw8QAjAhjiNUYhYzWUOuhAH4NPC4K9r_7Q==
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-38587364-3&cid=613201710.1663379133&jid=2138552955&gjid=1347867072&_gid=7754385.1663379133&_u=YGBAgEABAAAAAE~&z=126945105
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 17 Sep 2022 01:45:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.theraflu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1336285398&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&ul=en-us&de=UTF-8&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=505893614&gjid=400656077&cid=613201710.1663379133&tid=UA-135635203-1&_gid=7754385.1663379133&_r=1&gtm=2wg9e05CHPKDL&z=238878798
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theraflu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1336285398&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theraflu.com%2F&ul=en-us&de=UTF-8&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=2138552955&gjid=1347867072&cid=613201710.1663379133&tid=UA-38587364-3&_gid=7754385.1663379133&gtm=2wg9e05CHPKDL&z=2047455865
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 18:00:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27917
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
421904308779386
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/421904308779386?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1c3e1cd939d41c1762bc30e82b789162995ce90b9b9cf30ff3264f1e30549cc
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
J3y14wV7OHaJ8W6SFhTWri6cFiWGYb3/gXuWQV88INrr8/KsGTQX2vMg40G+oXzLCcHQh6VMkztklJ8mAmRPNA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 17 Sep 2022 01:45:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38587364-3&cid=613201710.1663379133&jid=2138552955&_u=YGBAgEABAAAAAE~&z=1867092336
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38587364-3&cid=613201710.1663379133&jid=2138552955&_u=YGBAgEABAAAAAE~&z=1867092336
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=44ff2ecf-9355-4f68-b67c-86ecc1b338e6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=13da77b3-d73e-4221-a4e6-594ff5798a38&tw_document_href=https%3A%2F%2Fwww.theraflu.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4o1k&type=javascript&version=2.3.27
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
103
date
Sat, 17 Sep 2022 01:45:33 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7be5c5c25f4af782516484f0a034d5c526f139a72bb8d3bbd9b8efdfd8b8399d
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=44ff2ecf-9355-4f68-b67c-86ecc1b338e6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=13da77b3-d73e-4221-a4e6-594ff5798a38&tw_document_href=https%3A%2F%2Fwww.theraflu.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4o1k&type=javascript&version=2.3.27
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
103
date
Sat, 17 Sep 2022 01:45:33 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8db34149a0a881adb2e583c77a4238d69e5ea188e6b11e658afba2e71b5c86b5
content-length
43
36002515.js
bat.bing.com/p/action/ 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/36002515.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c55224d531aa06c42233df8a379732b5ccc13a382104cedbee8a532dde31fafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 724C927E34904BD58E4BA5FA8272BAF3 Ref B: FRAEDGE1510 Ref C: 2022-09-17T01:45:33Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
date
Sat, 17 Sep 2022 01:45:32 GMT
content-length
667
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=36002515&Ver=2&mid=2ef147d8-6722-4380-8a9b-0ba72cee0109&sid=6b2164f0362a11edb4c7e77ef700a09f&vid=6b219640362a11ed990d456b2b7b4538&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&p=https%3A%2F%2Fwww.theraflu.com%2F&r=&lt=2056&evt=pageLoad&sv=1&rn=450978
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 00FDAA285ED04BA3BF9F0251EF010C8D Ref B: FRAEDGE1510 Ref C: 2022-09-17T01:45:33Z
date
Sat, 17 Sep 2022 01:45:32 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4Q47Q3C7RV&gtm=2oe9e0&_p=1336285398&cid=613201710.1663379133&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663379133&sct=1&seg=0&dl=https%3A%2F%2Fwww.theraflu.com%2F&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Q47Q3C7RV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theraflu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TN9NWLYCYS&gtm=2oe9e0&_p=1336285398&cid=613201710.1663379133&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663379133&sct=1&seg=0&dl=https%3A%2F%2Fwww.theraflu.com%2F&dt=Powerful%20Relief%20from%20Cold%20and%20Flu%20Symptoms%20%7C%20Theraflu&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TN9NWLYCYS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theraflu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a.gif
network-a.bazaarvoice.com/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://network-a.bazaarvoice.com/a.gif?loadId=eb730293191d9a67ef29&BVBRANDID=2db4f838-87d5-4727-91f1-6e2f40023926&BVBRANDSID=c218c028-80bc-4928-bdd7-8b5250ef8cd9&tz=0&sourceVersion=3.15.7&magpieJsVersion=3.15.7&source=bv-loader&environment=prod&client=theraflu&dc=15779&host=www.theraflu.com&r_batch=!((bvProduct:bv-loader,bvProductVersion:%2713.9.3%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:%272.9000%27,endTime:%272669.1000%27,locale:en_US,name:timeToRunScout,startTime:%272666.2000%27,type:Performance))&_=lu4gr1
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.131.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-131-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
cache-control
no-cache, no-transform, must-revalidate, max-age=0
content-type
image/gif
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
content-length
43
expires
-1
a.gif
network-a.bazaarvoice.com/ 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://network-a.bazaarvoice.com/a.gif?cl=PageView&loadId=eb730293191d9a67ef29&type=Embedded&BVBRANDID=2db4f838-87d5-4727-91f1-6e2f40023926&BVBRANDSID=c218c028-80bc-4928-bdd7-8b5250ef8cd9&tz=0&sourceVersion=3.15.7&magpieJsVersion=3.15.7&source=bv-loader&environment=prod&client=theraflu&dc=15779&host=www.theraflu.com&locale=en_US&deploymentZone=main_site&displaySegment=baseline&bvProduct=InlineRatings&bvProductVersion=2.3.3&href=https://www.theraflu.com/&canurl=https://www.theraflu.com/&res=1600x1200&lang=en-us&charset=UTF-8&geo=1&cookies=1&r_t=(con:200,dns:137,load:-1663379131509,req:383,res:2,tot:-1663379130426)&_=20q47y&ref=
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.131.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-131-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
cache-control
no-cache, no-transform, must-revalidate, max-age=0
content-type
image/gif
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
content-length
43
expires
-1
en-US.json
cdn.userway.org/widgetapp/2022-09-15/locales/ 		433 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-09-15/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:33 GMT
via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
etag
W/"0c4b53012957584c54e80867ff489590"
age
4
x-77-cache
HIT
x-cache
HIT
x-age
122615
content-encoding
br
vary
Origin
x-77-nzt
Abm0DAa0avr/994BAA
x-accel-expires
@1689176518
last-modified
Thu, 15 Sep 2022 15:31:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
J4LH391Y/i0
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
https://www.theraflu.com
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
SigHuwtEH6TaUTiMGfCt7wXJ1Ew8GN1KHYk4ofh09oH12fHqLdQb_w==
accounts.webSdkBootstrap
accounts.us1.gigya.com/ Frame F1BC 		199 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.us1.gigya.com/accounts.webSdkBootstrap?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdk=js_latest&sdkBuild=13398&format=json
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.205.239.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90c998ebb018ac3c556c82fc4e93a764e8de2fe0e95a86d56d1c5a51e80fee42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdns.us1.gigya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:33 GMT
Content-Encoding
gzip
Vary
Origin, Accept-Encoding
x-soa
true, Gator
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Server-Timing
cdn-cache; desc=MISS, edge; dur=83, origin; dur=22
Content-Length
167
Cache-Control
private
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://cdns.us1.gigya.com
x-callid
c989515ba9544845bc5de0ad8c433049
Connection
keep-alive
x-server
us1d-nomad-g59
Access-Control-Allow-Credentials
true
x-robots-tag
none
dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.th...
adservice.google.com/ddm/fls/i/ Frame 6A01 		575 B
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Requested by
Host: 9174324.fls.doubleclick.net
URL: https://9174324.fls.doubleclick.net/activityi;dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1da50c7a8a340561fb38dbb965cff582417efecea9a087f8f4aa0a36c27269c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9174324.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
413
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
adservice.google.com/ddm/fls/i/ Frame 301A 		482 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Requested by
Host: 5116519.fls.doubleclick.net
URL: https://5116519.fls.doubleclick.net/activityi;dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab9ff497cb8d29e10e4d6c35f9d2a8c8d2a55a4ef563d2c621ba6ca7bcc51bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5116519.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
380
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
adservice.google.com/ddm/fls/i/ Frame EF97 		484 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Requested by
Host: 5116519.fls.doubleclick.net
URL: https://5116519.fls.doubleclick.net/activityi;dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
080cbdfc8662a27c9240e3a8dae301fbde5da8d9881a586927f9a6a2f7e88fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5116519.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
382
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=421904308779386&ev=PageView&dl=https%3A%2F%2Fwww.theraflu.com%2F&rl=&if=false&ts=1663379133371&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663379133360.1702227250&ic=fbpixel&it=1663379133199&coo=false&rqm=GET
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 17 Sep 2022 01:45:33 GMT
dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
adservice.google.de/ddm/fls/i/ Frame B985 		194 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJLD75LamvoCFR1GHQkdakgL_g;src=5116519;type=thera001;cat=thera0;ord=3894075896559;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Sat, 17 Sep 2022 01:45:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
adservice.google.de/ddm/fls/i/ Frame 2C43 		194 B
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLXs8ZLamvoCFfJBHQkdRckM9Q;src=5116519;type=therpgvw;cat=therpgvw;ord=9753796057003;gtm=2wg9e0;auiddc=1271728410.1663379133;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Sat, 17 Sep 2022 01:45:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
36002515
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/36002515
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/36002515.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2066 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
54a607c8b1b5ccd72c19b3804f2cddb9653ac07d3b7bda05abd418f1644c68cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
x-powered-by
ASP.NET
x-azure-ref
0vSYlYwAAAACnSQ7/10Y3R7ahf/cO2ndhSVNUMzBFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.th...
adservice.google.de/ddm/fls/i/ Frame 88ED 		194 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPyv75LamvoCFR1GHQkdakgL_g;src=9174324;type=unvfls;cat=unvfls;ord=1705874625055;gtm=2wg9e0;auiddc=1271728410.1663379133;u1=respiratory;u2=theraflu;u3=www.theraflu.com;u4=https%3A%2F%2Fwww.theraflu.com%2F;u5=%2F;u6=;~oref=https%3A%2F%2Fwww.theraflu.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
expires
Sat, 17 Sep 2022 01:45:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sso.htm
cdns.us1.gigya.com/gs/ Frame ACC4 		88 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ba34402b0cd2648bbe500ebb0cb1951ca95b2267bab260f93e500904fd806c96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400, s-maxage=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
31513
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Sep 2022 01:45:33 GMT
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-callid
e472e3a0c1ba471cb7d6a5fa44147d5e
x-robots-tag
none
x-server
us1d-nomad-g50
x-soa
true, Gator
sso.htm
cdns.us1.gigya.com/gs/ Frame 23BB 		88 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ba34402b0cd2648bbe500ebb0cb1951ca95b2267bab260f93e500904fd806c96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400, s-maxage=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
31513
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Sep 2022 01:45:33 GMT
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-callid
e472e3a0c1ba471cb7d6a5fa44147d5e
x-robots-tag
none
x-server
us1d-nomad-g50
x-soa
true, Gator
sdk.config.get
cdns.us1.gigya.com/ Frame ACC4 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&httpStatusCodes=true
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
395e77512d7c305596b4b1807482121128ed765135bdb1a6e9c71f1791f88d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:33 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
86f9c40db68d421b98f12afee734d3b4
Cache-Control
public, max-age=86400, s-maxage=72000
x-server
us1d-nomad-g31
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
1336
sdk.config.get
cdns.us1.gigya.com/ Frame 23BB 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&httpStatusCodes=true
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
395e77512d7c305596b4b1807482121128ed765135bdb1a6e9c71f1791f88d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:33 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
86f9c40db68d421b98f12afee734d3b4
Cache-Control
public, max-age=86400, s-maxage=72000
x-server
us1d-nomad-g31
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
1336
statistics.json
api.bazaarvoice.com/data/ 		638 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bazaarvoice.com/data/statistics.json?apiversion=5.4&passkey=cadrx5NGBIe1K9x4n2wOWT9DeopcwvAmImNovl4E0WlVY&stats=Reviews&filter=ContentLocale:en_US,en&filter=ProductId:day-time,tea-infusion-night,night-time
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/apps/inline_ratings/inline_ratings-2.3.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.16.236.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-236-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0ab32ec243690596e0afdf3a8c5134e019909452b7db3f694809b933c3e235d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:33 GMT
Content-Encoding
gzip
X-Bazaarvoice-Quota-Allotted
7200000
Transfer-Encoding
chunked
X-Bazaarvoice-Api-Version
5.4
Connection
keep-alive
X-Bazaarvoice-Quota-Current
113
X-Bazaarvoice-QPM-Current
1
X-Bazaarvoice-QPM-Allotted
3000
Server
nginx
X-Bazaarvoice-QPS-Allotted
50
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.theraflu.com
Access-Control-Expose-Headers
X-Bazaarvoice-Api-Version,X-Bazaarvoice-Original-MessageId,X-Bazaarvoice-Platform-Version,X-Bazaarvoice-QPM-Allotted,X-Bazaarvoice-QPM-Current,X-Bazaarvoice-QPS-Allotted,X-Bazaarvoice-QPS-Current,X-Bazaarvoice-Quota-Allotted,X-Bazaarvoice-Quota-Current,X-Bazaarvoice-Quota-Reset,X-Requested-With,X-CSRF-Token,Content-Type
X-Bazaarvoice-Platform-Version
2
X-Bazaarvoice-Original-MessageId
rrt-0c4794a1a50f37993-b-ea-17248-1834323454-1
X-Bazaarvoice-QPS-Current
1
X-Bazaarvoice-Quota-Reset
2022-09-17T02:00:00.000Z
sso.htm
cdns.us1.gigya.com/gs/ Frame 7806 		88 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ba34402b0cd2648bbe500ebb0cb1951ca95b2267bab260f93e500904fd806c96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400, s-maxage=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
31513
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Sep 2022 01:45:33 GMT
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-callid
e472e3a0c1ba471cb7d6a5fa44147d5e
x-robots-tag
none
x-server
us1d-nomad-g50
x-soa
true, Gator
accounts.getScreenSets
accounts.us1.gigya.com/ Frame F1BC 		48 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.us1.gigya.com/accounts.getScreenSets?screenSetIDs=Theraflu-Coupons-Mail&include=html%2Ccss%2Cjavascript%2Ctranslations%2C&lang=en&APIKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdkBuild=13398&format=json&httpStatusCodes=true
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.205.239.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02b3818994d2e06a55e307a2cca57f5e4327ddda8754d07bcbe0f9491fc39f17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdns.us1.gigya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:33 GMT
Content-Encoding
gzip
Vary
Origin, Accept-Encoding
x-soa
true, Gator
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Server-Timing
cdn-cache; desc=MISS, edge; dur=80, origin; dur=22
Content-Length
8492
Cache-Control
private
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://cdns.us1.gigya.com
x-callid
97668600473640e4a0b8776dc52de0d7
Connection
keep-alive
x-server
us1d-nomad-g60
Access-Control-Allow-Credentials
true
x-robots-tag
none
clarity.js
www.clarity.ms/eus2/s/0.6.40/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/36002515
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2066 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:33 GMT
content-encoding
br
etag
"1d8bd4806fdad30"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0vSYlYwAAAAAum8PayrJdT7Aczi3m0GLbSVNUMzBFREdFMDUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
sdk.config.get
cdns.us1.gigya.com/ Frame 7806 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&httpStatusCodes=true
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
395e77512d7c305596b4b1807482121128ed765135bdb1a6e9c71f1791f88d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdns.us1.gigya.com/gs/sso.htm?APIKey=3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz&ssoSegment=&version=latest&build=13398
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:33 GMT
Content-Encoding
gzip
Content-Type
text/javascript; charset=utf-8
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
86f9c40db68d421b98f12afee734d3b4
Cache-Control
public, max-age=86400, s-maxage=72000
x-server
us1d-nomad-g31
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
1336
remediation_1663255681889.js
cdn.userway.org/widgetapp/2022-09-15/remediation/ 		152 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-09-15/remediation/remediation_1663255681889.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
78a609c61db16c4eb713bce1750081dae50d30934f5d40548cdfa183b705b3ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:33 GMT
via
1.1 0b828d2972235c5e8de186e29f1866fc.cloudfront.net (CloudFront)
etag
W/"168c50650616ef4503b46e1957a90b75"
age
51
x-77-cache
HIT
x-cache
HIT
x-age
122611
content-encoding
br
vary
Accept-Encoding
x-77-nzt
Abm0DAYXtcj/894BAA
x-accel-expires
@1689176522
last-modified
Thu, 15 Sep 2022 15:31:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
TnQWbkfbLX8
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
GmHIXqsyBM0E9cyYNxCxgrL-nh5QHAAoU9NQVm_bX_sMokKUJKunnQ==
wT3GSsSvy6RgjRHT.json
cdn.userway.org/remediations/consolidated/1826520/ 		54 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/1826520/wT3GSsSvy6RgjRHT.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
959b53c1450c34e1f67bb807eea2b048cec0ba3f124ae938531af2c58c242924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:33 GMT
via
1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
etag
W/"ffcae0e911179cce15da7bf00b6a26ca"
age
6227
x-77-cache
HIT
x-cache
HIT
x-age
19642
content-encoding
br
vary
Accept-Encoding, Origin
x-77-nzt
Abm0DAYj7aL/ukwAAA
x-accel-expires
@1694895491
last-modified
Fri, 16 Sep 2022 18:29:39 GMT
server
CDN77-Turbo
x-77-nzt-ray
Hqjk2BBBjEQ
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
https://www.theraflu.com
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
Nk0QXfZRSLrfgSmvvvhVpWqeWqaATc7DgPKoXKe94fynXkmoXv0NOA==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:33 GMT
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
age
3
x-77-cache
HIT
x-cache
HIT
x-age
4373720
content-encoding
br
x-77-nzt
Abm0DAYLWlP/2LxCAA
x-accel-expires
@1684925413
last-modified
Sun, 17 Jul 2022 17:46:41 GMT
server
CDN77-Turbo
x-77-nzt-ray
OdrkOhtuuCM
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
jSMg-h6heHkDf5FSn6UcQGHQSvzXovlvOUK_akOZRvgGoOn0v8ID8A==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:33 GMT
via
1.1 de9b04903710e9099bfc75aaf59c8eda.cloudfront.net (CloudFront)
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
age
3
x-77-cache
HIT
x-cache
HIT
x-age
4373720
content-encoding
br
vary
Accept-Encoding
x-77-nzt
Abm0DAZNoJP/2LxCAA
x-accel-expires
@1684925413
last-modified
Sun, 17 Jul 2022 17:46:41 GMT
server
CDN77-Turbo
x-77-nzt-ray
3L+iUaqLTN4
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
ByaLXA0ks_XQaJGkBnz9t2UBTVGW3x97w1kuAJChq6Qj_xyxJR1sYw==
/
www.facebook.com/tr/ Frame B7ED 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.theraflu.com
Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.theraflu.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 01:45:33 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
links
api.userway.org/api/br-links/v0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.120.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-120-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theraflu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
date
Sat, 17 Sep 2022 01:45:34 GMT
x-service-version
apps-bf5bf1e2
bigLoader.gif
cdns1.gigya.com/gs/i//accounts/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdns1.gigya.com/gs/i//accounts/bigLoader.gif
Requested by
Host: www.theraflu.com
URL: https://www.theraflu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.252 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45a4c07e164d3d803b62494a3d2ded0555eee1c6fb4940de3f98fa9c4fb08c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-version
1
Date
Sat, 17 Sep 2022 01:45:34 GMT
Content-Type
image/gif
Last-Modified
Tue, 28 Jun 2022 00:03:07 GMT
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-legacyproxy
true
Cache-Control
max-age=86400
x-server
us1d-web505
Connection
keep-alive
Accept-Ranges
bytes
x-robots-tag
none
Content-Length
3208
links
api.userway.org/api/br-links/v0/ 		296 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.120.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-120-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
408615f1ff8157f7c19bca177ad31ce21df39fe4565a5ec56ef50724fa1ff416

Request headers

Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Sep 2022 01:45:34 GMT
etag
W/"128-aK5wm76vr0SAmogODHBOH8pNjGU"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-headers
*
content-length
296
x-service-version
apps-bf5bf1e2
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
accounts.getSchema
accounts.us1.gigya.com/ Frame F1BC 		117 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.us1.gigya.com/accounts.getSchema?APIKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fwww.theraflu.com%2F&sdkBuild=13398&format=json
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ&version=latest&build=13398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.205.239.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6806118222b825a7c0f8b10faba1c21b7a71bd8a5079ac08593911c9f076231a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdns.us1.gigya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 01:45:34 GMT
Content-Encoding
gzip
Vary
Origin, Accept-Encoding
x-soa
true, Gator
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Server-Timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=26
Content-Length
8480
Cache-Control
private
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://cdns.us1.gigya.com
x-callid
8637a08d43784af19d0080f5efef45af
Connection
keep-alive
x-server
us1d-nomad-g41
Access-Control-Allow-Credentials
true
x-robots-tag
none
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=CD90995906EA4150A77D4676850CACD4&RedC=c.clarity.ms&MXFR=1107997E164F6DC83FBE8B5C124F633E
  • https://c.clarity.ms/c.gif?CtsSyncId=CD90995906EA4150A77D4676850CACD4&MUID=3D5CE82EC5FD6A423FD5FA0CC4966B0B
42 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=CD90995906EA4150A77D4676850CACD4&MUID=3D5CE82EC5FD6A423FD5FA0CC4966B0B
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:34 GMT
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8d3298b0aac7d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 01:45:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E214DC7A82D44CA1BB51BC72141E61C6 Ref B: FRAEDGE1510 Ref C: 2022-09-17T01:45:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=CD90995906EA4150A77D4676850CACD4&MUID=3D5CE82EC5FD6A423FD5FA0CC4966B0B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
mega_menu_helper1663255681889.js
cdn.userway.org/widgetapp/2022-09-15/remediation/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-09-15/remediation/mega_menu_helper1663255681889.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Sat, 17 Sep 2022 01:45:34 GMT
via
1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront)
etag
W/"958b69af992f3dd795e8cc5960298ea2"
age
21
x-77-cache
HIT
x-cache
HIT
x-age
122593
content-encoding
br
vary
Accept-Encoding
x-77-nzt
Abm0DAZta23/4d4BAA
x-accel-expires
@1689176541
last-modified
Thu, 15 Sep 2022 15:31:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
0KiR4+VDD6c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
5ABXzruhVpAf7QogKYPuFAkB_REXFOJRwr4PJWyFNqlj_vvq_tMxfg==
up
insight.adsrvr.org/track/ Frame 4A82 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=2obq2qw&ref=https%3A%2F%2Fwww.theraflu.com%2F&upid=4uicnfj&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theraflu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Sat, 17 Sep 2022 01:45:34 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
collect
b.clarity.ms/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.theraflu.com
date
Sat, 17 Sep 2022 01:45:34 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Theraflu_Badge_Brandmark_1000.png
www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theraflu.com/content/dam/cf-consumer-healthcare/bp-theraflu/en_US/global/logo/Theraflu_Badge_Brandmark_1000.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.251.65.90 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
d69a6abf613d9a93ddef9e91dca9343b6cc8ad3425fab992a985fa5b53a19334
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:34 GMT
last-modified
Thu, 15 Sep 2022 09:37:30 GMT
server
Apache
etag
"20afa-5e8b3fe8b9763"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public, s-maxage=86400
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
133882
3009624906045363
api.userway.org/api/remediation/moderation/by-page/1826520/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/remediation/moderation/by-page/1826520/3009624906045363
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.120.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-120-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:34 GMT
etag
W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
3350
x-service-version
uw-pr
collect
b.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.theraflu.com
date
Sat, 17 Sep 2022 01:45:34 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
links
api.userway.org/api/br-links/v0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.120.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-120-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theraflu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
date
Sat, 17 Sep 2022 01:45:34 GMT
x-service-version
apps-bf5bf1e2
links
api.userway.org/api/br-links/v0/ 		16 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.120.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-120-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7d64c0f6803a5aa71811cd41042f1ec93970a2108b6f2525bba1266e275f97ff

Request headers

Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Sep 2022 01:45:35 GMT
etag
W/"10-M4rzzouXWtBua5Y8KRdwuzlKY/k"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-headers
*
content-length
16
x-service-version
apps-bf5bf1e2
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
collect
b.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.theraflu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.theraflu.com
date
Sat, 17 Sep 2022 01:45:36 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.theraflu.com%2F/DESKTOP/WIDGET_ON/ 		77 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.theraflu.com%2F/DESKTOP/WIDGET_ON/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-15/widget_app_base_1663255681889.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.120.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-120-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theraflu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:45:38 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-627375bc
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| bgset object| lazySizesConfig object| lazySizes object| html5 object| Modernizr function| yepnope object| dataLayer object| google_tag_manager object| google_optimize object| gigya object| utag_data object| gigyaCustomLang object| $jscomp function| $jscomp$lookupPolyfilledValue object| Cog object| cf function| ConditionalComponentLoad object| condCompLoad object| gigyaraas object| btnblock1 object| btnblock2 object| btnblock3 object| block1 object| block2 object| block3 function| removeAct function| removeActive undefined| $ undefined| jQuery function| _ function| picturefill function| Hammer object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| moment object| ajaxHandlers function| generateID function| timeStriToMs function| hexToRgb function| accordionHeight function| offset function| bpHashChangeHandler object| bpComponents function| getIeVersion function| GTMTracker function| slug object| BPIntervals boolean| buttonUsed function| initFilters string| revTraxBasURL object| rtRegContainers function| revTraxCoupon function| removeRegForm function| onYouTubeIframeAPIReady string| country number| accordionHeightTimeout object| bpObj object| carousels function| postscribe object| google_tag_manager_external object| google_tag_data object| UserWayWidgetApp object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| OneTrustStub function| OptanonWrapper object| resolver function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| supportedLanguages object| mapToSupportedLanguages object| supportedLocales string| DEFAULT_FALLBACK_LANGUAGE function| supports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust string| GoogleAnalyticsObject function| ga function| twq object| uetq function| fbq function| _fbq object| BV object| _bvaq object| $BV object| gaplugins object| gaGlobal object| gaData object| twttr function| UET function| UET_init function| UET_push object| ueto_ab3d01e021 object| _bva object| tiMonitor function| EMPTY_FUN undefined| UNDEF object| taginspector string| ua function| ttd_dom_ready function| TTDUniversalPixelApi function| clarity function| gtag object| UserWay function| __awaiter function| __generator string| cookie object| forPM

41 Cookies

Domain/Path Name / Value
theraflu.com/ Name: ApplicationGatewayAffinity
Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
www.theraflu.com/ Name: ApplicationGatewayAffinityCORS
Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
www.theraflu.com/ Name: ApplicationGatewayAffinity
Value: d625583a4d6fda0f8ecdd2f81c3a0e5b
origin-cf65.ch-static.com/ Name: ApplicationGatewayAffinityCORS
Value: 10572c55e27a732a27adc05931861514
.www.theraflu.com/ Name: gig_canary
Value: false
.www.theraflu.com/ Name: gig_canary_ver
Value: 13394-3-27722985
.youtube.com/ Name: YSC
Value: RKrs0WLkUQg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4LpAvMHaDiI
.theraflu.com/ Name: _gcl_au
Value: 1.1.1271728410.1663379133
.theraflu.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sat+Sep+17+2022+01%3A45%3A33+GMT%2B0000+(GMT)&version=6.36.0&hosts=&consentId=6e3b987d-c602-4f8d-99d9-3687d231a919&interactionCount=0&landingPath=https%3A%2F%2Fwww.theraflu.com%2F&groups=1%3A1%2C3%3A1%2C2%3A1%2C4%3A1%2C5%3A1
.bing.com/ Name: MUID
Value: 3D5CE82EC5FD6A423FD5FA0CC4966B0B
.theraflu.com/ Name: _gid
Value: GA1.2.7754385.1663379133
.theraflu.com/ Name: _dc_gtm_UA-38587364-3
Value: 1
.theraflu.com/ Name: _gat_UA-135635203-1
Value: 1
.cdns.us1.gigya.com/ Name: apiDomain_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz
Value: us1.gigya.com
.theraflu.com/ Name: _uetsid
Value: 6b2164f0362a11edb4c7e77ef700a09f
.theraflu.com/ Name: _uetvid
Value: 6b219640362a11ed990d456b2b7b4538
.theraflu.com/ Name: _ga_4Q47Q3C7RV
Value: GS1.1.1663379133.1.0.1663379133.0.0.0
.theraflu.com/ Name: _ga
Value: GA1.1.613201710.1663379133
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.theraflu.com/ Name: _ga_TN9NWLYCYS
Value: GS1.1.1663379133.1.0.1663379133.0.0.0
.theraflu.com/ Name: BVBRANDID
Value: 2db4f838-87d5-4727-91f1-6e2f40023926
.theraflu.com/ Name: BVBRANDSID
Value: c218c028-80bc-4928-bdd7-8b5250ef8cd9
.t.co/ Name: muc_ads
Value: 31ea3726-fe8f-4d86-a862-6c3687992aae
.theraflu.com/ Name: _fbp
Value: fb.1.1663379133360.1702227250
.gigya.com/ Name: gmid
Value: gmid.ver4.AcbHh6IvfQ.9JJG5nkrTb1AmnHG4zPE4kZlng98L76rSPM6vR3Icr5jVlLS26nz_UrZSm0KhXDw.QqI_M0hfCt4zDcWgCOJDgxhBBPM2tXrPGO-N0OZXpmdUcKYCgVX9oXwnr8MfNhbkKHQ-8_8ykrgDjFbS9iqAjQ.sc3
.gigya.com/ Name: ucid
Value: MfkNCJTA91V10qkR96fZdw
.gigya.com/ Name: hasGmid
Value: ver4
.theraflu.com/ Name: gig_bootstrap_3_bzpjRk206ccefb3vooht5EOg-NJ0nhkhK9Lq59aZsSrDwCdGo510HRGBdrvh6SzZ
Value: _gigya_ver4
.twitter.com/ Name: personalization_id
Value: "v1_8DJ177tA3RRO+JGJjnLnlA=="
.amazon-adsystem.com/ Name: ad-id
Value: A3GDFe6a-0ONqrOV4UuPqYA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.cdns.us1.gigya.com/ Name: gig_canary_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz
Value: false
.cdns.us1.gigya.com/ Name: gig_canary_ver_3_99l72FT8LLNTQuIz09azS3_QunznLcu8dzx_lvIrd3MpjgC79FdUh_wmipBaT1Rz
Value: 13394-3-27722985
www.clarity.ms/ Name: CLID
Value: a305551c17b2454b935c1caa1af21e41.20220917.20230917
.theraflu.com/ Name: _clck
Value: p3kztz|1|f4y|0
.c.bing.com/ Name: SRM_B
Value: 3D5CE82EC5FD6A423FD5FA0CC4966B0B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3D5CE82EC5FD6A423FD5FA0CC4966B0B
.c.clarity.ms/ Name: ANONCHK
Value: 0
.theraflu.com/ Name: _clsk
Value: 9wxpo7|1663379134474|1|1|b.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5116519.fls.doubleclick.net
9174324.fls.doubleclick.net
accounts.us1.gigya.com
adservice.google.com
adservice.google.de
analytics-static.ugc.bazaarvoice.com
analytics.twitter.com
api.bazaarvoice.com
api.userway.org
apps.bazaarvoice.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cdn.userway.org
cdns.gigya.com
cdns.us1.gigya.com
cdns1.gigya.com
connect.facebook.net
d22xmn10vbouk4.cloudfront.net
geolocation.onetrust.com
i-cf65.ch-static.com
insight.adsrvr.org
js.adsrvr.org
network-a.bazaarvoice.com
origin-cf65.ch-static.com
region1.google-analytics.com
s.amazon-adsystem.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
theraflu.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.theraflu.com
www.youtube.com
104.244.42.131
104.244.42.133
108.138.15.119
142.250.186.134
18.66.137.15
199.232.16.157
2.18.168.252
20.234.93.27
20.75.32.255
2001:4860:4802:32::36
209.54.182.161
23.205.239.224
2600:9000:206e:2200:1c:58a3:4780:93a1
2600:9000:2304:6000:d:274d:a6c0:93a1
2606:4700:4400::6812:2962
2606:4700::6810:9540
2620:1ec:27::cafe:2066
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9a
2a02:6ea0:cb00::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::720
52.16.236.35
52.207.131.147
52.223.40.198
52.251.65.90
52.252.73.133
54.201.120.27
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
01774528ba9b62783c0e66ed383697b4a5aebe62cf26d961c25e1c4488a6f25b
02b3818994d2e06a55e307a2cca57f5e4327ddda8754d07bcbe0f9491fc39f17
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06c0a8ec8fcbce53e10a7157f2b7aa9cbffbcc8c80d5f26df2481fa38e42731b
080cbdfc8662a27c9240e3a8dae301fbde5da8d9881a586927f9a6a2f7e88fce
08260f312712c787ddd4ad9bf7ff014132de69acadec85b14870d2ec57d0472c
0ab32ec243690596e0afdf3a8c5134e019909452b7db3f694809b933c3e235d5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b1ed45698d8402655737dc3f812a2e5d436383daa6c1f3c9d1e28f8ed580fe
19d28149d9198cb5239ccd57d22a11d02e0c24d56667441f958b5ed411b5210f
1b48e10556f97f46935c3b01669716113f92de668624393b6cfc2d8b08480e6f
1da50c7a8a340561fb38dbb965cff582417efecea9a087f8f4aa0a36c27269c6
1debfa5a3db821b38298aa1aaf3599e86c8ed17728309c968d58cad26e24c242
1fcce68211ce42ba911ee532c5c07020ba0779f22af953bddf2dd9e2a71aca2f
22a4b25b2bdaad655753272d16f571f8ae8841013897836942170bd7835c5d22
264ed42866ef7ecd8dbb14666ee620b32d43136fb56424740e7a9687025037ed
26ae5f86ddbdac7fcbecfe5f5af3abe10c1d002ec3a3c4bf9e47ff9c3a523ed9
286fdacfe4ef414dfbfe334c540a80bd9dcdf5a23ef430296da7974c2f8d7299
2aefaf2bb21644a48498e278a4ab9535d0453a5567e903276bd2b567626e9af3
2ce5e4f249f1f4c10edf4c5c87b5edb22d137cc074a67c791a1cefe8ae72b3ae
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
32226224fc783f4505f237c1c8b724eabe387796785b714ca907ec91b3544261
389e39b80b5973ffc493d0877a65faa181f506e841d3330d1e64dd1ff9116b3c
395e77512d7c305596b4b1807482121128ed765135bdb1a6e9c71f1791f88d20
3b58eed50f50fb815c1924ed5d571f41316ea94e22cb7974a736c7a179781415
3fd26b2b4969eaf06cc8d7564d783a3240e0d35c357268f95c423a0b3d031470
408287a1bd01b7b9953ff00cbbf098138868b6c447324e3dd834a066834c54ef
408615f1ff8157f7c19bca177ad31ce21df39fe4565a5ec56ef50724fa1ff416
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
41d8a6394ab7e9055f7575f39d686b95ab74f61e12d393868c914e6396e44a80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c07e164d3d803b62494a3d2ded0555eee1c6fb4940de3f98fa9c4fb08c7e
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
54a607c8b1b5ccd72c19b3804f2cddb9653ac07d3b7bda05abd418f1644c68cf
570c43086cde7e26fb4eaedba2f0360ce566720f760be20d53e59b60f9eb64eb
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
6806118222b825a7c0f8b10faba1c21b7a71bd8a5079ac08593911c9f076231a
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
6af73e1c9deec74f341b333a4631365f9c2b36866959357d6019dc6007280d62
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f0b28265fa6a36c271288d34c43f42b4afeadb36c469f5d262eb319517314c1
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
78a609c61db16c4eb713bce1750081dae50d30934f5d40548cdfa183b705b3ea
78c8665d0f5bac8262af308a41b51deb34cdbbeda47c691d51cce6ebee77211b
7a4a40defad2f7ae3143a3e1d1ffd56926d1eb45e927a5b94a3e80a441476479
7d64c0f6803a5aa71811cd41042f1ec93970a2108b6f2525bba1266e275f97ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84b08206e98c7c8daf067d0301b3319a1723bb65f97177c1e6203ffc4a261682
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c998ebb018ac3c556c82fc4e93a764e8de2fe0e95a86d56d1c5a51e80fee42
93af54adc33397f5066cab862cc3659487a50f87a2276408681709c85b2c44ac
93ee439f9d69f954c2d09dfcafe981898ef7f03d8efb0adcac942eb5e9d385e9
959b53c1450c34e1f67bb807eea2b048cec0ba3f124ae938531af2c58c242924
968c5a5b3f187b1b669bcdaed073b652d8b27645fd95c3bc38ce236ff4270764
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af46835a32014c65f82122e99073ae727a87222d7dc41935d44edc23f2507b9
9da515728c9e04f63bfc84894e899fb538ce44ad1c53d2e91e92579ad19c47be
9fad81ea82bcde8b8400cae57772da4c6edc2ccb2cc7f4ace0d10f79ce88fd69
a105d7671a688f86c010879ab28395f3e7464d6d9da2a976fb1097dfd20f3ea0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c3e1cd939d41c1762bc30e82b789162995ce90b9b9cf30ff3264f1e30549cc
ab9ff497cb8d29e10e4d6c35f9d2a8c8d2a55a4ef563d2c621ba6ca7bcc51bc1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af142e7e56c1482d6bde1f9ef0b14c7aba6d065e16ef86109c0e0d636b4eb52e
af9bdf086f50ee9a169c5436a8e9f7484eff26555c4fc8dc3cc73ec54cc38c09
ba34402b0cd2648bbe500ebb0cb1951ca95b2267bab260f93e500904fd806c96
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bfd841fc2fd58f52cf9581ffe06f11ae4832e8ea71e6fd2b167658100da09b80
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b636a8478b30afb73d531830e2745c764e543c8d85fcc37ad1e30ec5501306
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c546a56304aa4a54b59f5bb03a03c954dcdde4ffebe168411bd4a5b8f60ed358
c55224d531aa06c42233df8a379732b5ccc13a382104cedbee8a532dde31fafb
c6790583c22d819cf41d658edb354ebff6d5c483ef558b5c0c8b9b1af9a9ee31
c82668106a46ff4624d06f82252d79db40081cba3cfaefe6e99abac02bc2848e
c9af4fed899c107f0bb35755515dc435ce692d298d90433f076c168acf038f80
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
cbbeee8ccca4b8afb33798cbfcfcb398c60c0fe88152aba04e5111e64965f375
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d585ea90b33024f593c4a3665e8767e9dfdf8b84b7b0874a163c266b8b2f3ab1
d69a6abf613d9a93ddef9e91dca9343b6cc8ad3425fab992a985fa5b53a19334
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0887e40e08128ea5ab270e32e3f43762459fa59f4db0c17b6fd3f49d8a542ba
e09899b8901eea8c77d681427930b5e25aea5ac19bd3a2889c7defc379f7af7c
e1259e8ccc9e83819d0e30ef5a2260b41b75bce4e16733280fc2fab1ed8969f9
e2d4580826066e1532c01cc968fd02336e372b28773584a80c37801a22445a06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e590be76cc7da79523e4567b8f2f8f842e852bc6c24b22e048da562ec040aa76
e68683445de234abc922683ad4cb3b1f0e5db14a08ecd48df0fe928cad639429
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e20aec5fa6e4057627c9e39a8f59270439c74b3c6d2a53f5f292c98ee88459
f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3
f40209e22b8a414f7bcb814f5b570460b1dc47ed8a8acad273c89f8423375434
f4ff09114fe8347b049da92e9d0fbf377e13516bd38924187a7bc727e3b5307f
f66b7f749bcdc2c9c8f0c2c266bc22f5ecf21157b23812d109916c6b2f6eb093
f94f1b119780ba1de8898f05ebc190c039eafa857d0e9b82286bba6790f8bdc6
fcc3ba6f990b4233df69c23f0cfd205059e4bad4d4a8038a6b475d10f736a764
fd55b351e9129e97cca1282c2331711420437adfc3c07de8c4f9228a32aa449f