www.therme.ro Open in urlscan Pro
40.118.82.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u26295333.ct.sendgrid.net/ls/click?upn=zVJ-2BNjPkqFpSt0ayH7Gewvqh8XTzmtNRSXPe5nfhXlEz71KNDkvv2-2BXQCqnSaDyFzgImTow2OgOTmZq...
Effective URL:
https://www.therme.ro/mytherme/login?confirmedemail=false
Submission: On May 16 via manual (May 16th 2022, 4:03:21 pm UTC) from IN — Scanned from DE

Summary HTTP 66 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 17 domains to perform 66 HTTP transactions. The main IP is 40.118.82.172, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.therme.ro.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 1st 2021. Valid for: a year.

This is the only time www.therme.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
1 27	40.118.82.172 40.118.82.172	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
8	52.169.249.214 52.169.249.214	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100:194::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400f:802::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4014:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2010	15169 (GOOGLE) (GOOGLE)
66	19

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u26295333.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 40.118.82.172 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.therme.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mytherme.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.169.249.214 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

studio.wisevoice.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
builder.wisevoice.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:194::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4014:80f::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	therme.ro 1 redirects www.therme.ro	2 MB
8	wisevoice.ai studio.wisevoice.ai builder.wisevoice.ai	488 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	256 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4801 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5547	92 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 storage.googleapis.com — Cisco Umbrella Rank: 498	4 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5483	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 7	655 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	388 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
2	gstatic.com fonts.gstatic.com	55 KB
2	mytherme.app cdn.mytherme.app	30 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1827	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	2 KB
1	sendgrid.net 1 redirects u26295333.ct.sendgrid.net	361 B
66	17

	Domain	Requested by
25	www.therme.ro	1 redirects www.therme.ro consent.cookiebot.com
7	builder.wisevoice.ai	studio.wisevoice.ai
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.therme.ro www.googletagmanager.com consent.cookiebot.com
3	fonts.googleapis.com	www.therme.ro studio.wisevoice.ai
2	www.google.de	www.therme.ro
2	www.google.com	www.therme.ro
2	www.facebook.com	www.therme.ro
2	connect.facebook.net	www.therme.ro connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.mytherme.app	www.therme.ro
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	player.vimeo.com	www.therme.ro consent.cookiebot.com
2	consent.cookiebot.com	www.therme.ro consent.cookiebot.com
1	storage.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.youtube.com	www.therme.ro
1	studio.wisevoice.ai	www.therme.ro
1	u26295333.ct.sendgrid.net	1 redirects
66	21

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
policies.google.com
vimeo.com
www.facebook.com
www.allaboutcookies.org
therme.ro
anpc.ro
corporate.therme.ro
www.thermegroup.com
www.instagram.com
ro.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
*.therme.ro ZeroSSL RSA Domain Secure Site CA	`2021-11-01` - `2022-11-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
builder.wisevoice.ai R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-01` - `2023-03-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh
mytherme.app Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-23` - `2022-05-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.therme.ro/mytherme/login?confirmedemail=false
Frame ID: 36FCAC56B47A5FAE6ED7AC55F5AAAF61
Requests: 64 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 863B5F479990763E8EF99C655D976F65
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Frame ID: BBBE8EC314788EB99A807EFB1E8E0450
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Autentificare | Therme BucureștiPowered by Cookiebot

Page URL History Show full URLs

https://u26295333.ct.sendgrid.net/ls/click?upn=zVJ-2BNjPkqFpSt0ayH7Gewvqh8XTzmtNRSXPe5nfhXlEz71KNDkvv2-2BXQCqn... HTTP 302
https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10... Page URL
https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10... HTTP 302
https://www.therme.ro/mytherme/login?confirmedemail=false Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

66
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

21
Subdomains

19
IPs

6
Countries

2998 kB
Transfer

5943 kB
Size

11
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Află mai multe despre acest furnizor

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Află mai multe despre acest furnizor

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Află mai multe despre acest furnizor

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Află mai multe despre acest furnizor

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy/partners
Title: https://policies.google.com/privacy/partners

Search URL Search Domain Scan URL

URL: http://www.allaboutcookies.org/
Title: www.allaboutcookies.org

Search URL Search Domain Scan URL

URL: https://therme.ro/politica-de-confidentialitate
Title: politica noastră de confidențialitate.

Search URL Search Domain Scan URL

URL: https://anpc.ro/
Title: Protecția Consumatorului

Search URL Search Domain Scan URL

URL: https://therme.ro/puncte-zen
Title: Puncte Zen

Search URL Search Domain Scan URL

URL: https://corporate.therme.ro/
Title: Vânzări Corporate

Search URL Search Domain Scan URL

URL: https://www.thermegroup.com/
Title: Despre Therme Group

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thermebucuresti

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therme_bucuresti/

Search URL Search Domain Scan URL

URL: https://ro.pinterest.com/thermebucuresti

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ThermeBucuresti/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u26295333.ct.sendgrid.net/ls/click?upn=zVJ-2BNjPkqFpSt0ayH7Gewvqh8XTzmtNRSXPe5nfhXlEz71KNDkvv2-2BXQCqnSaDyFzgImTow2OgOTmZqcTb8a5-2BTLsDFf-2FUovKpi6yFShrxBAzcjmzKqIIb0gX-2BrNJ6e2ZU9S-2F1BrggCjcWcOkN-2FlfDHQbQqDSMLsASILoA3TlPvDfdLzHPCx2GIbeCdNQYGeQM6P-2Fj6s7UdJaqFfPuc09hpTg13UJaXMp-2FHFSqaxyDQ-3DeHFA_uAGIKxVHnzoGVmPcnUwHmTCWKFeJmcKv1qMae9d6gMIb-2FKIAktwsjTVzvmhdiEVpCTBK8ZxisRVuUKF3GfqcnuHbpNQHOjG-2BqFvLXmk6mlZYmDy6vBc9Sb1QfvspqtxfcXtw6msgAS53Fg8QJ-2FFnOn3KPAYdLD-2BmBrjgL868KsilZhDrT2s7SFIvNE99uDmbxb2ZEYPsYvrVoKAegxLrwDwuXAjlQDhoUXmKle9ulsM-3D HTTP 302
https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605 Page URL
https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605&useConfirm=true HTTP 302
https://www.therme.ro/mytherme/login?confirmedemail=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u26295333.ct.sendgrid.net/ls/click?upn=zVJ-2BNjPkqFpSt0ayH7Gewvqh8XTzmtNRSXPe5nfhXlEz71KNDkvv2-2BXQCqnSaDyFzgImTow2OgOTmZqcTb8a5-2BTLsDFf-2FUovKpi6yFShrxBAzcjmzKqIIb0gX-2BrNJ6e2ZU9S-2F1BrggCjcWcOkN-2FlfDHQbQqDSMLsASILoA3TlPvDfdLzHPCx2GIbeCdNQYGeQM6P-2Fj6s7UdJaqFfPuc09hpTg13UJaXMp-2FHFSqaxyDQ-3DeHFA_uAGIKxVHnzoGVmPcnUwHmTCWKFeJmcKv1qMae9d6gMIb-2FKIAktwsjTVzvmhdiEVpCTBK8ZxisRVuUKF3GfqcnuHbpNQHOjG-2BqFvLXmk6mlZYmDy6vBc9Sb1QfvspqtxfcXtw6msgAS53Fg8QJ-2FFnOn3KPAYdLD-2BmBrjgL868KsilZhDrT2s7SFIvNE99uDmbxb2ZEYPsYvrVoKAegxLrwDwuXAjlQDhoUXmKle9ulsM-3D HTTP 302
https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605

66 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

confirm
www.therme.ro/mytherme/
Redirect Chain

https://u26295333.ct.sendgrid.net/ls/click?upn=zVJ-2BNjPkqFpSt0ayH7Gewvqh8XTzmtNRSXPe5nfhXlEz71KNDkvv2-2BXQCqnSaDyFzgImTow2OgOTmZqcTb8a5-2BTLsDFf-2FUovKpi6yFShrxBAzcjmzKqIIb0gX-2BrNJ6e2ZU9S-2F1Brgg...
https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605

408 B
410 B

302ms
61ms

Document
text/html

40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Mon, 16 May 2022 16:03:14 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Mon, 16 May 2022 16:03:14 GMT
Location: https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2

200

Primary Request login Show response
www.therme.ro/mytherme/
Redirect Chain

https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605&useConfirm=true
https://www.therme.ro/mytherme/login?confirmedemail=false

81 KB
15 KB

367ms
366ms

Document
text/html

40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/mytherme/login?confirmedemail=false

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f35478e53e4e7faeb6c2b37a9e24a1c40b8a0b481072029b5077758f2a521da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 16 May 2022 16:03:14 GMT
pragma: no-cache
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

date: Mon, 16 May 2022 16:03:14 GMT
location: /mytherme/login?confirmedemail=false
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000

GET
H2 200 bundle.min.css
www.therme.ro/assets/css/ 572 KB
129 KB 16ms
15ms Stylesheet
text/css 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/css/bundle.min.css?v=M0O7Kiu2cW70zYmsAq5RIgQ4U3-iIVMDdismtGSewAY

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3343bb2a2bb6716ef4cd89ac02ae51220438537fa2215303762b26b4649ec006

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
last-modified: Wed, 11 May 2022 02:27:03 GMT
server: Microsoft-IIS/10.0
etag: "1d864de99925a49"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes

GET
H2 200 bundle.head.min.js Show response
www.therme.ro/assets/js/ 90 KB
40 KB 16ms
13ms Script
application/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/js/bundle.head.min.js?v=iPpQnsCr29tvFvWYCpM2EvLAHRhB2jGE4WpB0r6p3Ms

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

88fa509ec0abdbdb6f16f5980a933612f2c01d1841da3184e16a41d2bea9dccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
last-modified: Fri, 15 Apr 2022 09:31:16 GMT
server: Microsoft-IIS/10.0
etag: "1d850ab8e09adc1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;800;900&display=swap

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4920678309737863be7aec7ac0b0cb7ae84a3980a024e9435d61bef82dfae73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 May 2022 16:03:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 16 May 2022 16:03:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 May 2022 16:03:15 GMT

GET
H2 200 stylesheet
www.therme.ro/interface/ 430 B
312 B 65ms
62ms Stylesheet
text/css 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/interface/stylesheet

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c9cf4a0e025915d95f286fe23ebea3d608be5cf7cbaad882383e91d0cfde46b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8

GET
H2 200 script Show response
www.therme.ro/interface/ 476 B
537 B 64ms
60ms Script
text/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/interface/script

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

786858f6d21ded403b307aca0b0e112815f92c20b707f00c8ba78b6f9ab9d5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
date: Mon, 16 May 2022 16:03:14 GMT
content-length: 476
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK webchat.js Show response
studio.wisevoice.ai/ 484 KB
485 KB 277ms
58ms Script
application/javascript 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://studio.wisevoice.ai/webchat.js
Requested by: Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 47688e2a21cebac4d06fb8df106ee2ca4932211be69d32dba83fa04f876b7354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 16:03:16 GMT
Last-Modified: Mon, 16 May 2022 12:52:47 GMT
Server: nginx
ETag: "6282491f-791e2"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 496098

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 96 KB
29 KB 79ms
20ms Script
application/javascript 2a02:26f0:6c00::210:ba83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fae0b8f255ca326bdbbafdffae74342b6eac771ef68a71072ec1eacb70dcd39a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:15 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 08:34:39 GMT
etag: "35be1ac8ff68d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=976
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 29783
expires: Mon, 16 May 2022 16:19:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 80ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6WEM8EYME

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ab508a5581059413c41f13293e0cb9283148dac0d1b0e04991e5a95fa07189b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69729
x-xss-protection: 0
expires: Mon, 16 May 2022 16:03:15 GMT

GET
H2 200 mob-nav.svg
www.therme.ro/assets/media/icons/ 674 B
729 B 20ms
16ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/mob-nav.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ad774f425ebfdb0304a196cef1dfbee44810a953b2ec058dfe69a167e55d3b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:43 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f18e5322"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 674

GET
H2 200 discount.svg
www.therme.ro/assets/media/icons/ 2 KB
2 KB 20ms
16ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/discount.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

03672dff6454fdd96f5e94f8d2288c88bf07d4b3216dfcf635dee3d40a0a474d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:43 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f18e59e3"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 2147

GET
H2 200 discount-star.svg
www.therme.ro/assets/media/icons/ 2 KB
2 KB 21ms
18ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/discount-star.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3262c39dd5df2afd659f183de528537a778632ec69df4c804907f5532896cdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:43 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f18e5706"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 1670

GET
H2 200 shopping-bag-login.svg
www.therme.ro/assets/media/icons/ 2 KB
2 KB 19ms
15ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/shopping-bag-login.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a49e4ae49780d0f8c0e6f6764d31ed50db5c0201153652cfe72f82d12ea855a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:44 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f226ef13"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 1811

GET
H2 200 login.css
www.therme.ro/assets/css/pages/ 1 KB
638 B 246ms
242ms Stylesheet
text/css 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/css/pages/login.css?v=sg19wdyW3fY2LZ7bQOagRbDtK8Tl0fC8sSpfd1YnfAo

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4449b332a843ed7e59f0ea9180c2cefabb0a6133f4241265e60bd6d1582fcc53

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
last-modified: Fri, 21 May 2021 05:04:51 GMT
server: Microsoft-IIS/10.0
etag: "1d74dfed4539ee5"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes

GET
H2 200 login.js Show response
www.therme.ro/assets/js/pages/ 6 KB
2 KB 16ms
14ms Script
application/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/js/pages/login.js?v=OLus-7rJhPBXttAKqDFddF_titegfBDWmoCXDJRoWTs

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

38bbacfbbac984f057b6d00aa8315d745fed8ad7a07c10d69a80970c9468593b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
last-modified: Mon, 18 Oct 2021 03:22:56 GMT
server: Microsoft-IIS/10.0
etag: "1d7c3cf71773186"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes

GET
H2 200 facebook.svg
www.therme.ro/assets/media/icons/ 3 KB
3 KB 20ms
17ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/facebook.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b611288afbd675f584800f9c5c9543e0099e2a984a8c08e0c8cc8a2a23078956

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:43 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f18e5a76"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 3062

GET
H2 200 instagram.svg
www.therme.ro/assets/media/icons/ 3 KB
3 KB 21ms
17ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/instagram.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

bf19726495a91a78d4100406bddcc70d684e0924ec20a5e442d625aa2b6bae02

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:43 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f18e5a9f"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 2847

GET
H2 200 pinterest.svg
www.therme.ro/assets/media/icons/ 4 KB
4 KB 21ms
18ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/pinterest.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b3ca0827e24c152c631594d805d8e7a115b74d787cefd5ca2e4fd89ba655f34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:44 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f226e686"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 3718

GET
H2 200 youtube.svg
www.therme.ro/assets/media/icons/ 3 KB
3 KB 21ms
18ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/icons/youtube.svg

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d30c562699c8be32d4fc99843139afcb30a4647bcd2029bd213a6188a9a81cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:44 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f226e3c5"
content-type: image/svg+xml
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes
content-length: 3013

GET
H2 200 jsresources Show response
www.therme.ro/interface/ 12 KB
12 KB 90ms
90ms Script
text/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/interface/jsresources

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9ad256162cde1d65740e76eac625ec3359a8e6b790291f64cf7aa88288c4c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
cache-control: no-store
server: Microsoft-IIS/10.0
date: Mon, 16 May 2022 16:03:14 GMT
content-length: 12187
content-type: text/javascript; charset=utf-8

GET
H2 200 bundle.min.js Show response
www.therme.ro/assets/js/ 993 KB
356 KB 17ms
13ms Script
application/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/js/bundle.min.js?v=XouO_MJyud5rtTwPrC7VmwijjMNS55AA8iexumQ2kpM

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5e8b8efcc272b9de6bb53c0fac2ed59b08a38cc352e79000f227b1ba64369293

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
last-modified: Wed, 11 May 2022 02:27:03 GMT
server: Microsoft-IIS/10.0
etag: "1d864de999531eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:14 GMT
accept-ranges: bytes

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 105ms
44ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c973bdd65f848dff89ec0cbee8716a2449fe526c0b630d5a0e23ab350d8db2ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'none'; style-src 'unsafe-inline'
content-encoding: gzip
Age: 32
Connection: keep-alive
X-Served-By: cache-hhn4055-HHN
X-Timer: S1652716963.048787,VS0,VE0
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Cache-Hits: 302
x-varnish-cache: 0
Date: Mon, 16 May 2022 16:03:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: HIT
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host: player-v078-799f9
x-vserver: playproxy-prod-varnish-10
Content-Length: 5969
x-xss-protection: 1; mode=block
X-Player-Backend: p
Last-Modified: Mon, 16 May 2022 16:02:43 GMT
Server: cloudflare
x-backend-proxy: playproxy11
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Mon, 16 May 2022 16:02:57 GMT
x-bapp-server: player-v078-799f9
Accept-Ranges: bytes
CF-RAY: 70c557a82f1d68ec-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 106ms
46ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a0de96edd269b462677718d11e8f5f9548eb683ae07234e891e8e03ba1aeadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 16 May 2022 16:03:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
51 KB 104ms
53ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T47XNR9

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/interface/script

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfcb1a9caa92c9e18a0f5e721cd7a89a2c5e7674a8bc92b9c013d045b54ec79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52222
x-xss-protection: 0
last-modified: Mon, 16 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 May 2022 16:03:15 GMT

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/9ccf7d5d-acb2-48e3-8097-d93ee63d8477/therme.ro/ 1 KB
777 B 47ms
12ms Script
application/x-javascript 2a02:26f0:7100:194::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/9ccf7d5d-acb2-48e3-8097-d93ee63d8477/therme.ro/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:194::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ddd0685da2fc894d015146cae271a1df1d01dfb4513eba919329fb5a413b9499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:15 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 22:54:43 GMT
server: AkamaiNetStorage
etag: "576fee5790dc241ebe669825d054645c:1651618483.580813"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=78276
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 499
expires: Tue, 17 May 2022 13:47:51 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/9ccf7d5d-acb2-48e3-8097-d93ee63d8477/ 252 KB
61 KB 62ms
60ms Script
application/x-javascript 2a02:26f0:6c00::210:ba83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/9ccf7d5d-acb2-48e3-8097-d93ee63d8477/cc.js?renew=false&referer=www.therme.ro&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 16c6eeef0b077896fec800162fffa0c5f6ab000ddb91a18fd713ab1dd2d816da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:15 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 16:03:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
content-length: 62071
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 7930188a-6a9d-4fd6-b11c-55d3b87d60cc
cdn.mytherme.app/serve/ 30 KB
12 KB 202ms
68ms Image
image/svg+xml 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mytherme.app/serve/7930188a-6a9d-4fd6-b11c-55d3b87d60cc

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a73c41624f2e8ceb3a435c9a7419a62700292ce78d2879383f9c803ddbb88be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
server: Microsoft-IIS/10.0
date: Mon, 16 May 2022 16:03:16 GMT
content-type: image/svg+xml
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 12329

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 144ms
39ms Font
font/woff2 2a00:1450:400f:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therme.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:15:10 GMT
x-content-type-options: nosniff
age: 514085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 17:15:10 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v24/ 25 KB
25 KB 179ms
81ms Font
font/woff2 2a00:1450:400f:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therme.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:23:53 GMT
x-content-type-options: nosniff
age: 513562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25088
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:38:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 17:23:53 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 863B 627 B
692 B 12ms
12ms Document
text/html 2a02:26f0:7100:194::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:194::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://www.therme.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31446011
content-encoding: gzip
content-length: 392
content-type: text/html
date: Mon, 16 May 2022 16:03:15 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Mon, 15 May 2023 15:03:26 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6WEM8EYME&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T47XNR9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0349fd8dbf729a9af46a34e467094d991dc7ad0c5e1ff250aabb614d8a614186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69795
x-xss-protection: 0
expires: Mon, 16 May 2022 16:03:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
20ms Script
text/javascript 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T47XNR9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6773
date: Mon, 16 May 2022 14:10:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 16 May 2022 16:10:23 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 90ms
49ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T47XNR9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 May 2022 16:03:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 38ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/confirm?iv=1AY%2FpPJfOHIHi%2FGjR33EyQ%3D%3D&payload=FL%2F9o7B%2Bi10%2B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%3D&validation=1652712605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: tpiRzmekiaNVBwhNfQHtKtO6oxuCy5bP+mjU3rj+pJVuc130oBnmMfWaeZuGRdk4CpW73sntYj0gFMM0SxGB7A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 16 May 2022 16:03:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18482f22c725f84fab9f991e5a470c1fe551e9c0c29af6701d5f52b4cd446e02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 656513192307405 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 68ms
59ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/656513192307405?v=2.9.59&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad337b99f08a5ed4caee73c5330196e6cf8596672914668313e1126c213072c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: MTM4zbY4OSSmkXAUSgynjAHFJKrvthAj7qQ5VE35juzDhId+4x344rdZtNfjO/fYt3TMiMsXSr+cAq502wtjXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 16 May 2022 16:03:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1652716996153
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 100ms
48ms XHR
text/plain 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1965261359&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&ul=en-us&de=UTF-8&dt=Autentificare%20%7C%20Therme%20Bucure%C8%99ti&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1811997818&gjid=1500172928&cid=1209808699.1652716995&tid=UA-197036762-1&_gid=720051893.1652716995&_r=1&gtm=2wg5b0T47XNR9&z=1558583571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therme.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therme.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10793989517/ 3 KB
2 KB 71ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10793989517/?random=1652716995201&cv=9&fst=1652716995201&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&ref=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Fconfirm%3Fiv%3D1AY%252FpPJfOHIHi%252FGjR33EyQ%253D%253D%26payload%3DFL%252F9o7B%252Bi10%252B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%253D%26validation%3D1652712605&tiba=Autentificare%20%7C%20Therme%20Bucure%C8%99ti&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

603c494cf9b73b5479758cee3fc1a085294bbfb66926e63f941d74de23f1a34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1162
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
37ms Ping
text/plain 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H6WEM8EYME&gtm=2oe5b0&_p=1965261359&_z=ccd.tbB&cid=1209808699.1652716995&ul=en-us&sr=1600x1200&_s=1&sid=1652716995&sct=1&seg=0&dl=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&dr=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Fconfirm%3Fiv%3D1AY%252FpPJfOHIHi%252FGjR33EyQ%253D%253D%26payload%3DFL%252F9o7B%252Bi10%252B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%253D%26validation%3D1652712605&dt=Autentificare%20%7C%20Therme%20Bucure%C8%99ti&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6WEM8EYME&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therme.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 88ms
16ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-197036762-1&cid=1209808699.1652716995&jid=1811997818&gjid=1500172928&_gid=720051893.1652716995&_u=YEBAAEAAAAAAAC~&z=1146720738

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therme.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 16 May 2022 16:03:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.therme.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 64ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=656513192307405&ev=PageView&dl=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&rl=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Fconfirm%3Fiv%3D1AY%252FpPJfOHIHi%252FGjR33EyQ%253D%253D%26payload%3DFL%252F9o7B%252Bi10%252B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%253D%26validation%3D1652712605&if=false&ts=1652716995337&sw=1600&sh=1200&v=2.9.59&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1652716995334.1482485373&it=1652716995163&coo=false&rqm=GET

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 16 May 2022 16:03:16 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame BBBE 2 KB
550 B 54ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 May 2022 15:40:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 16 May 2022 16:03:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 May 2022 16:03:16 GMT

GET
H3 200 icon
fonts.googleapis.com/ Frame BBBE 569 B
367 B 62ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 May 2022 16:03:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 16 May 2022 16:03:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 May 2022 16:03:16 GMT

GET
H/1.1 200
OK registerAnonymous Show response
builder.wisevoice.ai/api/ 1 KB
2 KB 2300ms
2133ms XHR
application/json 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://builder.wisevoice.ai/api/registerAnonymous?channel=web&clientKey=9276322c1171a2b68cf9&projectId=361
Requested by: Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PHP/8.0.7
Resource Hash: e774650dcb38961fc73d39d84f4cdde6f5325d04cab53fd336f8a6878e2b6452

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therme.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 16:03:18 GMT
Server: nginx
X-Powered-By: PHP/8.0.7
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
X-RateLimit-Remaining: 599
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 600
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 /
www.google.com/pagead/1p-user-list/10793989517/ 42 B
548 B 174ms
28ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10793989517/?random=1652716995201&cv=9&fst=1652716800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&ref=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Fconfirm%3Fiv%3D1AY%252FpPJfOHIHi%252FGjR33EyQ%253D%253D%26payload%3DFL%252F9o7B%252Bi10%252B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%253D%26validation%3D1652712605&tiba=Autentificare%20%7C%20Therme%20Bucure%C8%99ti&async=1&fmt=3&is_vtc=1&random=3153895937&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10793989517/ 42 B
548 B 171ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10793989517/?random=1652716995201&cv=9&fst=1652716800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&ref=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Fconfirm%3Fiv%3D1AY%252FpPJfOHIHi%252FGjR33EyQ%253D%253D%26payload%3DFL%252F9o7B%252Bi10%252B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%253D%26validation%3D1652712605&tiba=Autentificare%20%7C%20Therme%20Bucure%C8%99ti&async=1&fmt=3&is_vtc=1&random=3153895937&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 180ms
38ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-197036762-1&cid=1209808699.1652716995&jid=1811997818&_u=YEBAAEAAAAAAAC~&z=1287643298

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 190ms
50ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-197036762-1&cid=1209808699.1652716995&jid=1811997818&_u=YEBAAEAAAAAAAC~&z=1287643298

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/mytherme/login?confirmedemail=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6WEM8EYME

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

963e28e94b5dc24e76cac8694ad17d33056856a25614fb6d5c23fccbc7a5ec12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69794
x-xss-protection: 0
expires: Mon, 16 May 2022 16:03:16 GMT

GET
H2 200 login.js Show response
www.therme.ro/assets/js/pages/ 6 KB
2 KB 15ms
15ms Script
application/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/js/pages/login.js?v=OLus-7rJhPBXttAKqDFddF_titegfBDWmoCXDJRoWTs

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

38bbacfbbac984f057b6d00aa8315d745fed8ad7a07c10d69a80970c9468593b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
last-modified: Mon, 18 Oct 2021 03:22:56 GMT
server: Microsoft-IIS/10.0
etag: "1d7c3cf71773186"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:16 GMT
accept-ranges: bytes

GET
H2 200 jsresources Show response
www.therme.ro/interface/ 12 KB
12 KB 85ms
85ms Script
text/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/interface/jsresources

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9ad256162cde1d65740e76eac625ec3359a8e6b790291f64cf7aa88288c4c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
cache-control: no-store
server: Microsoft-IIS/10.0
date: Mon, 16 May 2022 16:03:16 GMT
content-length: 12187
content-type: text/javascript; charset=utf-8

GET
H2 200 bundle.min.js Show response
www.therme.ro/assets/js/ 993 KB
356 KB 15ms
15ms Script
application/javascript 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/js/bundle.min.js?v=XouO_MJyud5rtTwPrC7VmwijjMNS55AA8iexumQ2kpM

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5e8b8efcc272b9de6bb53c0fac2ed59b08a38cc352e79000f227b1ba64369293

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
last-modified: Wed, 11 May 2022 02:27:03 GMT
server: Microsoft-IIS/10.0
etag: "1d864de999531eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:16 GMT
accept-ranges: bytes

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=656513192307405&ev=Microdata&dl=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&rl=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Fconfirm%3Fiv%3D1AY%252FpPJfOHIHi%252FGjR33EyQ%253D%253D%26payload%3DFL%252F9o7B%252Bi10%252B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%253D%26validation%3D1652712605&if=false&ts=1652716995840&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Autentificare%20%7C%20Therme%20Bucure%C8%99ti%22%2C%22meta%3Akeywords%22%3A%22login%2C%20mytherme%22%2C%22meta%3Adescription%22%3A%22Autentificare%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Autentificare%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.mytherme.app%2Fserve%2F31ed4a6b-ff6f-46eb-bbd9-27c5839624fd%22%2C%22og%3Atitle%22%3A%22Autentificare%20%7C%20Therme%20Bucure%C8%99ti%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.59&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1652716995334.1482485373&it=1652716995163&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:03:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 16 May 2022 16:03:16 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 28ms
27ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c973bdd65f848dff89ec0cbee8716a2449fe526c0b630d5a0e23ab350d8db2ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'none'; style-src 'unsafe-inline'
content-encoding: gzip
Age: 33
Connection: keep-alive
X-Served-By: cache-hhn4055-HHN
X-Timer: S1652716963.048787,VS0,VE0
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Cache-Hits: 302
x-varnish-cache: 0
Date: Mon, 16 May 2022 16:03:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: HIT
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host: player-v078-799f9
x-vserver: playproxy-prod-varnish-10
Content-Length: 5969
x-xss-protection: 1; mode=block
X-Player-Backend: p
Last-Modified: Mon, 16 May 2022 16:02:43 GMT
Server: cloudflare
x-backend-proxy: playproxy11
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Mon, 16 May 2022 16:02:57 GMT
x-bapp-server: player-v078-799f9
Accept-Ranges: bytes
CF-RAY: 70c557ae8c2b68ec-FRA

GET
H2 200 login.png
www.therme.ro/assets/media/bg/ 735 KB
735 KB 16ms
16ms Image
image/png 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therme.ro/assets/media/bg/login.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e1cedbe17285c1c0b23be90d46122fb5ffc2cfea487e7f28856ba53a35d2d812

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/mytherme/login?confirmedemail=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 17 Jul 2020 03:55:31 GMT
server: Microsoft-IIS/10.0
etag: "1d65bee1d8180b9"
content-type: image/png
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:16 GMT
accept-ranges: bytes
content-length: 752441

GET
DATA 200
OK truncated
/ 264 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 167e05aede398b3806eb02f42a751c57e63f2429cb9746d6f3622f410003588f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cdfd1159-751e-4bd1-9724-baf560bb0b5d
cdn.mytherme.app/serve/ 17 KB
17 KB 76ms
76ms Image
image/webp 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mytherme.app/serve/cdfd1159-751e-4bd1-9724-baf560bb0b5d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f0b9fc3193debb027f8744bae6f21dd04bedfd171c71f65528b8bae9fb40050c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
server: Microsoft-IIS/10.0
date: Mon, 16 May 2022 16:03:16 GMT
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 17840

GET
H2 200 Flaticon.woff
www.therme.ro/assets/fonts/ 45 KB
45 KB 15ms
15ms Font
application/font-woff 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/fonts/Flaticon.woff

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/assets/css/bundle.min.css?v=M0O7Kiu2cW70zYmsAq5RIgQ4U3-iIVMDdismtGSewAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7a7199005043ac1ec1585bf43679e722c6b678612c69cddc1c327011543c65f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.therme.ro/assets/css/bundle.min.css?v=M0O7Kiu2cW70zYmsAq5RIgQ4U3-iIVMDdismtGSewAY
Origin: https://www.therme.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Fri, 19 Jun 2020 08:23:41 GMT
server: Microsoft-IIS/10.0
etag: "1d64612f05d968c"
content-type: application/font-woff
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:16 GMT
accept-ranges: bytes
content-length: 45580

GET
H2 200 fa-light-300.woff2
www.therme.ro/assets/fonts/ 181 KB
182 KB 16ms
15ms Font
font/woff2 40.118.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therme.ro/assets/fonts/fa-light-300.woff2

Requested by

Host: www.therme.ro
URL: https://www.therme.ro/assets/css/bundle.min.css?v=M0O7Kiu2cW70zYmsAq5RIgQ4U3-iIVMDdismtGSewAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.82.172 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b1a5b8d96b8e8792ac50f6f4ad4d8051ade721c69a5fec310378155681d110b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.therme.ro/assets/css/bundle.min.css?v=M0O7Kiu2cW70zYmsAq5RIgQ4U3-iIVMDdismtGSewAY
Origin: https://www.therme.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Sun, 25 Oct 2020 17:32:38 GMT
server: Microsoft-IIS/10.0
etag: "1d6aaf4d53aaa70"
content-type: font/woff2
cache-control: public,max-age=31536000
date: Mon, 16 May 2022 16:03:17 GMT
accept-ranges: bytes
content-length: 185712

GET
H/1.1 200
OK / Show response
builder.wisevoice.ai/socket.io/ 97 B
293 B 170ms
101ms XHR
text/plain 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://builder.wisevoice.ai:8102/socket.io/?EIO=4&transport=polling&t=O3Dd0ns
Requested by: Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 30c3d072e16fec72f50019fc4b64c48230ce8e56df04b06f9db9cd804f15d6a6

Request headers

Accept: */*
Referer: https://www.therme.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 May 2022 16:03:18 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 97
Content-Type: text/plain; charset=UTF-8

OPTIONS
H/1.1 200
OK getWebDataForApiUsers
builder.wisevoice.ai/api/project/integration/ Frame 0
0 137ms
137ms Preflight
text/html 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://builder.wisevoice.ai/api/project/integration/getWebDataForApiUsers
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PHP/8.0.10
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.therme.ro
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 16 May 2022 16:03:18 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.10

POST
H/1.1 200
OK getWebDataForApiUsers Show response
builder.wisevoice.ai/api/project/integration/ 283 B
789 B 190ms
189ms XHR
application/json 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://builder.wisevoice.ai/api/project/integration/getWebDataForApiUsers
Requested by: Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / PHP/8.0.7
Resource Hash: 4d67aa4d6929ffd02e71b2fd8ae2d01a9fa81903def6401c61b873f79951020a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therme.ro/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIzIiwianRpIjoiNDZmZGI5NDIyNTYyZTlkZGFiNWM1ZGQzYzUzYzdiNzE5NTM5ZTFmYzdjZmU1ZjZlNDE5ODBmZjc0MTQwMTQzZWIxMTcwNTEyN2JlMGM1OTgiLCJpYXQiOjE2NTI3MTY5OTguNjA1MTM5LCJuYmYiOjE2NTI3MTY5OTguNjA1MTQzMSwiZXhwIjoxNjg0MjUyOTk4LjU5MzU4NSwic3ViIjoiMjkzNDc5MCIsInNjb3BlcyI6W119.EAJUiFHAb4riPFeOD720fLZWgBZXwyHt5JT8v76gw3y2IxsHj_luDGR9-mU9dOXeWWapGVvr0QJISNY4i1TvbzXGJvGGo1WWkZ786vBrPRp1P73a6p7c-8ByYYV2lTnw3Ee-ll3K7KiJcxDDFa1bIDKS45349tIBeq-eTzzyvJj63gt4nfTAIA7IVHXuOB27at_z-6Doh8r_-hB6xl_qFLqGhQYtIQh-8WWFAhjJCBLwnpU30roqAqzjjtIdntlb3oBmLpuMC-85UTs8YydbFk6gOr0bUynk6rZUOSfxYOaTUf3zdSArveBmmNrTTSd7g94gNfMg9_Bs374rTx1jpzkm3sdX3xFx6iPgvebBLEej1HfEDq45LNluCv1xdtWFusoj1I9gDBurlZBpDsYYFLpZ99-JFcQESnNbG6IuAV545_wsb_H7UEeVFun3_41v-iSFmKgxB2pAQIjMfeSK8mt_hl0S44ATZcAz3kYOm9tugQcbLvV9JzNGqMIe5fO_yTBnVb5kv6hbTIYLRyt5VLgYx1lVYfVQEfP8f1X1s2RsiuMOIQiSyjJCNzQNq5Bfsh9oirV5dM3_zQ3EBheMTzcuv3WtplgjblU3jf5H9pHfB7LaxZt2hwfk7CQ4bWZQ_oy0PCf6hAFFNxBnlwmQaJjKAReexNRnc2SXiB56kFU
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 16 May 2022 16:03:18 GMT
Server: nginx
X-Powered-By: PHP/8.0.7
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
X-RateLimit-Remaining: 598
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 600
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

POST
H/1.1 200
OK / Show response
builder.wisevoice.ai/socket.io/ 2 B
181 B 29ms
29ms XHR
text/html 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://builder.wisevoice.ai:8102/socket.io/?EIO=4&transport=polling&t=O3Dd0qc&sid=IM8_mg99_l4B0QnYADdp
Requested by: Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.therme.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 May 2022 16:03:18 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 2
Content-Type: text/html

GET
H/1.1 200
OK / Show response
builder.wisevoice.ai/socket.io/ 32 B
228 B 59ms
30ms XHR
text/plain 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://builder.wisevoice.ai:8102/socket.io/?EIO=4&transport=polling&t=O3Dd0qe&sid=IM8_mg99_l4B0QnYADdp
Requested by: Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 36afb70af9e297325f7fce522060c0d9cfba69f3e4e6d594535158e8be46cbea

Request headers

Accept: */*
Referer: https://www.therme.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 May 2022 16:03:18 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 32
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK / Show response
builder.wisevoice.ai/socket.io/ 24 B
220 B 102ms
102ms XHR
text/plain 52.169.249.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://builder.wisevoice.ai:8102/socket.io/?EIO=4&transport=polling&t=O3Dd0s1&sid=IM8_mg99_l4B0QnYADdp
Requested by: Host: studio.wisevoice.ai
URL: https://studio.wisevoice.ai/webchat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.169.249.214 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 28ec67a63f9ddc239215230a84ed483a3200af428f9588d77e8aa0e5273cae3d

Request headers

Accept: */*
Referer: https://www.therme.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 May 2022 16:03:19 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 24
Content-Type: text/plain; charset=UTF-8

GET
H2 200 chatbot%20icon%20final.svg
storage.googleapis.com/wisevoice-static/ Frame BBBE 2 KB
2 KB 83ms
16ms Image
image/svg+xml 2a00:1450:4001:800::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/wisevoice-static/chatbot%20icon%20final.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4b821ec7fe6e9ab8aaada0f0b2f3dd37d139f7161c99be1d76da0db39841fb35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 15:39:46 GMT
age: 1413
x-guploader-uploadid: ADPycdsfrqorJn_FuUp2HE842c5DxdEkLHu8wIj_QfXDjevMjWErJykhCNvSNK4Q6hqS6yGRr-Ot2aOe-nys8Y7LLw7Hnw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
last-modified: Fri, 17 Dec 2021 13:52:25 GMT
server: UploadServer
etag: "0e3cf08d3255bf09733053fe894bcce4"
x-goog-hash: crc32c=uge0PQ==, md5=DjzwjTJVvwlzMFP+iUvM5A==
x-goog-generation: 1639749145754830
cache-control: public, max-age=3600
x-goog-stored-content-length: 1720
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 16 May 2022 16:39:46 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 35ms
34ms Ping
text/plain 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H6WEM8EYME&gtm=2oe5b0&_p=1965261359&_z=ccd.tbB&cid=1209808699.1652716995&gdid=dMWZhNz&ul=en-us&sr=1600x1200&_s=2&sid=1652716995&sct=1&seg=0&dl=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Flogin%3Fconfirmedemail%3Dfalse&dr=https%3A%2F%2Fwww.therme.ro%2Fmytherme%2Fconfirm%3Fiv%3D1AY%252FpPJfOHIHi%252FGjR33EyQ%253D%253D%26payload%3DFL%252F9o7B%252Bi10%252B7Px8Hv7l7eqvDbpQVW0w4atPwBNJJRg%253D%26validation%3D1652712605&dt=Autentificare%20%7C%20Therme%20Bucure%C8%99ti&en=scroll&_et=19&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6WEM8EYME&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therme.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 16:03:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therme.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.therme.ro/	1970-01-20 03:06:43	Name: _language Value: ro
www.therme.ro/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.wWuVnv7P90g Value: CfDJ8KSD0flILiNGqC2fEhVkdKK1lE08_oFGTm2FdBAhHG5HD8bJDfWMemheYMAwMYXoC6zjkrsolnVr9mSiRwdIMyXOWKgE9VNMleZxziKM896sYhu7kezCXQTbu68A7Vm1roHXuUs9yeIzfE_6kvOCubE
.vimeo.com/	1970-01-20 03:05:18	Name: __cf_bm Value: JSarfiZOZpyXn6Ku0WVYVek9BsF7PhPNxsAAS9nv8GA-1652716995-0-ARzM5zhsKvC3Jpc+6h/EfrDs1ifF7a1vhKGtt45b3Uu6RCoIDwbL5Q4TY9vIpP5zf2wlXONfdr5bhcXSE7CgwE4=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: UdndO4IsIAY
.youtube.com/	1970-01-20 07:24:28	Name: VISITOR_INFO1_LIVE Value: xa98NcV6k6Q
.therme.ro/	1970-01-20 03:06:43	Name: _gid Value: GA1.2.720051893.1652716995
.therme.ro/	1970-01-20 03:05:17	Name: _gat_UA-197036762-1 Value: 1
.therme.ro/	1970-01-20 20:36:28	Name: _ga_H6WEM8EYME Value: GS1.1.1652716995.1.0.1652716995.0
.therme.ro/	1970-01-20 20:36:28	Name: _ga Value: GA1.1.1209808699.1652716995
.doubleclick.net/	1970-01-20 03:05:17	Name: test_cookie Value: CheckForPermission
.therme.ro/	1970-01-20 05:14:52	Name: _fbp Value: fb.1.1652716995334.1482485373

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://studio.wisevoice.ai/webchat.js(Line 2) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder.wisevoice.ai
cdn.mytherme.app
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
player.vimeo.com
stats.g.doubleclick.net
storage.googleapis.com
studio.wisevoice.ai
u26295333.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.therme.ro
www.youtube.com
142.250.185.130
162.159.128.61
167.89.123.122
2a00:1450:4001:800::2010
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:400c:c07::9d
2a00:1450:400f:802::2003
2a00:1450:4014:80f::200e
2a02:26f0:6c00::210:ba83
2a02:26f0:7100:194::f09
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
40.118.82.172
52.169.249.214
0349fd8dbf729a9af46a34e467094d991dc7ad0c5e1ff250aabb614d8a614186
03672dff6454fdd96f5e94f8d2288c88bf07d4b3216dfcf635dee3d40a0a474d
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
167e05aede398b3806eb02f42a751c57e63f2429cb9746d6f3622f410003588f
16c6eeef0b077896fec800162fffa0c5f6ab000ddb91a18fd713ab1dd2d816da
18482f22c725f84fab9f991e5a470c1fe551e9c0c29af6701d5f52b4cd446e02
2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28ec67a63f9ddc239215230a84ed483a3200af428f9588d77e8aa0e5273cae3d
30c3d072e16fec72f50019fc4b64c48230ce8e56df04b06f9db9cd804f15d6a6
3262c39dd5df2afd659f183de528537a778632ec69df4c804907f5532896cdef
3343bb2a2bb6716ef4cd89ac02ae51220438537fa2215303762b26b4649ec006
36afb70af9e297325f7fce522060c0d9cfba69f3e4e6d594535158e8be46cbea
38bbacfbbac984f057b6d00aa8315d745fed8ad7a07c10d69a80970c9468593b
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
4449b332a843ed7e59f0ea9180c2cefabb0a6133f4241265e60bd6d1582fcc53
47688e2a21cebac4d06fb8df106ee2ca4932211be69d32dba83fa04f876b7354
4920678309737863be7aec7ac0b0cb7ae84a3980a024e9435d61bef82dfae73f
4b821ec7fe6e9ab8aaada0f0b2f3dd37d139f7161c99be1d76da0db39841fb35
4d67aa4d6929ffd02e71b2fd8ae2d01a9fa81903def6401c61b873f79951020a
5e8b8efcc272b9de6bb53c0fac2ed59b08a38cc352e79000f227b1ba64369293
603c494cf9b73b5479758cee3fc1a085294bbfb66926e63f941d74de23f1a34a
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
786858f6d21ded403b307aca0b0e112815f92c20b707f00c8ba78b6f9ab9d5b9
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
7a7199005043ac1ec1585bf43679e722c6b678612c69cddc1c327011543c65f1
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88fa509ec0abdbdb6f16f5980a933612f2c01d1841da3184e16a41d2bea9dccb
963e28e94b5dc24e76cac8694ad17d33056856a25614fb6d5c23fccbc7a5ec12
9a0de96edd269b462677718d11e8f5f9548eb683ae07234e891e8e03ba1aeadd
9ab508a5581059413c41f13293e0cb9283148dac0d1b0e04991e5a95fa07189b
9ad256162cde1d65740e76eac625ec3359a8e6b790291f64cf7aa88288c4c9e8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a49e4ae49780d0f8c0e6f6764d31ed50db5c0201153652cfe72f82d12ea855a7
a73c41624f2e8ceb3a435c9a7419a62700292ce78d2879383f9c803ddbb88be3
ad337b99f08a5ed4caee73c5330196e6cf8596672914668313e1126c213072c7
ad774f425ebfdb0304a196cef1dfbee44810a953b2ec058dfe69a167e55d3b5e
b1a5b8d96b8e8792ac50f6f4ad4d8051ade721c69a5fec310378155681d110b8
b3ca0827e24c152c631594d805d8e7a115b74d787cefd5ca2e4fd89ba655f34c
b611288afbd675f584800f9c5c9543e0099e2a984a8c08e0c8cc8a2a23078956
bf19726495a91a78d4100406bddcc70d684e0924ec20a5e442d625aa2b6bae02
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c973bdd65f848dff89ec0cbee8716a2449fe526c0b630d5a0e23ab350d8db2ed
c9cf4a0e025915d95f286fe23ebea3d608be5cf7cbaad882383e91d0cfde46b0
d30c562699c8be32d4fc99843139afcb30a4647bcd2029bd213a6188a9a81cb3
ddd0685da2fc894d015146cae271a1df1d01dfb4513eba919329fb5a413b9499
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfcb1a9caa92c9e18a0f5e721cd7a89a2c5e7674a8bc92b9c013d045b54ec79c
e1cedbe17285c1c0b23be90d46122fb5ffc2cfea487e7f28856ba53a35d2d812
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e774650dcb38961fc73d39d84f4cdde6f5325d04cab53fd336f8a6878e2b6452
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b9fc3193debb027f8744bae6f21dd04bedfd171c71f65528b8bae9fb40050c
f35478e53e4e7faeb6c2b37a9e24a1c40b8a0b481072029b5077758f2a521da3
fae0b8f255ca326bdbbafdffae74342b6eac771ef68a71072ec1eacb70dcd39a

www.therme.ro Open in urlscan Pro 40.118.82.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

74 %IPv6

17 Domains

21 Subdomains

19 IPs

6 Countries

2998 kBTransfer

5943 kBSize

11 Cookies

16 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.therme.ro Open in urlscan Pro
40.118.82.172 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

21
Subdomains

19
IPs

6
Countries

2998 kB
Transfer

5943 kB
Size

11
Cookies

66 HTTP transactions
3 data transactions