urlscan.io logo urlscan.io
SecurityTrails logo

spa.thermes-saint-gervais.com Open in urlscan Pro
2606:4700:4400::ac40:9bfb  Public Scan

Go To Rescan Add Verdict Report
URL: https://spa.thermes-saint-gervais.com/
Submission: On November 21 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 48 HTTP transactions. The main IP is 2606:4700:4400::ac40:9bfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is spa.thermes-saint-gervais.com.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.
This is the only time spa.thermes-saint-gervais.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 2606:4700:440... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.251.16.147 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.41.3 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.16.99 15169 (GOOGLE)
4 172.253.115.100 15169 (GOOGLE)
48 9
24    2606:4700:4400::ac40:9bfb (United States)

ASN13335 (CLOUDFLARENET, US)
spa.thermes-saint-gervais.com
10    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    142.251.16.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f147.1e100.net
www.google.com
2    2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net
www.gstatic.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.251.16.99 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f99.1e100.net
www.google.com
4    172.253.115.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f100.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
24 thermes-saint-gervais.com
spa.thermes-saint-gervais.com
656 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
786 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
23 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
137 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
307 B
1 gstatic.com
www.gstatic.com
216 KB
48 7
Domain Requested by
24 spa.thermes-saint-gervais.com 1 redirects spa.thermes-saint-gervais.com
10 cdn.cookielaw.org spa.thermes-saint-gervais.com
cdn.cookielaw.org
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
spa.thermes-saint-gervais.com
3 www.google.com spa.thermes-saint-gervais.com
www.googletagmanager.com
www.gstatic.com
2 www.googletagmanager.com spa.thermes-saint-gervais.com
www.googletagmanager.com
1 geolocation.onetrust.com spa.thermes-saint-gervais.com
1 www.gstatic.com www.google.com
48 7
Subject Issuer Validity Valid
thermes-saint-gervais.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
cookielaw.org
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://spa.thermes-saint-gervais.com/
Frame ID: 01B4EE2C6E536CD340979A997CD94D01
Requests: 44 HTTP requests in this frame

Frame: https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: 85636085224C22ED32C3E88BA619A64C
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fspa.thermes-saint-gervais.com
Frame ID: 02F1046971FF08B5D37A0722616D18A6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdnzQ4kAAAAAGWbmTEvcGCnlUKBp9HEm6JzfHGl&co=aHR0cHM6Ly9zcGEudGhlcm1lcy1zYWludC1nZXJ2YWlzLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=r12sbq2652vx
Frame ID: EC912698D2967F3AC3928C2FDE3CE646
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Spa Thermal | Accueil

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

48
Requests

98 %
HTTPS

56 %
IPv6

7
Domains

7
Subdomains

9
IPs

1
Countries

1819 kB
Transfer

3600 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
spa.thermes-saint-gervais.com/ 		107 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca1946d0729ff4ebfe9d3c511d8af6899a25a6f4b37840410bb23ba1b0df056
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8e61c210f8186daf-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 21 Nov 2024 15:36:56 GMT
expires
-1
pragma
no-cache
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
AOX.min.css
spa.thermes-saint-gervais.com/include/css/ 		244 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/css/AOX.min.css?v=1.0.0.17898
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48d42df8772deb15d082e3ea98715f714858219cf260f5a98226a6ec15c3320

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"80992fd45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c2166e046daf-MIA
accept-ranges
bytes
content-length
33898
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
text/css
last-modified
Wed, 17 Jul 2024 12:36:47 GMT
vary
Accept-Encoding
server
cloudflare
theme_sgmb-spa.css
spa.thermes-saint-gervais.com/include/css/ 		675 B
469 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/css/theme_sgmb-spa.css?v=1.0.0.17898
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb15e76e56214d2319561c0a129b3bc86624b8c8f46a7a12a3bf0e2305762a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"c42930fd45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c2166e056daf-MIA
accept-ranges
bytes
content-length
392
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
text/css
last-modified
Wed, 17 Jul 2024 12:36:47 GMT
vary
Accept-Encoding
server
cloudflare
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
Vo/d0f3ZefkwyML/PnJnjg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD091F6A7F5A59
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
31221
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 04:54:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2c1c45b3-c01e-00dd-5a1f-3bc024000000
cf-ray
8e61c216d9f5a539-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
Logo_CTSGMB_Spa.svg
spa.thermes-saint-gervais.com/include/images/ 		15 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/include/images/Logo_CTSGMB_Spa.svg
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac24d22a1c1ff51d465572f91f8be228ff9bd73edd87b5a2e7136a3cf8ba57a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"0d638fb45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c2166e076daf-MIA
accept-ranges
bytes
content-length
4499
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Jul 2024 12:36:44 GMT
vary
Accept-Encoding
server
cloudflare
AOXJsManager.plugins.min.js
spa.thermes-saint-gervais.com/include/js/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/js/AOXJsManager.plugins.min.js?v=1.0.0.17898
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc59dd85201fd085abdc7f31eeaa4a74404b98790a81e55015068ebc00ffe14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"036afc45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c216fea76daf-MIA
accept-ranges
bytes
content-length
64962
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/x-javascript
last-modified
Wed, 17 Jul 2024 12:36:46 GMT
vary
Accept-Encoding
server
cloudflare
AOXJsManager.min.js
spa.thermes-saint-gervais.com/include/js/ 		94 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/js/AOXJsManager.min.js?v=1.0.0.17898
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416a2eadff0098287302334552041a7cddbe22299ed54668549d55d64ddd0f26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"036afc45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c218882d6daf-MIA
accept-ranges
bytes
content-length
23874
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/x-javascript
last-modified
Wed, 17 Jul 2024 12:36:46 GMT
vary
Accept-Encoding
server
cloudflare
AOX.min.js
spa.thermes-saint-gervais.com/include/js/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/js/AOX.min.js?v=1.0.0.17898
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd913dcee04a68a00b35b2756ee0fb7deb9289968dc1a51bf4bf275a7139e0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"036afc45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21968f66daf-MIA
accept-ranges
bytes
content-length
7842
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/x-javascript
last-modified
Wed, 17 Jul 2024 12:36:46 GMT
vary
Accept-Encoding
server
cloudflare
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LdnzQ4kAAAAAGWbmTEvcGCnlUKBp9HEm6JzfHGl
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f147.1e100.net
Software
ESF /
Resource Hash
6198120398e782ea124a6d9a439e0aea1c0cb50ac3f0a8fb6f78405af3d0aa21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 15:36:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 21 Nov 2024 15:36:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
018f7b41-e6c5-75e2-9337-8bfef51449c7.json
cdn.cookielaw.org/consent/018f7b41-e6c5-75e2-9337-8bfef51449c7/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018f7b41-e6c5-75e2-9337-8bfef51449c7/018f7b41-e6c5-75e2-9337-8bfef51449c7.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f23e41a0298441aa99c154b0487a248be0e4bbc6ab302c2d156c1e32d7b1ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
ecTqk6NGSPHDEdGFN/tbqw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC863284EF2768
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 15:36:56 GMT
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/json
last-modified
Thu, 06 Jun 2024 14:11:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
22c5e1e0-201e-00fe-684d-26afef000000
cf-ray
8e61c21a5d9da4f2-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1547
x-ms-blob-type
BlockBlob
server
cloudflare
gtm.js
www.googletagmanager.com/ 		519 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-536VJ6L
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d6ec3c436a5e53dd9053f60bd3aa0a232a2eb5c9dbd29dc9d31b6335fb67859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 21 Nov 2024 15:36:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
139350
x-xss-protection
0
server
Google Tag Manager
icon-sprite.svg
spa.thermes-saint-gervais.com/include/images/ 		16 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/images/icon-sprite.svg
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4629464eff4f6444ac0df3c154e059e1f34f2e4dcf5ec25e0f79bcd842d5a552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"0d638fb45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c219f97c6daf-MIA
accept-ranges
bytes
content-length
6449
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Jul 2024 12:36:44 GMT
vary
Accept-Encoding
server
cloudflare
LocatorWebBold.woff2
spa.thermes-saint-gervais.com/include/webfonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/webfonts/LocatorWebBold.woff2
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/include/css/AOX.min.css?v=1.0.0.17898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49100b198962d3cc7c08529de246195bfecb68877d674c464ed2abe089eb9a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spa.thermes-saint-gervais.com
Referer
https://spa.thermes-saint-gervais.com/include/css/AOX.min.css?v=1.0.0.17898

Response headers

cf-cache-status
DYNAMIC
etag
"43a81fd45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21a39cf6daf-MIA
accept-ranges
bytes
content-length
20500
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/font-woff2
last-modified
Wed, 17 Jul 2024 12:36:47 GMT
server
cloudflare
LocatorWebLight.woff2
spa.thermes-saint-gervais.com/include/webfonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/webfonts/LocatorWebLight.woff2
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/include/css/AOX.min.css?v=1.0.0.17898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57d22b72d49186c10aa26532a7fa57e6c65cbccd46a5336713d12b5586bc73be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spa.thermes-saint-gervais.com
Referer
https://spa.thermes-saint-gervais.com/include/css/AOX.min.css?v=1.0.0.17898

Response headers

cf-cache-status
DYNAMIC
etag
"9e1199fd45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21a39d06daf-MIA
accept-ranges
bytes
content-length
20176
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/font-woff2
last-modified
Wed, 17 Jul 2024 12:36:47 GMT
server
cloudflare
LocatorWebBlack.woff2
spa.thermes-saint-gervais.com/include/webfonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/webfonts/LocatorWebBlack.woff2
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/include/css/AOX.min.css?v=1.0.0.17898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69b124ceae39aa3519812d72f62d7c955ebdc69d9d4ac2a801de7463fdb5dee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spa.thermes-saint-gervais.com
Referer
https://spa.thermes-saint-gervais.com/include/css/AOX.min.css?v=1.0.0.17898

Response headers

cf-cache-status
DYNAMIC
etag
"ffff66fd45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21a49d16daf-MIA
accept-ranges
bytes
content-length
20772
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/font-woff2
last-modified
Wed, 17 Jul 2024 12:36:47 GMT
server
cloudflare
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		547 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdnzQ4kAAAAAGWbmTEvcGCnlUKBp9HEm6JzfHGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spa.thermes-saint-gervais.com
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
age
69645
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 20 Nov 2025 20:16:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 20:16:11 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220753
x-xss-protection
0
server
sffe
main.js
spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame 8563
Redirect Chain
  • https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71de5b54f37a75b31a2a77195948b6e39da547c061d83411fd295316c0078c98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-ray
8e61c21b7b406daf-MIA
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
x-content-type-options
nosniff

Redirect headers

cf-ray
8e61c21b1ad76daf-MIA
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
content-length
0
access-control-allow-origin
*
date
Thu, 21 Nov 2024 15:36:56 GMT
server
cloudflare
Banner-home-desk-SiteCore--1800--640-px-1800-x-700-px.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/Site_SPA/Bains/Hub/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/Site_SPA/Bains/Hub/Banner-home-desk-SiteCore--1800--640-px-1800-x-700-px.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9013a8f58c8dfa0c75595278a8966ad8ce630e830d201636dc16d4b8bfe98c39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b036daf-MIA
accept-ranges
bytes
content-length
222487
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
image/jpeg
last-modified
Thu, 06 Jun 2024 11:48:30 GMT
server
cloudflare
content-disposition
inline; filename="Banner home desk SiteCore 1800 640 px 1800 x 700 px.jpg"
v_push-hover_Home_2.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/Site_Vitrine/Home/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/Site_Vitrine/Home/v_push-hover_Home_2.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af5a98c43f856b18670f990cf7c347af7d3bab513a1a3a1b3433067a3bf49a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b066daf-MIA
accept-ranges
bytes
content-length
14045
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
image/jpeg
last-modified
Fri, 15 Sep 2023 12:17:08 GMT
server
cloudflare
content-disposition
inline; filename="v_push-hover_Home_2.jpg"
v_push-hover_Home_4.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/Site_Vitrine/Home/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/Site_Vitrine/Home/v_push-hover_Home_4.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840f78a88bc2cf8a9168198af85588dcc6f0c10adb335c14941497d6df2b3acc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b086daf-MIA
accept-ranges
bytes
content-length
15020
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
image/jpeg
last-modified
Fri, 15 Sep 2023 13:38:11 GMT
server
cloudflare
content-disposition
inline; filename="v_push-hover_Home_4.jpg"
v_push-hover_Home_SPA_3.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/Site_SPA/Home/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/Site_SPA/Home/v_push-hover_Home_SPA_3.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976d6265be66671a65f7ecb0a78e62d6c53dbf4a0703685e8d5d4f7fcd4030f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b0a6daf-MIA
accept-ranges
bytes
content-length
36427
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
image/jpeg
last-modified
Fri, 15 Sep 2023 15:26:16 GMT
server
cloudflare
content-disposition
inline; filename="v_push-hover_Home_SPA_3.jpg"
v_push-hover_Home_5.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/Site_Vitrine/Home/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/Site_Vitrine/Home/v_push-hover_Home_5.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8bbead3a4fe0e3c7b6ac87f1c34115dd744fe6b1ab7ac339925cd1b651af69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b0b6daf-MIA
accept-ranges
bytes
content-length
41622
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
image/jpeg
last-modified
Thu, 14 Sep 2023 12:31:39 GMT
server
cloudflare
content-disposition
inline; filename="v_push-hover_Home_5.jpg"
reserver-en-ligne4.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/Site_SPA/Home/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/Site_SPA/Home/reserver-en-ligne4.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939d7d589cc79b1137943fcc2f31cf31cbb38d77556bb9add377c2d5fedddaa0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b0d6daf-MIA
accept-ranges
bytes
content-length
6853
date
Thu, 21 Nov 2024 15:36:56 GMT
content-type
image/jpeg
last-modified
Tue, 19 Sep 2023 09:27:42 GMT
server
cloudflare
content-disposition
inline; filename="reserver en ligne4.jpg"
v_Home_push-double_Cure_Desk.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/General_TSGMB/Home_Section-Push-Double/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/General_TSGMB/Home_Section-Push-Double/v_Home_push-double_Cure_Desk.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b5a5c805f48c57e6d6f17848985a2433f9d50e27e1ab4878122c607d548af3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b0f6daf-MIA
accept-ranges
bytes
content-length
25610
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
image/jpeg
last-modified
Thu, 14 Sep 2023 13:02:18 GMT
server
cloudflare
content-disposition
inline; filename="v_Home_push-double_Cure_Desk.jpg"
v_Home_push-double_Centre_Thermal_Desk.ashx
spa.thermes-saint-gervais.com/-/media/TSGMB/General_TSGMB/Home_Section-Push-Double/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spa.thermes-saint-gervais.com/-/media/TSGMB/General_TSGMB/Home_Section-Push-Double/v_Home_push-double_Centre_Thermal_Desk.ashx
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fbfb25f280586c370ca1de9d4f8ad8b54a4aacc7ca5731483559eb78187e0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cache-control
private, max-age=604800
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c21b4b106daf-MIA
accept-ranges
bytes
content-length
78229
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
image/jpeg
last-modified
Tue, 19 Sep 2023 12:58:54 GMT
server
cloudflare
content-disposition
inline; filename="v_Home_push-double_Centre_Thermal_Desk.jpg"
MiniCart
spa.thermes-saint-gervais.com/Checkout/ 		615 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/Checkout/MiniCart
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/include/js/AOXJsManager.min.js?v=1.0.0.17898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd63f386b2795cc2c313e5e4fe9fbd6d510dac8c82c928549aebe1009a0e9f18

Request headers

Referer
https://spa.thermes-saint-gervais.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Content-Type
application/html; charset=utf-8

Response headers

cache-control
no-cache, no-store
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
expires
-1
cf-ray
8e61c21b4b136daf-MIA
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
8e61c210f8186daf
spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8563 		0
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e61c210f8186daf
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e61c21c3c1b6daf-MIA
content-length
0
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/include/js/AOXJsManager.min.js?v=1.0.0.17898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Referer
https://spa.thermes-saint-gervais.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8e61c21cbda5a527-MIA
access-control-allow-origin
*
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1094483622.1732203417&auid=408902673.1732203417&npa=0&gtm=45He4bk0v810072519za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732203417080&tfd=1988&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-536VJ6L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-536VJ6L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
gzip
age
2655
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:52:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 14:52:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 02F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fspa.thermes-saint-gervais.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-536VJ6L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 15:36:57 GMT
expires
Fri, 21 Nov 2025 15:36:57 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202405.2.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
Ryx3T13YxV6i1yEKSnAPIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E423ECD5E2
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
27713
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:10:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
a3a9f6ae-901e-006f-0cf7-2f3b5e000000
cf-ray
8e61c21d1bf4a539-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
112015
x-ms-blob-type
BlockBlob
server
cloudflare
anchor
www.google.com/recaptcha/enterprise/ Frame EC91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdnzQ4kAAAAAGWbmTEvcGCnlUKBp9HEm6JzfHGl&co=aHR0cHM6Ly9zcGEudGhlcm1lcy1zYWludC1nZXJ2YWlzLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=r12sbq2652vx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.99 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f99.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rNFTJSOFsYCsZnutsFqEhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://spa.thermes-saint-gervais.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rNFTJSOFsYCsZnutsFqEhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 15:36:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
fr.json
cdn.cookielaw.org/consent/018f7b41-e6c5-75e2-9337-8bfef51449c7/018e13bc-2946-7bd0-8f32-a9b867414d10/ 		46 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018f7b41-e6c5-75e2-9337-8bfef51449c7/018e13bc-2946-7bd0-8f32-a9b867414d10/fr.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
765c90ca8ced64a98801e167d74c5c58518ce04e50d3258f4bd14de494c66d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
Vr2AezLsxWhp2bbxPrtNxg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC863286BAA3E7
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 15:36:57 GMT
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
application/json
last-modified
Thu, 06 Jun 2024 14:11:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
9f0d075e-c01e-0033-05d3-33caa7000000
cf-ray
8e61c21dda9aa4f2-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13490
x-ms-blob-type
BlockBlob
server
cloudflare
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-encoding
br
age
1683
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:08:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 15:08:54 GMT
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
697
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/ 		3 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=674936815&t=pageview&cu=EUR&_s=1&dl=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Spa%20Thermal%20%7C%20Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjAAAAACACog~&cid=1862695843.1732203417&uid=&tid=UA-131943206-1&_gid=814549335.1732203417&_slc=1&gtm=45He4bk0n81536VJ6Lv810072519za200&cg1=homepage&cd1=TSGMB&cd2=fr&cd3=fr&cd4=main&cd5=homepage&cd6=&cd7=&cd8=&cd9=not%20loggged&cd10=&cd11=&cd12=&cd34=0&cd66=none&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=127258804
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/include/js/AOXJsManager.min.js?v=1.0.0.17898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://spa.thermes-saint-gervais.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 15:36:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://spa.thermes-saint-gervais.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=674936815&t=pageview&cu=EUR&_s=1&dl=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Spa%20Thermal%20%7C%20Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUAjAAAAACACogC~&cid=1862695843.1732203417&uid=&tid=UA-74428248-1&_gid=814549335.1732203417&_slc=1&gtm=45He4bk0n81536VJ6Lv810072519za200&cg1=homepage&cd1=TSGMB&cd2=fr&cd3=fr&cd4=main&cd5=homepage&cd6=&cd7=&cd8=&cd9=not%20loggged&cd10=&cd11=&cd12=&cd34=0&cd66=none&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=913441458
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/include/js/AOXJsManager.min.js?v=1.0.0.17898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://spa.thermes-saint-gervais.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 15:36:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://spa.thermes-saint-gervais.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
mPFWl2a3UR06DZ1cx/YBSQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E42003D45E
x-ms-lease-status
unlocked
cf-cache-status
HIT
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:10:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ec8a9613-a01e-004e-53f5-d7566f000000
cf-ray
8e61c21f7d02a4f2-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2612
x-ms-blob-type
BlockBlob
server
cloudflare
otPcTab.json
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/ 		64 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e31226785d7fabf5f5f98c4c0e3caf4e18cfd4b9f5bdd84422585cc65e81720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
ytzNuvchBbS9ynH4FxVlOw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E421117D2B
x-ms-lease-status
unlocked
cf-cache-status
HIT
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:10:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
d1d7d08b-101e-0057-1453-d87a07000000
cf-ray
8e61c21f7d06a4f2-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13725
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e43deb49489c81e3aed5e348d4997f062660ba00fe61305cd464359c06216d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
9eusssrwoAzVOVsIadvhfQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=24822
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 22:10:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
5f66ecec-a01e-0067-4908-f4202d000000
cf-ray
8e61c21f7d09a4f2-MIA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=674936815&t=event&ni=1&cu=EUR&_s=1&dl=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Spa%20Thermal%20%7C%20Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ClientID&ea=Send%20Event&el=Set%20ClientID%20in%20Google%20Analytics%20with%20an%20non-interactif%20Event&_u=aGDAgUAjAAAAACACokC~&cid=765924976.1732203418&uid=&tid=UA-131943206-1&_gid=1335604314.1732203418&gtm=45He4bk0n81536VJ6Lv810072519za200&cg1=homepage&cd1=TSGMB&cd2=fr&cd3=fr&cd4=main&cd5=homepage&cd6=&cd7=&cd8=&cd9=not%20loggged&cd10=&cd11=&cd12=&cd34=0&cd41=1862695843.1732203417&cd66=performance%3A%3A0%7Cfunctional%3A%3A0%7Ctargeting%3A%3A0%7Csocial_media%3A%3A0&gcd=13m3m3m3m5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&gcs=G100&dma_cps=-&npa=1&z=647079286
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

age
54169
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 00:34:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=674936815&t=event&ni=1&cu=EUR&_s=1&dl=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Spa%20Thermal%20%7C%20Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ClientID&ea=Send%20Event&el=Set%20ClientID%20in%20Google%20Analytics%20with%20an%20non-interactif%20Event&_u=aGDAgUAjAAAAACACokC~&cid=1554261727.1732203418&uid=&tid=UA-74428248-1&_gid=1435601199.1732203418&gtm=45He4bk0n81536VJ6Lv810072519za200&cg1=homepage&cd1=TSGMB&cd2=fr&cd3=fr&cd4=main&cd5=homepage&cd6=&cd7=&cd8=&cd9=not%20loggged&cd10=&cd11=&cd12=&cd34=0&cd41=1862695843.1732203417&cd66=performance%3A%3A0%7Cfunctional%3A%3A0%7Ctargeting%3A%3A0%7Csocial_media%3A%3A0&gcd=13m3m3m3m5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&gcs=G100&dma_cps=-&npa=1&z=203915300
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

age
54169
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 00:34:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Nov 2024 04:54:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2cf073ef-001e-008f-4c24-3bddd6000000
cf-ray
8e61c2211f7ba4f2-MIA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
THERMES_SAINT_GERVAIS_LOGO_1806_bleu_PAntone.png
cdn.cookielaw.org/logos/b8ec011c-8bf5-4ec6-98df-990d37350f78/018f7b41-e6c5-75e2-9337-8bfef51449c7/22d16508-35b3-4cc7-abca-6acbb4fdea46/ 		629 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/b8ec011c-8bf5-4ec6-98df-990d37350f78/018f7b41-e6c5-75e2-9337-8bfef51449c7/22d16508-35b3-4cc7-abca-6acbb4fdea46/THERMES_SAINT_GERVAIS_LOGO_1806_bleu_PAntone.png
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c5e6810e76a15245c28324b969b863af4b71cfc03771e47e98b62dea99c793d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
iKrzy1yFMc6vKtvR++1ExQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DC862DBBC95808
cf-cache-status
HIT
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 15:36:58 GMT
content-type
image/png
last-modified
Thu, 06 Jun 2024 13:36:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
81be53e1-101e-0097-3317-b822a0000000
cf-ray
8e61c2213a6ea539-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
644364
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: spa.thermes-saint-gervais.com
URL: https://spa.thermes-saint-gervais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
16182
content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 11:07:15 GMT
date
Thu, 21 Nov 2024 15:36:57 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Nov 2024 04:54:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
772f7382-301e-0100-09a1-3bd5df000000
cf-ray
8e61c2213a6fa539-MIA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=674936815&t=timing&cu=EUR&_s=2&dl=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Spa%20Thermal%20%7C%20Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3065&pdt=97&dns=18&rrt=0&srt=859&tcp=70&dit=1710&clt=1710&_gst=2013&_gbt=2251&_u=aGDAgUAjAAAAACACokC~&cid=1862695843.1732203417&uid=&tid=UA-131943206-1&_gid=814549335.1732203417&gtm=45He4bk0n81536VJ6Lv810072519za200&cg1=homepage&cd1=TSGMB&cd2=fr&cd3=fr&cd4=main&cd5=homepage&cd6=&cd7=&cd8=&cd9=not%20loggged&cd10=&cd11=&cd12=&cd34=0&cd66=none&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1642495654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

age
54170
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 00:34:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=674936815&t=timing&cu=EUR&_s=2&dl=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Spa%20Thermal%20%7C%20Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3065&pdt=97&dns=18&rrt=0&srt=859&tcp=70&dit=1710&clt=1710&_gst=2013&_gbt=2251&_u=aGDAgUAjAAAAACACokC~&cid=1862695843.1732203417&uid=&tid=UA-74428248-1&_gid=814549335.1732203417&gtm=45He4bk0n81536VJ6Lv810072519za200&cg1=homepage&cd1=TSGMB&cd2=fr&cd3=fr&cd4=main&cd5=homepage&cd6=&cd7=&cd8=&cd9=not%20loggged&cd10=&cd11=&cd12=&cd34=0&cd66=none&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1359878510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

age
54170
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 00:34:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
favicon-32x32.png
spa.thermes-saint-gervais.com/include/images/ 		696 B
826 B 		Other
General
Check archive.org
Download Go to
Full URL
https://spa.thermes-saint-gervais.com/include/images/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e074adc0a04251464add8ebba281dab007bbe192770ab8d613b337ca90a8c478

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spa.thermes-saint-gervais.com/

Response headers

cf-cache-status
DYNAMIC
etag
"3af933fb45d8da1:0"
request-context
appId=cid-v1:0f5fea8e-1777-4a4f-ab5c-5d0026206973
cf-ray
8e61c223ce786daf-MIA
accept-ranges
bytes
content-length
696
date
Thu, 21 Nov 2024 15:36:58 GMT
content-type
image/png
last-modified
Wed, 17 Jul 2024 12:36:43 GMT
server
cloudflare

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| event function| OptanonWrapper object| dataLayer function| gtm_isElementInViewport function| gtm_add_handler function| gtm_datalayer_pushEvent function| gtm_datalayer_pushEventAddCategory function| gtm_datalayer_pushEcommerce_View function| gtm_datalayer_pushEcommerce_Click function| gtm_datalayer_pushEcommerce_Detail function| gtm_datalayer_pushEcommerce_AddToCart function| gtm_datalayer_pushEcommerce_RemoveToCart function| onLoadPopinAccessibilite object| optionsPopinNewsletterSubscriptionForm function| initPopinNewsletterSubscriptionForm function| onSubmitPopinNewsletterSubscriptionForm object| jTBrowser function| jQuery object| lazySizes object| ls_bgset function| jQueryObject function| AOXJsManagerClass object| AOXJsManager function| configDebug function| configUrl function| configTools function| newOpen function| newSend function| onAOXReCaptchaApiLoadedCallback function| configPassword function| configDateTimePicker function| configMinLegalAge function| configInitSession function| AOXTools function| AOXPopin function| AOX_EncodeBase64 function| AOXNavigationContentManager function| AOX_MediaQuery function| AOX_WebFont function| AOX_TemplateAOX function| getYTCookieCheckResult function| AOX_YTPlayer function| AOX_DEBUG function| applyFocusVisiblePolyfill object| $window object| $document object| $body number| carrouselSpeed function| initCommon function| AOXNavigationOverload function| initNavPushGrid function| initNavMiniCart function| openNavMiniCart function| initPopinAccessibilite function| initAnimationsMode function| initContrastMode function| initCarrouselHero function| initCarrouselPush function| initCarrouselPlan function| initScrollToTarget function| initPushDouble function| initListPushSoin function| initListPushDecouvrirProgramme function| initFilterSpaSoinCarte function| initAsideArticle function| pageHome function| pageHub function| pageCompte function| pageContact function| pageBrochure function| pagePanier function| pageSpaSoin function| pageSpaDetailSoin function| pageEbooking function| pageHubCarteCadeau function| pageSpaSoinJournee function| pageSpaFormuleJournee function| pageFiltreSpaSoinCarte function| pageArticle function| pageBrochureDownload object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| initFooterNewsletterSubscriptionForm function| onSubmitFooterNewsletterSubscriptionForm function| LoadMiniCart object| LstElemPushed number| start object| OtTrustedType object| google_tag_manager object| google_tag_data function| enableJsApi function| parseElement function| playerOverrideDeclaration function| onPlayerStateChange function| onPlayerError function| onPlayerPercent function| trackYTUnload function| insertYoutubeJsApi function| styleToBeAddedInJs function| listenerDomChangeWithCSSEvent function| checkResource function| checkYT function| launchYoutubeIframeApiTraking object| gtmYTListeners function| onYouTubePlayerAPIReady string| GoogleAnalyticsObject function| ga object| cdo string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| recaptcha object| closure_lm_121098 object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust boolean| gaCallback string| gaFirstPartyCookie

11 Cookies

Domain/Path Name / Value
spa.thermes-saint-gervais.com/ Name: shell#lang
Value: en
spa.thermes-saint-gervais.com/ Name: ASP.NET_SessionId
Value: fwzc1fcg24bisw3t2rdofyse
spa.thermes-saint-gervais.com/ Name: __RequestVerificationToken
Value: Oskx96nbGmNW6yVVZzueY-OfHQehm4uzuDIngKMvt1fDHmtoQDr9iSN3YS7e90rOuYJcXYHagsJO0AQKu6JlFXbr9Tm1daOrxDg6PyqYW_Q1
.spa.thermes-saint-gervais.com/ Name: ARRAffinity
Value: e5f13a2ed6d3c9bd667436d26756c97183a497b0f056664cf97840e84b3ac854
.spa.thermes-saint-gervais.com/ Name: ARRAffinitySameSite
Value: e5f13a2ed6d3c9bd667436d26756c97183a497b0f056664cf97840e84b3ac854
.thermes-saint-gervais.com/ Name: cf_clearance
Value: q271JEOOp59r4BjF.yYJD0u8yKwjxUP9pOjw9dGkvms-1732203417-1.2.1.1-TpJ.cHkMW3xs92s6AVMovOQw74c5fiwcedJ0ypGmAVujhuaSa61V4lf2_7p97SpsnkAROR.xmB.JgSPxHXobAdJoHKtQLsJE93yEhNphwKM9_7YLz2fhxbjoUhlNHKoR5nVt9YtkJHWkpxgtigGtLyzwMTHnbuN9_p_H9gXLuYZVF9H3WexqLIs3hw5qnK2Lx4WDqcPwv3F5v37LrmjkOT1JgRm0zakIXzs7mZmj4Yn6olye_Djdjite1rV9VZS06OGzYBzgeEiV6wMWC_7.K1b3GM_Gds4VGG_FeMIpmYIZLu6rGHh1s9tr5ao1hkXRXMTnfY5ndz524qfBzsUHogbL0nIGq2OOgpPGN8PUOonlL1wvU9E0Lpz87t8JSJFh
.thermes-saint-gervais.com/ Name: _gcl_au
Value: 1.1.408902673.1732203417
spa.thermes-saint-gervais.com/ Name: _aqv
Value: true
.thermes-saint-gervais.com/ Name: _ga
Value: GA1.2.1862695843.1732203417
.thermes-saint-gervais.com/ Name: _gid
Value: GA1.2.814549335.1732203417
.spa.thermes-saint-gervais.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Nov+21+2024+05%3A36%3A57+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202405.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c9cd6e7f-0e11-45d3-aece-a9e97c58e6a2&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fspa.thermes-saint-gervais.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
spa.thermes-saint-gervais.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.251.16.147
142.251.16.99
142.251.41.3
172.253.115.100
2606:4700:4400::6812:2089
2606:4700:4400::ac40:9bfb
2606:4700::6812:562a
2607:f8b0:4004:c06::66
2607:f8b0:4004:c07::61
0ca1946d0729ff4ebfe9d3c511d8af6899a25a6f4b37840410bb23ba1b0df056
0cc59dd85201fd085abdc7f31eeaa4a74404b98790a81e55015068ebc00ffe14
0fd913dcee04a68a00b35b2756ee0fb7deb9289968dc1a51bf4bf275a7139e0b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3af5a98c43f856b18670f990cf7c347af7d3bab513a1a3a1b3433067a3bf49a1
402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a
416a2eadff0098287302334552041a7cddbe22299ed54668549d55d64ddd0f26
4629464eff4f6444ac0df3c154e059e1f34f2e4dcf5ec25e0f79bcd842d5a552
57d22b72d49186c10aa26532a7fa57e6c65cbccd46a5336713d12b5586bc73be
5c5e6810e76a15245c28324b969b863af4b71cfc03771e47e98b62dea99c793d
5eb15e76e56214d2319561c0a129b3bc86624b8c8f46a7a12a3bf0e2305762a6
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6198120398e782ea124a6d9a439e0aea1c0cb50ac3f0a8fb6f78405af3d0aa21
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d6ec3c436a5e53dd9053f60bd3aa0a232a2eb5c9dbd29dc9d31b6335fb67859
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
71de5b54f37a75b31a2a77195948b6e39da547c061d83411fd295316c0078c98
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
765c90ca8ced64a98801e167d74c5c58518ce04e50d3258f4bd14de494c66d3c
77f23e41a0298441aa99c154b0487a248be0e4bbc6ab302c2d156c1e32d7b1ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e43deb49489c81e3aed5e348d4997f062660ba00fe61305cd464359c06216d
840f78a88bc2cf8a9168198af85588dcc6f0c10adb335c14941497d6df2b3acc
8e31226785d7fabf5f5f98c4c0e3caf4e18cfd4b9f5bdd84422585cc65e81720
9013a8f58c8dfa0c75595278a8966ad8ce630e830d201636dc16d4b8bfe98c39
91b5a5c805f48c57e6d6f17848985a2433f9d50e27e1ab4878122c607d548af3
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
939d7d589cc79b1137943fcc2f31cf31cbb38d77556bb9add377c2d5fedddaa0
976d6265be66671a65f7ecb0a78e62d6c53dbf4a0703685e8d5d4f7fcd4030f7
9d8bbead3a4fe0e3c7b6ac87f1c34115dd744fe6b1ab7ac339925cd1b651af69
ac24d22a1c1ff51d465572f91f8be228ff9bd73edd87b5a2e7136a3cf8ba57a0
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114
b48d42df8772deb15d082e3ea98715f714858219cf260f5a98226a6ec15c3320
bd63f386b2795cc2c313e5e4fe9fbd6d510dac8c82c928549aebe1009a0e9f18
c49100b198962d3cc7c08529de246195bfecb68877d674c464ed2abe089eb9a4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e074adc0a04251464add8ebba281dab007bbe192770ab8d613b337ca90a8c478
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69b124ceae39aa3519812d72f62d7c955ebdc69d9d4ac2a801de7463fdb5dee
f9fbfb25f280586c370ca1de9d4f8ad8b54a4aacc7ca5731483559eb78187e0e