app.thermea.ca Open in urlscan Pro
34.194.93.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.thermea.com/t/y-l-oikjjtt-irlhdihdjj-y/
Effective URL:
https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=ema...
Submission: On August 20 via api (August 20th 2021, 10:32:48 pm UTC) from US

Summary HTTP 56 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 19 domains to perform 56 HTTP transactions. The main IP is 34.194.93.61, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.thermea.ca.
TLS certificate: Issued by Amazon on September 20th 2020. Valid for: a year.

This is the only time app.thermea.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.52.43.40 13.52.43.40	16509 (AMAZON-02) (AMAZON-02)
21	34.194.93.61 34.194.93.61	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.96.34 13.224.96.34	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:28e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	63.32.159.255 63.32.159.255	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:38e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.76.54.153 54.76.54.153	16509 (AMAZON-02) (AMAZON-02)
1 1	34.249.249.121 34.249.249.121	16509 (AMAZON-02) (AMAZON-02)
1	34.251.77.56 34.251.77.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
56	22

1 13.52.43.40 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-43-40.us-west-1.compute.amazonaws.com

news.thermea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.194.93.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-93-61.compute-1.amazonaws.com

app.thermea.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-34.zrh50.r.cloudfront.net

i5.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:28e (United States)

ASN13335 (CLOUDFLARENET, US)

call.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.159.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:38e (United States)

ASN13335 (CLOUDFLARENET, US)

chat.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.54.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-54-153.eu-west-1.compute.amazonaws.com

lenordik.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.249.121 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-249-121.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.77.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-77-56.eu-west-1.compute.amazonaws.com

lenordik.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

nordik.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	thermea.ca app.thermea.ca	6 MB
5	chatra.io call.chatra.io chat.chatra.io static.chatra.io	276 KB
5	googleapis.com maps.googleapis.com fonts.googleapis.com	367 KB
4	gstatic.com fonts.gstatic.com	79 KB
3	facebook.net connect.facebook.net	102 KB
3	demdex.net dpm.demdex.net lenordik.demdex.net	5 KB
3	adobedtm.com assets.adobedtm.com	88 KB
2	omtrdc.net lenordik.tt.omtrdc.net nordik.sc.omtrdc.net	899 B
2	facebook.com www.facebook.com	294 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
1	google.de www.google.de	108 B
1	google.com www.google.com	108 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	crazyegg.com script.crazyegg.com
1	createsend1.com i5.createsend1.com	24 KB
1	thermea.com 1 redirects news.thermea.com	559 B
56	19

	Domain	Requested by
21	app.thermea.ca	app.thermea.ca
4	fonts.gstatic.com	fonts.googleapis.com
4	maps.googleapis.com	app.thermea.ca maps.googleapis.com
3	connect.facebook.net	assets.adobedtm.com connect.facebook.net
3	assets.adobedtm.com	app.thermea.ca assets.adobedtm.com
2	www.facebook.com	app.thermea.ca
2	static.chatra.io	chat.chatra.io
2	chat.chatra.io	call.chatra.io chat.chatra.io
2	secure.adnxs.com	1 redirects app.thermea.ca
2	dpm.demdex.net	assets.adobedtm.com app.thermea.ca
1	nordik.sc.omtrdc.net
1	www.google.de	app.thermea.ca
1	www.google.com	app.thermea.ca
1	googleads.g.doubleclick.net	www.googleadservices.com
1	lenordik.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	lenordik.demdex.net	assets.adobedtm.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	assets.adobedtm.com
1	call.chatra.io	app.thermea.ca
1	fonts.googleapis.com	app.thermea.ca
1	script.crazyegg.com	app.thermea.ca
1	i5.createsend1.com	app.thermea.ca
1	news.thermea.com	1 redirects
56	24

This site contains links to these domains. Also see Links.

Domain
outdatedbrowser.com
www.thermea.ca
tribu.groupenordik.com

Subject Issuer	Validity	Valid
thermea.ca Amazon	`2020-09-20` - `2021-10-20`	a year	crt.sh
*.createsend1.com DigiCert SHA2 Secure Server CA	`2020-06-17` - `2022-08-05`	2 years	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Frame ID: A153F00852A69ACD1D4E2DA604EAF316
Requests: 51 HTTP requests in this frame

Frame: https://chat.chatra.io/?isModern=true
Frame ID: 00C70E33C5579CA27A97894F27AFF413
Requests: 6 HTTP requests in this frame

Frame: https://lenordik.demdex.net/dest5.html?d_nsid=0
Frame ID: 0868FE2EF3B03D45BA359E9D3152AFDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gift Certificates - Thermea | Saunas | Massages | Body Treatments and more | Winnipeg, MB

Page URL History Show full URLs

https://news.thermea.com/t/y-l-oikjjtt-irlhdihdjj-y/ HTTP 302
https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

56
Requests

100 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

22
IPs

4
Countries

6718 kB
Transfer

9444 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://outdatedbrowser.com/en
Title: Consult the list of browsers

Search URL Search Domain Scan URL

URL: https://outdatedbrowser.com/fr
Title: Consultez la liste de fureteurs

Search URL Search Domain Scan URL

URL: https://www.thermea.ca/
Title: Go to website

Search URL Search Domain Scan URL

URL: https://tribu.groupenordik.com/center/2/reservations
Title: Book

Search URL Search Domain Scan URL

URL: https://www.thermea.ca/massage-therapy/
Title: massage

Search URL Search Domain Scan URL

URL: https://www.thermea.ca/body-treatments/
Title: body care treatment

Search URL Search Domain Scan URL

URL: https://www.thermea.ca/body-treatments/lumea/
Title: Lumëa anti-aging facial treatment

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.thermea.com/t/y-l-oikjjtt-irlhdihdjj-y/ HTTP 302
https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://secure.adnxs.com/px?id=1127163&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1127163%26t%3D1

Request Chain 47

https://cm.everesttech.net/cm/dd?d_uuid=24582521198516157344244461741181965815 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSAtfQAAALhZuwQA

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request packages.php Show response
app.thermea.ca/wpg/
Redirect Chain

https://news.thermea.com/t/y-l-oikjjtt-irlhdihdjj-y/
https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

70 KB
10 KB

659ms
423ms

Document
text/html

34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-93-61.compute-1.amazonaws.com

Software

nginx/1.21.1 / PHP/5.6.40

Resource Hash

c01a836a2a819f8ea9e62663219a55ff7561af2641ea0ea3858348224a3c7ca5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: app.thermea.ca
:scheme: https
:path: /wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.21.1
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
set-cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; expires=Sat, 21-Aug-2021 00:32:27 GMT; Max-Age=7200; path=/; domain=app.thermea.ca; httponly c166be1e5fc=1; expires=Fri, 20-Aug-2021 22:42:27 GMT; Max-Age=600; path=/; domain=app.thermea.ca; httponly PHPSESSID=688afc9cfac72dedac7ca70e128eebdd; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
content-encoding: gzip

Redirect headers

server: csw
date: Fri, 20 Aug 2021 22:32:27 GMT
content-type: text/html; charset=utf-8
content-length: 259
cache-control: private
location: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade

GET
H2 200 styles.css
app.thermea.ca/public/css/ 245 KB
137 KB 123ms
123ms Stylesheet
text/css 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.thermea.ca/public/css/styles.css?id=3a865bb0ab93a14b03d2
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 38672418d6afc35ffc86e47855dde0335766a6a309a445ee484a3e7566d5086f

Request headers

:path: /public/css/styles.css?id=3a865bb0ab93a14b03d2
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:08:39 GMT
server: nginx/1.21.1
etag: "61044e37-223e8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000 public
content-length: 140264
expires: Sat, 20 Aug 2022 22:32:28 GMT

GET
H2 200 nordik-logo_4.png
i5.createsend1.com/ei/y/9A/693/128/053841/csimport/ 24 KB
24 KB 80ms
24ms Image
image/png 13.224.96.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i5.createsend1.com/ei/y/9A/693/128/053841/csimport/nordik-logo_4.png

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-34.zrh50.r.cloudfront.net

Software

csw /

Resource Hash

b75e15ca879986ee6664885fd67fcdb0c7f3fe0a2a484dc0584ff7e350e30c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 21:14:33 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: csw
age: 4674
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=86400
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
content-length: 24332
x-xss-protection: 1; mode=block
x-amz-cf-id: abQ0ZnYW-NVOMAZvqomCcXHawImP_G_IjgtVrpFMOQ-5vamzLd0ang==

GET
H2 200 logo_white.png
app.thermea.ca/administration/include/server/images/logos/2/ 43 KB
43 KB 237ms
237ms Image
image/png 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/administration/include/server/images/logos/2/logo_white.png
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 75e65a33fb74e45746eb43a6927bf557ea8dad1719788c45cff6e70223635823

Request headers

:path: /administration/include/server/images/logos/2/logo_white.png
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Fri, 20 Nov 2020 19:59:54 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "5fb8203a-abc6"
content-length: 43974
content-type: image/png

GET
H2 200 w-food-lover-package-1.jpg
app.thermea.ca/uploads/packages/366001/ 398 KB
398 KB 118ms
118ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/366001/w-food-lover-package-1.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 7a349143100454adae9728330af06ecdd8b99a6a8205ca970ee5756d4a1537be

Request headers

:path: /uploads/packages/366001/w-food-lover-package-1.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:38:09 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d701-6372a"
content-length: 407338
content-type: image/jpeg

GET
H2 200 forfaits-gourmand-2-1.jpg
app.thermea.ca/uploads/packages/367001/ 267 KB
267 KB 347ms
343ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/367001/forfaits-gourmand-2-1.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: b9846e36873b118595e29537820dabfac53a2e1b321dc172eb7d0005230dd84e

Request headers

:path: /uploads/packages/367001/forfaits-gourmand-2-1.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:42:48 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d818-42ad4"
content-length: 273108
content-type: image/jpeg

GET
H2 200 forfaits-gourmand-3.jpg
app.thermea.ca/uploads/packages/368001/ 447 KB
447 KB 346ms
342ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/368001/forfaits-gourmand-3.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 8f09844de4ee7517a4c11ddae59594dd234b4d9114b80108db8038c3e0335d98

Request headers

:path: /uploads/packages/368001/forfaits-gourmand-3.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:41:16 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d7bc-6fb2d"
content-length: 457517
content-type: image/jpeg

GET
H2 200 forfaits-gourmand-4.jpg
app.thermea.ca/uploads/packages/369001/ 433 KB
434 KB 346ms
343ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/369001/forfaits-gourmand-4.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 194e5cfc8fbe71d1c2b1ec1a1f4bab162c8c9be7b573bf577e7e528b731150ec

Request headers

:path: /uploads/packages/369001/forfaits-gourmand-4.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:40:39 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d797-6c54f"
content-length: 443727
content-type: image/jpeg

GET
H2 200 w-a-la-carte-classic-massage.jpg
app.thermea.ca/uploads/packages/340001/ 378 KB
378 KB 202ms
198ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/340001/w-a-la-carte-classic-massage.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 9ac9074058bf639a38e80a14a43433538eeb8142d029aa970f55adfbcafb8581

Request headers

:path: /uploads/packages/340001/w-a-la-carte-classic-massage.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:36:34 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d6a2-5e77b"
content-length: 386939
content-type: image/jpeg

GET
H2 200 w-a-la-carte-specialty-massage.jpg
app.thermea.ca/uploads/packages/341001/ 390 KB
390 KB 292ms
289ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/341001/w-a-la-carte-specialty-massage.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 627583f5a1a777b36b664c6270360ab7394b7b386b9d893350c7ef05fd3b110c

Request headers

:path: /uploads/packages/341001/w-a-la-carte-specialty-massage.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:37:19 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d6cf-61726"
content-length: 399142
content-type: image/jpeg

GET
H2 200 chelsea-homepage-footer.jpg
app.thermea.ca/uploads/packages/349001/ 62 KB
62 KB 199ms
196ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/349001/chelsea-homepage-footer.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: bf1fe2963f97be8b508bc59c857abed52b7649bfb008821f384174fba4c5c1ff

Request headers

:path: /uploads/packages/349001/chelsea-homepage-footer.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 30 Mar 2021 18:39:41 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6063706d-f89d"
content-length: 63645
content-type: image/jpeg

GET
H2 200 forfaits-soins-1.jpg
app.thermea.ca/uploads/packages/345001/ 308 KB
309 KB 345ms
342ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/345001/forfaits-soins-1.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: c726772fbde14a7df4ba9281d56dc9bafa00008761601d1c5ef29b0bf3e9df14

Request headers

:path: /uploads/packages/345001/forfaits-soins-1.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:45:13 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d8a9-4d1ba"
content-length: 315834
content-type: image/jpeg

GET
H2 200 w-body-care-package-2.jpg
app.thermea.ca/uploads/packages/346001/ 422 KB
422 KB 346ms
343ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/346001/w-body-care-package-2.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 1bf59a94accaaffbae1acc9b517cb81f74d31ba688aaee34bb58f1b74a3d2d2f

Request headers

:path: /uploads/packages/346001/w-body-care-package-2.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:44:37 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d885-696fa"
content-length: 431866
content-type: image/jpeg

GET
H2 200 w-wellness-package-1.jpg
app.thermea.ca/uploads/packages/358001/ 354 KB
355 KB 346ms
344ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/358001/w-wellness-package-1.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 260918366981087bb857e82074126649c2de234501e094361d6264e91eac562e

Request headers

:path: /uploads/packages/358001/w-wellness-package-1.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:46:54 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d90e-58825"
content-length: 362533
content-type: image/jpeg

GET
H2 200 w-wellness-package-2.jpg
app.thermea.ca/uploads/packages/359001/ 354 KB
354 KB 346ms
343ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/359001/w-wellness-package-2.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 4248451edaa5d26eda08e786dc5b70e1321eb4b4fcbe440e8c8bccbb7379a05e

Request headers

:path: /uploads/packages/359001/w-wellness-package-2.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:47:42 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d93e-5865c"
content-length: 362076
content-type: image/jpeg

GET
H2 200 w-a-la-carte-classic-massage.jpg
app.thermea.ca/uploads/packages/362001/ 378 KB
378 KB 346ms
343ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/362001/w-a-la-carte-classic-massage.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 9ac9074058bf639a38e80a14a43433538eeb8142d029aa970f55adfbcafb8581

Request headers

:path: /uploads/packages/362001/w-a-la-carte-classic-massage.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:48:32 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d970-5e77b"
content-length: 386939
content-type: image/jpeg

GET
H2 200 w-wellness-package-4.jpg
app.thermea.ca/uploads/packages/363001/ 400 KB
401 KB 346ms
343ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/packages/363001/w-wellness-package-4.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 2c56dc5575fdcc2e89a92f0bc6db3e6f9e222e4f54dbc19659b29964a0f3ae19

Request headers

:path: /uploads/packages/363001/w-wellness-package-4.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 13 Apr 2021 17:49:24 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "6075d9a4-64115"
content-length: 409877
content-type: image/jpeg

GET
H2 200 launch-1b4eb711d6ba.min.js Show response
assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/ 241 KB
74 KB 20ms
7ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d159881505af8b93f42882ae2b140968f7a297052f448738398ddd991f35d81f

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 12:56:10 GMT
server: AkamaiNetStorage
etag: "161db7fa97f608ebba726205e74f96e2:1623156970.940923"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://app.thermea.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 75283
expires: Fri, 20 Aug 2021 23:32:28 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 135 KB
44 KB 65ms
43ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyD7u2p1IwvEp-bwHEV53FSbCcajZcFs97Q

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4c29a7e1e3cf09edd7588b090ffed19754ebe59dbede28c3a4bfd2608f3ced65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=29
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44875
x-xss-protection: 0
expires: Fri, 20 Aug 2021 23:02:28 GMT

GET
H2 410 6962.js
script.crazyegg.com/pages/scripts/0079/ 0
0 27ms
25ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0079/6962.js
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 08:42:43 GMT
server: cloudflare
age: 49785
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 681f13eaa9abdfc3-FRA
content-length: 0

GET
H2 200 manifest.js Show response
app.thermea.ca/public/js/ 1 KB
973 B 345ms
343ms Script
application/javascript 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.thermea.ca/public/js/manifest.js?id=3c768977c2574a34506e
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 0938d5503cf14d3f9a5e612a52ebcda33e889f4e166a58eb2e59a445b8189bfc

Request headers

:path: /public/js/manifest.js?id=3c768977c2574a34506e
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:08:39 GMT
server: nginx/1.21.1
etag: "61044e37-2d4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000 public
content-length: 724
expires: Sat, 20 Aug 2022 22:32:28 GMT

GET
H2 200 vendor.js Show response
app.thermea.ca/public/js/ 1 MB
462 KB 344ms
343ms Script
application/javascript 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.thermea.ca/public/js/vendor.js?id=72fbacf67b8595213997
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 62ebce15c3a6744dc741bd399654a84b9ab83ce69763dff384bd55c90901ee15

Request headers

:path: /public/js/vendor.js?id=72fbacf67b8595213997
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:08:39 GMT
server: nginx/1.21.1
etag: "61044e37-73658"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000 public
content-length: 472664
expires: Sat, 20 Aug 2022 22:32:28 GMT

GET
H2 200 app.js Show response
app.thermea.ca/public/js/ 185 KB
48 KB 345ms
344ms Script
application/javascript 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.thermea.ca/public/js/app.js?id=5cf158bfeed43b38d379
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: b20179bc3e7e54d59c3ae3a4fde0fdf35b12b258fc461a2ebeb5ca9164729ac4

Request headers

:path: /public/js/app.js?id=5cf158bfeed43b38d379
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:08:39 GMT
server: nginx/1.21.1
etag: "61044e37-c0b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000 public
content-length: 49336
expires: Sat, 20 Aug 2022 22:32:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/public/css/styles.css?id=3a865bb0ab93a14b03d2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 21:26:59 GMT
server: ESF
date: Fri, 20 Aug 2021 22:32:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 22:32:28 GMT

GET
H2 200 spa_bg_2.jpg
app.thermea.ca/uploads/spa/ 314 KB
315 KB 340ms
340ms Image
image/jpeg 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.thermea.ca/uploads/spa/spa_bg_2.jpg
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: fd50375648564c4f1e907f7f04a72e297371f7ac82009b3544b88bc2827dd25a

Request headers

:path: /uploads/spa/spa_bg_2.jpg
pragma: no-cache
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.thermea.ca
referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Tue, 30 Mar 2021 18:37:25 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "60636fe5-4e9b3"
content-length: 321971
content-type: image/jpeg

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.thermea.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options: nosniff
age: 338413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:15 GMT

GET
H2 200 NoeDisplay-Bold.ttf
app.thermea.ca/src/fonts/NoeDisplay/ 105 KB
106 KB 337ms
337ms Font
application/octet-stream 34.194.93.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.thermea.ca/src/fonts/NoeDisplay/NoeDisplay-Bold.ttf
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/public/css/styles.css?id=3a865bb0ab93a14b03d2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.93.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-93-61.compute-1.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 7caa7ea71906bf87ec15a6c606555ea4eba0681344e339f3cad56bf8e81bdb0f

Request headers

sec-fetch-mode: cors
origin: https://app.thermea.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: CSRF=Pz5yA5vL5gSpIzcqqckDQ2IEmmd5XVF3L; c166be1e5fc=1; PHPSESSID=688afc9cfac72dedac7ca70e128eebdd
:path: /src/fonts/NoeDisplay/NoeDisplay-Bold.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.thermea.ca
referer: https://app.thermea.ca/public/css/styles.css?id=3a865bb0ab93a14b03d2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.thermea.ca
Referer: https://app.thermea.ca/public/css/styles.css?id=3a865bb0ab93a14b03d2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Mon, 23 Nov 2020 12:23:05 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "5fbba9a9-1a4fc"
content-length: 107772
content-type: application/octet-stream

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.thermea.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options: nosniff
age: 338413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:15 GMT

GET
H3-29 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.thermea.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:11:51 GMT
x-content-type-options: nosniff
age: 145237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:28 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:11:51 GMT

GET
H3-29 200 JTUPjIg1_i6t8kCHKm459WxZFgrz_PZw.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUPjIg1_i6t8kCHKm459WxZFgrz_PZw.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68532604ba7561a346cbf951c0216463f5edf0ed7e02cc0bb4bcd19ab265c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.thermea.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 01:37:40 GMT
x-content-type-options: nosniff
age: 334488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20368
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 01:37:40 GMT

GET
H2 200 chatra.js Show response
call.chatra.io/ 39 KB
11 KB 19ms
19ms Script
application/x-javascript 2606:4700:10::6816:28e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://call.chatra.io/chatra.js
Requested by: Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce5d40ff7b8317c006368025c503ea686183a77f5330e53e55ce62171398feb

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 09:03:30 GMT
server: cloudflare
age: 1763
etag: W/"9c07-17b5359f6d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1800
cf-ray: 681f13eafe344ee5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 166ms
43ms XHR
application/json 63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=ACA534B85CEDAFC10A495CD7%40AdobeOrg&d_nsid=0&ts=1629498748675

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

643b0c21d215235bff5de2e72fb782444f92be11aa9983800749c49459fc8675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v014-0a9af16bd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 2+zNtv9MQFA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://app.thermea.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 311
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://app.thermea.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 20 Aug 2021 23:32:28 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 24ms
23ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://app.thermea.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 20 Aug 2021 23:32:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: RO+012VKfP8wWbOz0QiDoD19bU/ONaIYMVCrVMnFPN1lF6vXbSDdscCimxyQJu/6p4QhRwR0s1V5HNLQEUeQLg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 20 Aug 2021 22:32:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1127163&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1127163%26t%3D1

0
1009 B

21ms
20ms

Script
application/javascript

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1127163%26t%3D1

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 22:32:28 GMT
X-Proxy-Origin: 185.236.201.227; 185.236.201.227; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b14075f7-4ce3-40a5-a65c-a54b7232db1b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Aug 2021 22:32:28 GMT
X-Proxy-Origin: 185.236.201.227; 185.236.201.227; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 52617531-d592-494e-975d-7a6df4ae700b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1127163%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-481147733&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec548f16b3852d941d588b3bc1b7599399e59d0b740652ebd1e2f442288fcd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39141
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Aug 2021 22:32:28 GMT

GET
H2 200 / Show response
chat.chatra.io/ Frame 00C7 1023 B
500 B 14ms
14ms Document
text/html 2606:4700:10::6816:28e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatra.io/?isModern=true

Requested by

Host: call.chatra.io
URL: https://call.chatra.io/chatra.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e39abdb45d39bc05e29cab4462a6a43c3b81d909b21408b648eb397a7399e5b

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

:method: GET
:authority: chat.chatra.io
:scheme: https
:path: /?isModern=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.thermea.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.thermea.ca/

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; block-all-mixed-content; frame-src 'none'
strict-transport-security: max-age=31536000
cache-control: public, max-age=300, s-maxage=300
etag: W/"appV0.0.0"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1762
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 681f13eb6ed34ee5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: 6pAeQrWI9rjlsQxDxYzE8bG7PM3JW2YPBxsUsMSOvWdLNw37z4czdu/iDcpN71+pGOZ7BQeF/4UJ6cAaFnxW0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 Aug 2021 22:32:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 3135464206565987 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3135464206565987?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa8f2f9a91e8e832f4e71a50418549acc06d0b22c73c906a49b780f5532c0b0a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73348
x-xss-protection: 0
pragma: public
x-fb-debug: 25FcuMRDfD3t2/vRte+f9UwvOUpoV3Zyf5Pl78KlHiMJ2t8lJPeYYrusCwF8R74Vi25oFpmQa3KlHdR0Uu2TFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 Aug 2021 22:32:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 453511728fcf4541382be1af2ea115e1003022ab.css
static.chatra.io/jscss/ Frame 00C7 81 KB
15 KB 17ms
16ms Stylesheet
text/css 2606:4700:10::6816:28e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chatra.io/jscss/453511728fcf4541382be1af2ea115e1003022ab.css?meteor_css_resource=true
Requested by: Host: chat.chatra.io
URL: https://chat.chatra.io/?isModern=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57270fb41cbaf15e4651172395a8cc97cdbaa58df8b90a46ad922c2176a852f2

Request headers

Referer: https://chat.chatra.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 207076
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 21:49:03 GMT
server: cloudflare
etag: W/"5867ae4d69f2d3c5fd94b07c00b953cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 681f13eb9f074ee5-FRA
x-amz-cf-id: tVbj9ECX85BCjhqvSD7cgYi6PBWh4B5iuBWjYzYEIdsXPI_sjvTYWQ==

GET
H3-29 200 meteor_runtime_config.js Show response
chat.chatra.io/ Frame 00C7 619 B
833 B 32ms
30ms Script
application/javascript 2606:4700:10::6816:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.chatra.io/meteor_runtime_config.js?hash=3dd7569a57763a7fe12db6667874c570c6511174
Requested by: Host: chat.chatra.io
URL: https://chat.chatra.io/?isModern=true
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a90923a6f031f57843c2ee34779030310774f10f06582ab4d825b544ade319

Request headers

Referer: https://chat.chatra.io/?isModern=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1755
etag: W/"5b65cc7b4b6919e48e669892003acb766f669f94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000
cf-ray: 681f13ebac12dfeb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 9dd9a86bb8c37042605ce59c5e951e13a9f161c7.js Show response
static.chatra.io/jscss/ Frame 00C7 830 KB
250 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:28e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chatra.io/jscss/9dd9a86bb8c37042605ce59c5e951e13a9f161c7.js?meteor_js_resource=true
Requested by: Host: chat.chatra.io
URL: https://chat.chatra.io/?isModern=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e17fb37793c86d4c874043bc64eab1cf4bfc9822e5c4c9d67f4385385f3a91e

Request headers

Referer: https://chat.chatra.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 207076
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 26 Jul 2021 15:56:25 GMT
server: cloudflare
etag: W/"45c74dab5983ef774656c1b3411ea1db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 681f13eb9f094ee5-FRA
x-amz-cf-id: 2A5Sz_YUaM-QVOwQWtNcUkY80YciisjLChnGGHWjsc6pf-U6wcumbQ==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 73ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-481147733&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bb5bbc1eafc85aaad6dab04ab6fb0ae00b7d9d2166dba5bdb36c3a15ba8c22cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13986
x-xss-protection: 0
server: cafe
etag: 18170976018000584025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 22:32:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3135464206565987&ev=PageView&dl=https%3A%2F%2Fapp.thermea.ca%2Fwpg%2Fpackages.php%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dspring_2021%26utm_content%3Demail_20210812&rl=&if=false&ts=1629498748761&sw=1600&sh=1200&v=2.9.44&r=stable&a=adobe_launch&ec=0&o=30&fbp=fb.1.1629498748760.136165766&it=1629498748722&coo=false&rqm=GET

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 20 Aug 2021 22:32:28 GMT

GET
DATA 200
OK truncated
/ Frame 00C7 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 00C7 215 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H/1.1 200
OK dest5.html Show response
lenordik.demdex.net/ Frame 0868 7 KB
3 KB 175ms
43ms Document
text/html 54.76.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lenordik.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.54.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-54-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: lenordik.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://app.thermea.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=24582521198516157344244461741181965815
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.thermea.ca/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 20 Aug 2021 22:32:29 GMT
DCS: dcs-prod-irl1-1-v014-0070d911a.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 20 Aug 2021 11:53:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: eyVMRRkiTGU=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YSAtfQAAALhZuwQA
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=24582521198516157344244461741181965815
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSAtfQAAALhZuwQA

42 B
945 B

45ms
45ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSAtfQAAALhZuwQA

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v014-06d6dd4c1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IyYYMClWQcY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSAtfQAAALhZuwQA
Date: Fri, 20 Aug 2021 22:32:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
lenordik.tt.omtrdc.net/rest/v1/ 281 B
506 B 161ms
55ms XHR
application/json 34.251.77.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lenordik.tt.omtrdc.net/rest/v1/delivery?client=lenordik&sessionId=1394e5c84bb14802ade20146c22097bb&version=2.2.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/301be29bfe9c/9967d46e4bb4/launch-1b4eb711d6ba.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.77.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-77-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 029d993be9f87d396b7f9de1e7469aef6e6f549b1877e20c08bdbbe14932a982

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://app.thermea.ca
date: Fri, 20 Aug 2021 22:32:29 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 754e008425b7bcb9bd3e117c342fc3f0
content-type: application/json;charset=UTF-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/481147733/ 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481147733/?random=1629498748975&cv=9&fst=1629498748975&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&ig=1&data=event%3Dpage_view%3Borigin%3DACC%3Bdialect%3Den&frm=0&url=https%3A%2F%2Fapp.thermea.ca%2Fwpg%2Fpackages.php%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dspring_2021%26utm_content%3Demail_20210812&tiba=Gift%20Certificates%20-%20Thermea%20%7C%20Saunas%20%7C%20Massages%20%7C%20Body%20Treatments%20and%20more%20%7C%20Winnipeg%2C%20MB&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f285415dde08273bdf3f8c07bf50506f6b036edfd9f459539ccd7c1a1a50163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 22:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1168
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/481147733/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/481147733/?random=1629498748975&cv=9&fst=1629496800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&data=event%3Dpage_view%3Borigin%3DACC%3Bdialect%3Den&frm=0&url=https%3A%2F%2Fapp.thermea.ca%2Fwpg%2Fpackages.php%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dspring_2021%26utm_content%3Demail_20210812&tiba=Gift%20Certificates%20-%20Thermea%20%7C%20Saunas%20%7C%20Massages%20%7C%20Body%20Treatments%20and%20more%20%7C%20Winnipeg%2C%20MB&async=1&fmt=3&is_vtc=1&random=3303910043&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 22:32:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/481147733/ 42 B
108 B 16ms
16ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/481147733/?random=1629498748975&cv=9&fst=1629496800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&data=event%3Dpage_view%3Borigin%3DACC%3Bdialect%3Den&frm=0&url=https%3A%2F%2Fapp.thermea.ca%2Fwpg%2Fpackages.php%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dspring_2021%26utm_content%3Demail_20210812&tiba=Gift%20Certificates%20-%20Thermea%20%7C%20Saunas%20%7C%20Massages%20%7C%20Body%20Treatments%20and%20more%20%7C%20Winnipeg%2C%20MB&async=1&fmt=3&is_vtc=1&random=3303910043&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.thermea.ca
URL: https://app.thermea.ca/wpg/packages.php?utm_source=newsletter&utm_medium=email&utm_campaign=spring_2021&utm_content=email_20210812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 22:32:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s97671008107493
nordik.sc.omtrdc.net/b/ss/aeslnchelprod,aeslnnordikprod/1/JS-2.22.0-LBSQ/ 43 B
393 B 87ms
24ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nordik.sc.omtrdc.net/b/ss/aeslnchelprod,aeslnnordikprod/1/JS-2.22.0-LBSQ/s97671008107493?AQB=1&ndh=1&pf=1&t=21%2F7%2F2021%200%3A32%3A29%206%20-120&sdid=621EAAED9E86A6DF-4A3CC12E928DE939&mid=30668176297862434253635999546752422240&aamlh=6&ce=UTF-8&pageName=Packages&g=https%3A%2F%2Fapp.thermea.ca%2Fwpg%2Fpackages.php%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dspring_2021%26utm_content%3Demail_20210812&cc=CAD&v0=spring_2021&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=newsletter&v1=newsletter&c2=email_20210812&v2=email_20210812&c3=spring_2021&v3=spring_2021&c4=email&v4=email&c6=Default&v6=Default&c7=app.thermea.ca&v7=app.thermea.ca&c12=2&v12=2&c13=ACC&v13=ACC&c14=en&v14=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ACA534B85CEDAFC10A495CD7%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:29 GMT
x-content-type-options: nosniff
x-c: main-1500.I51075a.M0-511
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 21 Aug 2021 22:32:29 GMT
server: jag
xserver: anedge-5446df8c45-hzffm
etag: 3499321920016220160-4619739917129312837
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 19 Aug 2021 22:32:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3135464206565987&ev=Microdata&dl=https%3A%2F%2Fapp.thermea.ca%2Fwpg%2Fpackages.php%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dspring_2021%26utm_content%3Demail_20210812&rl=&if=false&ts=1629498750294&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gift%20Certificates%20-%20Thermea%20%7C%20Saunas%20%7C%20Massages%20%7C%20Body%20Treatments%20and%20more%20%7C%20Winnipeg%2C%20MB%22%2C%22meta%3Adescription%22%3A%22Want%20to%20offer%20the%20spa%20experience%20to%20your%20family%3F%20Then%20opt%20for%20a%20Therm%C3%ABa%20Spa-Nature%20gift%20certificate.%20Purchase%20them%20online%20today%20!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=adobe_launch&ec=1&o=30&fbp=fb.1.1629498750293.761882983&it=1629498748722&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:32:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 20 Aug 2021 22:32:30 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/1/ 87 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/1/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD7u2p1IwvEp-bwHEV53FSbCcajZcFs97Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82c40d20ddd554d6df644a2dbaf3cc57d33583cd380556b4e4636a8370a99989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 16:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32231
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 20:40:44 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 16:19:32 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/1/ 289 KB
289 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/1/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD7u2p1IwvEp-bwHEV53FSbCcajZcFs97Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d109a1be178487629ed3fd50fa1431912642bd2682c7d99eda876da6cb18d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 21:53:31 GMT
vary: Accept-Encoding, Origin
last-modified: Mon, 16 Aug 2021 20:40:44 GMT
server: sffe
x-content-type-options: nosniff
age: 2342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295988
x-xss-protection: 0
expires: Sat, 20 Aug 2022 21:53:31 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
84 B 71ms
58ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fapp.thermea.ca%2Fwpg%2Fpackages.php%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dspring_2021%26utm_content%3Demail_20210812&4sAIzaSyD7u2p1IwvEp-bwHEV53FSbCcajZcFs97Q&callback=_xdc_._u06hpo&key=AIzaSyD7u2p1IwvEp-bwHEV53FSbCcajZcFs97Q&token=33142

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/1/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9fb68d7aa10adffac9d8eec8ec9078419e317661342afaa67a05c89ebb0f36c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.thermea.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 22:32:33 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thermea.ca/	1969-12-31 23:59:59	Name: s_cc Value: true
.thermea.ca/	1970-01-20 14:09:30	Name: AMCV_ACA534B85CEDAFC10A495CD7%40AdobeOrg Value: -432600572%7CMCIDTS%7C18860%7CMCMID%7C30668176297862434253635999546752422240%7CMCAAMLH-1630103548%7C6%7CMCAAMB-1630103548%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1629505948s%7CNONE%7CMCSYNCSOP%7C411-18867%7CvVersion%7C4.5.2
.thermea.ca/	1970-01-20 14:12:23	Name: mbox Value: PC#1394e5c84bb14802ade20146c22097bb.37_0#1692743550\|session#1394e5c84bb14802ade20146c22097bb#1629500610

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.chatra.io/jscss/9dd9a86bb8c37042605ce59c5e951e13a9f161c7.js?meteor_js_resource=true(Line 124) Message: Warning: Blaze.render without a parent element is deprecated. You must specify where to insert the rendered content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.thermea.ca
assets.adobedtm.com
call.chatra.io
chat.chatra.io
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i5.createsend1.com
lenordik.demdex.net
lenordik.tt.omtrdc.net
maps.googleapis.com
news.thermea.com
nordik.sc.omtrdc.net
script.crazyegg.com
secure.adnxs.com
static.chatra.io
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.96.34
13.52.43.40
142.250.186.162
15.188.95.229
2606:4700:10::6816:28e
2606:4700:10::6816:38e
2606:4700::6813:9408
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:831::200a
2a02:26f0:6c00:299::1e80
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.194.93.61
34.249.249.121
34.251.77.56
37.252.172.249
54.76.54.153
63.32.159.255
029d993be9f87d396b7f9de1e7469aef6e6f549b1877e20c08bdbbe14932a982
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0938d5503cf14d3f9a5e612a52ebcda33e889f4e166a58eb2e59a445b8189bfc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
194e5cfc8fbe71d1c2b1ec1a1f4bab162c8c9be7b573bf577e7e528b731150ec
1bf59a94accaaffbae1acc9b517cb81f74d31ba688aaee34bb58f1b74a3d2d2f
1d109a1be178487629ed3fd50fa1431912642bd2682c7d99eda876da6cb18d37
260918366981087bb857e82074126649c2de234501e094361d6264e91eac562e
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c56dc5575fdcc2e89a92f0bc6db3e6f9e222e4f54dbc19659b29964a0f3ae19
38672418d6afc35ffc86e47855dde0335766a6a309a445ee484a3e7566d5086f
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3f285415dde08273bdf3f8c07bf50506f6b036edfd9f459539ccd7c1a1a50163
4248451edaa5d26eda08e786dc5b70e1321eb4b4fcbe440e8c8bccbb7379a05e
4c29a7e1e3cf09edd7588b090ffed19754ebe59dbede28c3a4bfd2608f3ced65
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
57270fb41cbaf15e4651172395a8cc97cdbaa58df8b90a46ad922c2176a852f2
5ce5d40ff7b8317c006368025c503ea686183a77f5330e53e55ce62171398feb
5e39abdb45d39bc05e29cab4462a6a43c3b81d909b21408b648eb397a7399e5b
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
627583f5a1a777b36b664c6270360ab7394b7b386b9d893350c7ef05fd3b110c
62ebce15c3a6744dc741bd399654a84b9ab83ce69763dff384bd55c90901ee15
643b0c21d215235bff5de2e72fb782444f92be11aa9983800749c49459fc8675
75e65a33fb74e45746eb43a6927bf557ea8dad1719788c45cff6e70223635823
77a90923a6f031f57843c2ee34779030310774f10f06582ab4d825b544ade319
7a349143100454adae9728330af06ecdd8b99a6a8205ca970ee5756d4a1537be
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7caa7ea71906bf87ec15a6c606555ea4eba0681344e339f3cad56bf8e81bdb0f
7e17fb37793c86d4c874043bc64eab1cf4bfc9822e5c4c9d67f4385385f3a91e
82c40d20ddd554d6df644a2dbaf3cc57d33583cd380556b4e4636a8370a99989
8f09844de4ee7517a4c11ddae59594dd234b4d9114b80108db8038c3e0335d98
9ac9074058bf639a38e80a14a43433538eeb8142d029aa970f55adfbcafb8581
9fb68d7aa10adffac9d8eec8ec9078419e317661342afaa67a05c89ebb0f36c2
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b20179bc3e7e54d59c3ae3a4fde0fdf35b12b258fc461a2ebeb5ca9164729ac4
b75e15ca879986ee6664885fd67fcdb0c7f3fe0a2a484dc0584ff7e350e30c6a
b9846e36873b118595e29537820dabfac53a2e1b321dc172eb7d0005230dd84e
bb5bbc1eafc85aaad6dab04ab6fb0ae00b7d9d2166dba5bdb36c3a15ba8c22cf
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf1fe2963f97be8b508bc59c857abed52b7649bfb008821f384174fba4c5c1ff
c01a836a2a819f8ea9e62663219a55ff7561af2641ea0ea3858348224a3c7ca5
c726772fbde14a7df4ba9281d56dc9bafa00008761601d1c5ef29b0bf3e9df14
d159881505af8b93f42882ae2b140968f7a297052f448738398ddd991f35d81f
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1
ec548f16b3852d941d588b3bc1b7599399e59d0b740652ebd1e2f442288fcd03
ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68532604ba7561a346cbf951c0216463f5edf0ed7e02cc0bb4bcd19ab265c81
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785
fa8f2f9a91e8e832f4e71a50418549acc06d0b22c73c906a49b780f5532c0b0a
fd50375648564c4f1e907f7f04a72e297371f7ac82009b3544b88bc2827dd25a

app.thermea.ca Open in urlscan Pro 34.194.93.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

57 %IPv6

19 Domains

24 Subdomains

22 IPs

4 Countries

6718 kBTransfer

9444 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.thermea.ca Open in urlscan Pro
34.194.93.61 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

22
IPs

4
Countries

6718 kB
Transfer

9444 kB
Size

3
Cookies

56 HTTP transactions
2 data transactions