urlscan.io logo urlscan.io
SecurityTrails logo

thermes.eu Open in urlscan Pro
104.223.37.154  Public Scan

Go To Rescan Add Verdict Report
URL: http://thermes.eu/
Submission: On December 03 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.223.37.154, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is thermes.eu.
This is the only time thermes.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    104.223.37.154 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
thermes.eu
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 thermes.eu
thermes.eu
171 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
281 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
967 B
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
43 KB
15 4
Domain Requested by
6 thermes.eu thermes.eu
3 www.google.com thermes.eu
www.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com thermes.eu
1 fonts.googleapis.com ajax.googleapis.com
1 www.gstatic.com www.google.com
15 6

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://thermes.eu/
Frame ID: 785ED97F193EC7C255D5E4F526033F88
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjrXsUAAAAACEwuVrQFvkM-TphZAjPNqBG9SD7&co=aHR0cDovL3RoZXJtZXMuZXU6ODA.&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=bi4gscwg5gcz
Frame ID: A4751A150B2FE909F848709BECBC9C19
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdjrXsUAAAAACEwuVrQFvkM-TphZAjPNqBG9SD7
Frame ID: 44D6ED10A6A2FE7ABED8FB14DA943F1A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

thermes.eu is for sale !!

Page URL History Show full URLs

  1. http://thermes.eu/ HTTP 307
    https://thermes.eu/ HTTP 307
    http://thermes.eu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

15
Requests

33 %
HTTPS

83 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

497 kB
Transfer

964 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thermes.eu/ HTTP 307
    https://thermes.eu/ HTTP 307
    http://thermes.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP 307
  • https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Request Chain 10
  • http://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 HTTP 307
  • https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thermes.eu/
Redirect Chain
  • http://thermes.eu/
  • https://thermes.eu/
  • http://thermes.eu/
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://thermes.eu/
Protocol
HTTP/1.1
Server
104.223.37.154 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
06909bd55eaf7af249d5200041aebddcc43f2ab42119638d978bd214a53ed89d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
close
Content-Length
6847
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Dec 2024 07:06:45 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16

Redirect headers

Location
http://thermes.eu/
Non-Authoritative-Reason
HttpsUpgrades
screen.css
thermes.eu/assets/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://thermes.eu/assets/css/screen.css
Requested by
Host: thermes.eu
URL: http://thermes.eu/
Protocol
HTTP/1.1
Server
104.223.37.154 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
3ac632640825bdc160294f59661bd95d460c7d9f1bd5392c217d30fabde55a81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

Content-Encoding
gzip
ETag
"9583-57b05dd6526c0-gzip"
Connection
close
Accept-Ranges
bytes
Content-Length
8245
Date
Tue, 03 Dec 2024 07:06:46 GMT
Last-Modified
Mon, 19 Nov 2018 15:06:43 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
Content-Type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: thermes.eu
URL: http://thermes.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

content-encoding
gzip
age
467003
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 21:23:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 21:23:23 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33507
x-xss-protection
0
server
sffe
plugins.js
thermes.eu/assets/js/vendor/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://thermes.eu/assets/js/vendor/plugins.js
Requested by
Host: thermes.eu
URL: http://thermes.eu/
Protocol
HTTP/1.1
Server
104.223.37.154 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
4833bce44ff74a35b4071581fd9a3f5f82a91b261903ed91ad3ca3499b90974d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

Content-Encoding
gzip
ETag
"8f75-57890ea9998a7-gzip"
Connection
close
Accept-Ranges
bytes
Content-Length
12319
Date
Tue, 03 Dec 2024 07:06:46 GMT
Last-Modified
Fri, 19 Oct 2018 08:44:50 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
Content-Type
application/javascript
main.js
thermes.eu/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://thermes.eu/assets/js/main.js
Requested by
Host: thermes.eu
URL: http://thermes.eu/
Protocol
HTTP/1.1
Server
104.223.37.154 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
c5ff4fcdbd03541d67ae86797ed3202f4b9e91bd8e600b7999579f854815b1c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

Content-Encoding
gzip
ETag
"1298-57cd1d4f2568d-gzip"
Connection
close
Accept-Ranges
bytes
Content-Length
1704
Date
Tue, 03 Dec 2024 07:06:46 GMT
Last-Modified
Wed, 12 Dec 2018 11:52:26 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
Content-Type
application/javascript
api.js
www.google.com/recaptcha/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: thermes.eu
URL: http://thermes.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0c5f3bd0d8aaaa58b9b5c76863bd8e34a1814eda4054bc501dc42e4cc5ebd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 07:06:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 03 Dec 2024 07:06:46 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Requested by
Host: thermes.eu
URL: http://thermes.eu/
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

Content-Encoding
gzip
Age
50105
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
X-Content-Type-Options
nosniff
Expires
Tue, 02 Dec 2025 17:11:41 GMT
Date
Mon, 02 Dec 2024 17:11:41 GMT
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Content-Type
text/javascript; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Cross-Origin-Resource-Policy
cross-origin
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
6490
X-XSS-Protection
0
Server
sffe
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
http://thermes.eu
Referer
http://thermes.eu/

Response headers

content-encoding
gzip
age
44917
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 18:38:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:38:09 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
bg-mountains.jpg
thermes.eu/assets/images/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thermes.eu/assets/images/bg-mountains.jpg
Requested by
Host: thermes.eu
URL: http://thermes.eu/
Protocol
HTTP/1.1
Server
104.223.37.154 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
9f12a9a83a8193d120008886ea92c41eb02343d9e47bcfdd542fca18376859f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

ETag
"1de06-57890e9521b6b"
Connection
close
Accept-Ranges
bytes
Content-Length
122374
Date
Tue, 03 Dec 2024 07:06:46 GMT
Last-Modified
Fri, 19 Oct 2018 08:44:28 GMT
Content-Type
image/jpeg
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
css
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:700italic,800italic%7COpen+Sans+Condensed:300&subset=latin,latin
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc5cad7e230d5988d35455ac2d64862a10e5b29f26f75ea4744d93a35efe33d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Tue, 03 Dec 2024 07:06:46 GMT
Date
Tue, 03 Dec 2024 07:06:46 GMT
Content-Type
text/css; charset=utf-8
Vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Last-Modified
Tue, 03 Dec 2024 07:06:46 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy
same-origin-allow-popups
Cross-Origin-Resource-Policy
cross-origin
Access-Control-Allow-Origin
*
X-XSS-Protection
0
Server
ESF
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/
Redirect Chain
  • http://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
  • https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:700italic,800italic%7COpen+Sans+Condensed:300&subset=latin,latin
Protocol
H3
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://fonts.googleapis.com/

Response headers

age
28004
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 23:20:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 23:20:02 GMT
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50296
x-xss-protection
0
server
sffe

Redirect headers

Access-Control-Allow-Origin
http://thermes.eu
Location
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Cross-Origin-Resource-Policy
Cross-Origin
Non-Authoritative-Reason
DNS
Access-Control-Allow-Credentials
true
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/
Redirect Chain
  • http://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
  • https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:700italic,800italic%7COpen+Sans+Condensed:300&subset=latin,latin
Protocol
H3
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://fonts.googleapis.com/

Response headers

age
510454
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 09:19:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 09:19:12 GMT
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14964
x-xss-protection
0
server
sffe

Redirect headers

Access-Control-Allow-Origin
http://thermes.eu
Location
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Cross-Origin-Resource-Policy
Cross-Origin
Non-Authoritative-Reason
DNS
Access-Control-Allow-Credentials
true
anchor
www.google.com/recaptcha/api2/ Frame A475 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjrXsUAAAAACEwuVrQFvkM-TphZAjPNqBG9SD7&co=aHR0cDovL3RoZXJtZXMuZXU6ODA.&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=bi4gscwg5gcz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PE9LIRylnaBb1-5R0KO0FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://thermes.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PE9LIRylnaBb1-5R0KO0FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 07:06:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame 44D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdjrXsUAAAAACEwuVrQFvkM-TphZAjPNqBG9SD7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yYmg6-fWfa0HzK9cN4P_BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://thermes.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yYmg6-fWfa0HzK9cN4P_BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 07:06:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
thermes.eu/assets/images/icons/ 		22 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://thermes.eu/assets/images/icons/favicon.ico
Protocol
HTTP/1.1
Server
104.223.37.154 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
c90151584c1a42df5eddaf6734de60ecef5573ac35d4b71556f28c6853d45de2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://thermes.eu/

Response headers

ETag
"576e-57890ea679845"
Connection
close
Accept-Ranges
bytes
Content-Length
22382
Date
Tue, 03 Dec 2024 07:06:47 GMT
Last-Modified
Fri, 19 Oct 2018 08:44:46 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache/2.4.6 (CentOS) PHP/5.4.16

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery object| BigText function| scaleCaptcha number| screenHeight object| portfolio object| domainList function| portfolioSetup object| jQuery11130944787983268802 object| WebFontConfig object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| reCaptchaCallback object| WebFont object| recaptcha object| closure_lm_457925

0 Cookies