urlscan.io logo urlscan.io
SecurityTrails logo

www.therme-bad-steben.shop Open in urlscan Pro
195.70.245.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.therme-bad-steben.shop/vouchers/category/
Submission: On December 23 via api from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 39 HTTP transactions. The main IP is 195.70.245.28, located in Austria and belongs to UTA-AS, AT. The main domain is www.therme-bad-steben.shop.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.
This is the only time www.therme-bad-steben.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 41 195.70.245.28 8437 (UTA-AS)
39 1
Apex Domain
Subdomains		 Transfer
39 therme-bad-steben.shop
www.therme-bad-steben.shop
1 MB
2 eu.com
shop.tac.eu.com — Cisco Umbrella Rank: 949726
32 KB
39 2
Domain Requested by
39 www.therme-bad-steben.shop 2 redirects www.therme-bad-steben.shop
2 shop.tac.eu.com www.therme-bad-steben.shop
39 2
Subject Issuer Validity Valid
www.therme-bad-steben.shop
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
shop.tac.eu.com
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.therme-bad-steben.shop/vouchers/category/
Frame ID: 4EF9C1A8A816CAA0866ADFD669494CC4
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shop | Therme Bad Steben : Gutscheine - Thermen-Eintritte

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1334 kB
Transfer

2652 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.therme-bad-steben.shop/gfonts/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext HTTP 301
  • https://www.therme-bad-steben.shop/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
Request Chain 1
  • https://www.therme-bad-steben.shop/gfonts/css?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext HTTP 301
  • https://www.therme-bad-steben.shop/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.therme-bad-steben.shop/vouchers/category/ 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
90032bd90c8c3090863a9ad7a3002edfeb6384415948f2b3d6d39f6c0228abbd
Security Headers
Name Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-939989035308499' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-939989035308499' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 21:46:11 GMT
etag
W/"524f-W4nZoUi7KrIj6CnQqrn2iISbJFE"
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
Express
x-xss-protection
1; mode=block
/
www.therme-bad-steben.shop/gfonts/css/
Redirect Chain
  • https://www.therme-bad-steben.shop/gfonts/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
  • https://www.therme-bad-steben.shop/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
d7cdab6be14a9d4d792a64c2bcad2d9d87e729662d9388d0aef8cebd0b2fb88d
Security Headers
Name Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-3771199679675219' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-3771199679675219' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=86400
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block

Redirect headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-7420594994207769' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
location
/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block
/
www.therme-bad-steben.shop/gfonts/css/
Redirect Chain
  • https://www.therme-bad-steben.shop/gfonts/css?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
  • https://www.therme-bad-steben.shop/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
7c0d37f92a8b0b2c220571a4201666e34f0de66f579c153fa78dde5d80511298
Security Headers
Name Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-4113728110619929' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-4113728110619929' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=86400
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block

Redirect headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-5094507032363339' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
location
/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block
685.css
www.therme-bad-steben.shop/extern/css/ 		857 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/extern/css/685.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
306f3b88c3276e7c0833b2d7b0d08d1948b96366fe9853eff8e4c90ad34293fa

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:38:30 GMT
server
nginx
x-powered-by
Express
etag
W/"d638c-18c6a444e3c"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
vendor.js
www.therme-bad-steben.shop/js/ 		270 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/js/vendor.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
f3975bd7240240d0d6dbd2714606dd557b0cbfc35de4a0013a0062af8183cc9e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:17 GMT
server
nginx
x-powered-by
Express
etag
W/"43799-18c6a24f868"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
jquery.nouislider.css
www.therme-bad-steben.shop/css/ 		2 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/css/jquery.nouislider.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
6368649551988af73bdfecee2c11a67d0cf33290320b582e4e6b339a60e9cf5b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:00 GMT
server
nginx
x-powered-by
Express
etag
W/"6e0-18c6a24b600"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
nouislider.min.js
www.therme-bad-steben.shop/components/nouislider/distribute/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/components/nouislider/distribute/nouislider.min.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
bd59cc5283443d3b32736ef7ef7c3b5bb063c1de71de53e60541528e08a81772

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:01:42 GMT
server
nginx
x-powered-by
Express
etag
W/"407f-18c6a229af0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
shop.js
www.therme-bad-steben.shop/js/helper/ 		97 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/js/helper/shop.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
5289d6a3e89600e6c3375d75211a406025385f71020c62dbcc4c86a0c9b5487c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:23 GMT
server
nginx
x-powered-by
Express
etag
W/"1854a-18c6a250fd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
common-helper.js
www.therme-bad-steben.shop/js/helper/ 		443 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/js/helper/common-helper.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
24e87fbea67b7c6c8f5c3b2177e028842a356a3c64b9789bcf5af541cd569bc3

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:20 GMT
server
nginx
x-powered-by
Express
etag
W/"1bb-18c6a250420"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
tracking-helper.js
www.therme-bad-steben.shop/js/helper/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/js/helper/tracking-helper.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
f0f3b284a01d2b7233968de3343fde4cbb2a1c3df56fc515911dc918815f9760

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:23 GMT
server
nginx
x-powered-by
Express
etag
W/"3636-18c6a250fd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
magnific-popup.css
www.therme-bad-steben.shop/magnific-popup/dist/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/magnific-popup/dist/magnific-popup.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
fc9b46564ac46129178836c023603443d7006edb2cfa7ae14ab8b01b19fc7fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"1e7d-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
jquery.magnific-popup.js
www.therme-bad-steben.shop/magnific-popup/dist/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/magnific-popup/dist/jquery.magnific-popup.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
bbff108cda6e7785683b6f8287fb271abac0148300baceac741a0535759492cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"b662-18c6a212fa8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
lc_switch.css
www.therme-bad-steben.shop/LC-switch/ 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/LC-switch/lc_switch.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
5fcae4922e05ed0a76184ec4cd0628d0bda761c0755f566a8209a6574636c8fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"71a-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
lc_switch.min.js
www.therme-bad-steben.shop/LC-switch/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/LC-switch/lc_switch.min.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
65d9cabd319af4fe3a7fdad149063830a64f464c6b36127e26c335562e8845b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"a8a-18c6a212fa8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
cookieconsent.min.css
www.therme-bad-steben.shop/components/cookieconsent2/build/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/components/cookieconsent2/build/cookieconsent.min.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 01:35:56 GMT
server
nginx
x-powered-by
Express
etag
W/"135e-16ae2549860"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
fontawesome.min.css
www.therme-bad-steben.shop/fontawesome/css/ 		157 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/fontawesome/css/fontawesome.min.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
9c8a8f8c3857d47c3d639e4b107e2c85545e7d2a87c1b9ccc2842c6f33e3aa6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"274cd-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
solid.min.css
www.therme-bad-steben.shop/fontawesome/css/ 		512 B
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/fontawesome/css/solid.min.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
8bcd6998bab374ddc0eaa7ccab6ddcb35272dbe5c5a99a61555544e6d200cf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"200-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
regular.min.css
www.therme-bad-steben.shop/fontawesome/css/ 		520 B
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/fontawesome/css/regular.min.css
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
e8a80ad0e5dd762080af21a352bbd17c4dc31ad0d58b6e6c3d9461b43a3cadf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"208-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
logo-therme-bad-steben_neu.png
www.therme-bad-steben.shop/extern/staatsbadsteben/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/staatsbadsteben/logo-therme-bad-steben_neu.png
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
74d789b5f134e4c19b21369cd2fde1cafd004bc11536d7fdcfec0867cca16c2a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Fri, 15 Sep 2023 06:58:40 GMT
server
nginx
x-powered-by
Express
etag
W/"3c39-18a97a273d4"
content-type
image/png
cache-control
public, max-age=120
accept-ranges
bytes
content-length
15417
x-proxy-cache
HIT
Schriftzug_weihnachtlich.jpg
www.therme-bad-steben.shop/extern/staatsbadsteben/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/staatsbadsteben/Schriftzug_weihnachtlich.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
115e600fc6533afd323ee8e1125b5e89e548eb9bc2bfbff186f84fdb605d6210

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Fri, 15 Sep 2023 06:58:40 GMT
server
nginx
x-powered-by
Express
etag
W/"3e22-18a97a273f0"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
15906
x-proxy-cache
HIT
47131.jpg
www.therme-bad-steben.shop/extern/template-pictures/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/template-pictures/47131.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
6e5e3d039d2679f2008c2cc20369444c664511e999bf4f46f30996fa9da62d3a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 07 Dec 2023 13:02:47 GMT
server
nginx
x-powered-by
Express
etag
W/"614d-18c445fa2fa"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
24909
x-proxy-cache
EXPIRED
47135.jpg
www.therme-bad-steben.shop/extern/template-pictures/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/template-pictures/47135.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
cc5021a8fdcea3866ff49df6b62791faace82652adeceb3616ad930f6516a682

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 07 Dec 2023 13:02:47 GMT
server
nginx
x-powered-by
Express
etag
W/"6fa7-18c445fa2fe"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
28583
x-proxy-cache
EXPIRED
47138.jpg
www.therme-bad-steben.shop/extern/template-pictures/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/template-pictures/47138.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
c63facf5f741da9166ec4a453b424ed001ac42aecb08cbcb694bae7918e306c9

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 07 Dec 2023 13:02:47 GMT
server
nginx
x-powered-by
Express
etag
W/"563f-18c445fa302"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
22079
x-proxy-cache
EXPIRED
47139.jpg
www.therme-bad-steben.shop/extern/template-pictures/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/template-pictures/47139.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
fde652c7a15718c1c1fac4061059aa2d14cc9aa341d75d5ad3a7bce92524dd26

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 07 Dec 2023 13:02:47 GMT
server
nginx
x-powered-by
Express
etag
W/"8771-18c445fa306"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
34673
x-proxy-cache
EXPIRED
PM_Visa_c.png
www.therme-bad-steben.shop/assets/frontend_images/payment/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/assets/frontend_images/payment/PM_Visa_c.png
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
7239f4de59cfdc7161cc0ee29c3f17f9049683b953b6162ecc0a6f715c233656

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"ca1-18c6a212fa8"
content-type
image/png
cache-control
public, max-age=120
accept-ranges
bytes
content-length
3233
x-proxy-cache
HIT
PM_MasterCard_c.png
www.therme-bad-steben.shop/assets/frontend_images/payment/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/assets/frontend_images/payment/PM_MasterCard_c.png
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
e1c6f7d858f89966519faa959dbbc895a610c2042ae02e268452a48255eb656f

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"aba-18c6a212fa8"
content-type
image/png
cache-control
public, max-age=120
accept-ranges
bytes
content-length
2746
x-proxy-cache
HIT
PM_PayPal_c.png
www.therme-bad-steben.shop/assets/frontend_images/payment/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/assets/frontend_images/payment/PM_PayPal_c.png
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
0dfd2a5ef4c18e2fc25a6dcde9a114d0fd89fa3fc38e3eff68baae91892a30a8

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"ac4-18c6a212fa8"
content-type
image/png
cache-control
public, max-age=120
accept-ranges
bytes
content-length
2756
x-proxy-cache
HIT
PM_AmericanExpress_c.png
www.therme-bad-steben.shop/assets/frontend_images/payment/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/assets/frontend_images/payment/PM_AmericanExpress_c.png
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
b41a546aeed504dc0a97fc106523b4deb2e2d5a59aa5de9b7c9f4f658e9d42b6

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"777-18c6a212fa8"
content-type
image/png
cache-control
public, max-age=120
accept-ranges
bytes
content-length
1911
x-proxy-cache
HIT
fb-Logo_rgb.jpg
www.therme-bad-steben.shop/extern/staatsbadsteben/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/staatsbadsteben/fb-Logo_rgb.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
22eed1a73a8a9ee73e999701e842ba9d5520cbe00271a1874cfb37136e1ff367

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Fri, 15 Sep 2023 06:58:40 GMT
server
nginx
x-powered-by
Express
etag
W/"28bd-18a97a273ac"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
10429
x-proxy-cache
HIT
ig-Logo_rgb.jpg
www.therme-bad-steben.shop/extern/staatsbadsteben/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/staatsbadsteben/ig-Logo_rgb.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
78db4be537708f19dd8bcecc4e25a147f22cb932c5305e98b9453b0ab6a86e9c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Fri, 15 Sep 2023 06:58:40 GMT
server
nginx
x-powered-by
Express
etag
W/"6582-18a97a273cc"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
25986
x-proxy-cache
HIT
youtube-Logo_rgb.jpg
www.therme-bad-steben.shop/extern/staatsbadsteben/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/staatsbadsteben/youtube-Logo_rgb.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
0f85604c0014e6e6809c84ed87dbeb7eb62a51e58f5607b71ca2c2bdb6bf2f58

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Fri, 15 Sep 2023 06:58:40 GMT
server
nginx
x-powered-by
Express
etag
W/"658e-18a97a27424"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
25998
x-proxy-cache
HIT
letsencrypt.png
www.therme-bad-steben.shop/assets/frontend_images/logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/assets/frontend_images/logos/letsencrypt.png
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
49c9eebbd86a8d854c370f44741ff87ce51b173f6346385a0ed2cdec1c7070dc

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"4c15-18c6a212fa8"
content-type
image/png
cache-control
public, max-age=120
accept-ranges
bytes
content-length
19477
x-proxy-cache
HIT
cookieconsent.min.js
www.therme-bad-steben.shop/components/cookieconsent2/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/components/cookieconsent2/build/cookieconsent.min.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 01:35:56 GMT
server
nginx
x-powered-by
Express
etag
W/"50d5-16ae2549860"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
cookie-dialog.js
www.therme-bad-steben.shop/js/helper/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/js/helper/cookie-dialog.js
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/vouchers/category/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
0e7b8a942e44f5bb919e7989f00f3295f9edd41e0711a8b1ec9213442a5a8bc3

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/vouchers/category/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:20 GMT
server
nginx
x-powered-by
Express
etag
W/"101a-18c6a250420"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
neues_headerbild-keyvisual-1__004_.jpg
www.therme-bad-steben.shop/extern/staatsbadsteben/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therme-bad-steben.shop/extern/staatsbadsteben/neues_headerbild-keyvisual-1__004_.jpg
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/extern/css/685.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
55cfc29f740d04411c0206805b761adad8fa2de410a51f2f00fb1ee9534d17e5

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.therme-bad-steben.shop/extern/css/685.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
last-modified
Fri, 15 Sep 2023 06:58:40 GMT
server
nginx
x-powered-by
Express
etag
W/"1d401-18a97a273e4"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
119809
x-proxy-cache
EXPIRED
fa-regular-400.woff2
www.therme-bad-steben.shop/fontawesome/webfonts/ 		380 KB
380 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/fontawesome/css/regular.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.therme-bad-steben.shop/fontawesome/css/regular.min.css
Origin
https://www.therme-bad-steben.shop
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"5ef24-18c6a212fa8"
content-type
font/woff2
cache-control
public, max-age=120
accept-ranges
bytes
content-length
388900
KFOmCnqEu92Fr1Mu4mxK.woff2
shop.tac.eu.com/gfonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.tac.eu.com/gfonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therme-bad-steben.shop/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
Origin
https://www.therme-bad-steben.shop
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sat, 23 Dec 2023 21:46:11 GMT
x-content-type-options
nosniff
age
538185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
nginx
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 23:01:37 GMT
fa-solid-900.woff2
www.therme-bad-steben.shop/fontawesome/webfonts/ 		321 KB
322 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therme-bad-steben.shop/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/fontawesome/css/solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.therme-bad-steben.shop/fontawesome/css/solid.min.css
Origin
https://www.therme-bad-steben.shop
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"505f4-18c6a212fa8"
content-type
font/woff2
cache-control
public, max-age=120
accept-ranges
bytes
content-length
329204
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
shop.tac.eu.com/gfonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.tac.eu.com/gfonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.therme-bad-steben.shop
URL: https://www.therme-bad-steben.shop/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therme-bad-steben.shop/gfonts/css/?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=latin-ext
Origin
https://www.therme-bad-steben.shop
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sat, 23 Dec 2023 21:46:11 GMT
x-content-type-options
nosniff
age
288801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
nginx
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 22:52:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| runtime function| _typeof function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| ownKeys function| _objectSpread function| _defineProperty function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator function| setImmediate function| clearImmediate object| regeneratorRuntime function| $ function| jQuery object| Frontend function| ping object| ShopHelper object| CommonUtils function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _classCallCheck function| _defineProperties function| _createClass object| trackingEvents object| ga4TrackingEvents function| TrackingHelper boolean| scriptsWillChange object| cookieconsent object| CookieDialog string| pingPath boolean| fastPing number| pingInterval object| theme object| noUiSlider

4 Cookies

Domain/Path Name / Value
www.therme-bad-steben.shop/ Name: module
Value: shop
www.therme-bad-steben.shop/ Name: count
Value: 12
www.therme-bad-steben.shop/ Name: NSESSIONID
Value: eyJpZCI6IlNvNFJnMzFEVHoxNzAzMzY3OTcxNDQyIn0=
www.therme-bad-steben.shop/ Name: NSESSIONID.sig
Value: TLfHiWE691Kdv9U5CCU-EZ2bPw8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-939989035308499' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

shop.tac.eu.com
www.therme-bad-steben.shop
195.70.245.28
0dfd2a5ef4c18e2fc25a6dcde9a114d0fd89fa3fc38e3eff68baae91892a30a8
0e7b8a942e44f5bb919e7989f00f3295f9edd41e0711a8b1ec9213442a5a8bc3
0f85604c0014e6e6809c84ed87dbeb7eb62a51e58f5607b71ca2c2bdb6bf2f58
115e600fc6533afd323ee8e1125b5e89e548eb9bc2bfbff186f84fdb605d6210
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
22eed1a73a8a9ee73e999701e842ba9d5520cbe00271a1874cfb37136e1ff367
24e87fbea67b7c6c8f5c3b2177e028842a356a3c64b9789bcf5af541cd569bc3
306f3b88c3276e7c0833b2d7b0d08d1948b96366fe9853eff8e4c90ad34293fa
49c9eebbd86a8d854c370f44741ff87ce51b173f6346385a0ed2cdec1c7070dc
5289d6a3e89600e6c3375d75211a406025385f71020c62dbcc4c86a0c9b5487c
55cfc29f740d04411c0206805b761adad8fa2de410a51f2f00fb1ee9534d17e5
5fcae4922e05ed0a76184ec4cd0628d0bda761c0755f566a8209a6574636c8fc
6368649551988af73bdfecee2c11a67d0cf33290320b582e4e6b339a60e9cf5b
65d9cabd319af4fe3a7fdad149063830a64f464c6b36127e26c335562e8845b7
6e5e3d039d2679f2008c2cc20369444c664511e999bf4f46f30996fa9da62d3a
7239f4de59cfdc7161cc0ee29c3f17f9049683b953b6162ecc0a6f715c233656
74d789b5f134e4c19b21369cd2fde1cafd004bc11536d7fdcfec0867cca16c2a
78db4be537708f19dd8bcecc4e25a147f22cb932c5305e98b9453b0ab6a86e9c
7c0d37f92a8b0b2c220571a4201666e34f0de66f579c153fa78dde5d80511298
8bcd6998bab374ddc0eaa7ccab6ddcb35272dbe5c5a99a61555544e6d200cf3e
90032bd90c8c3090863a9ad7a3002edfeb6384415948f2b3d6d39f6c0228abbd
9c8a8f8c3857d47c3d639e4b107e2c85545e7d2a87c1b9ccc2842c6f33e3aa6a
b41a546aeed504dc0a97fc106523b4deb2e2d5a59aa5de9b7c9f4f658e9d42b6
bbff108cda6e7785683b6f8287fb271abac0148300baceac741a0535759492cd
bd59cc5283443d3b32736ef7ef7c3b5bb063c1de71de53e60541528e08a81772
c63facf5f741da9166ec4a453b424ed001ac42aecb08cbcb694bae7918e306c9
cc5021a8fdcea3866ff49df6b62791faace82652adeceb3616ad930f6516a682
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d7cdab6be14a9d4d792a64c2bcad2d9d87e729662d9388d0aef8cebd0b2fb88d
e1c6f7d858f89966519faa959dbbc895a610c2042ae02e268452a48255eb656f
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e8a80ad0e5dd762080af21a352bbd17c4dc31ad0d58b6e6c3d9461b43a3cadf1
f0f3b284a01d2b7233968de3343fde4cbb2a1c3df56fc515911dc918815f9760
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f3975bd7240240d0d6dbd2714606dd557b0cbfc35de4a0013a0062af8183cc9e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc9b46564ac46129178836c023603443d7006edb2cfa7ae14ab8b01b19fc7fd2
fde652c7a15718c1c1fac4061059aa2d14cc9aa341d75d5ad3a7bce92524dd26