urlscan.io logo urlscan.io
SecurityTrails logo

www.tubz.com Open in urlscan Pro
104.248.7.197  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Submission: On June 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 104.248.7.197, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tubz.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 10th 2024. Valid for: 3 months.
This is the only time www.tubz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 104.248.7.197 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 35.169.139.83 14618 (AMAZON-AES)
19 5
11    104.248.7.197 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: node.lqwebserver.com
www.tubz.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.169.139.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-139-83.compute-1.amazonaws.com
cse.expertrec.com
Apex Domain
Subdomains		 Transfer
11 tubz.com
www.tubz.com
69 KB
4 gstatic.com
fonts.gstatic.com
95 KB
2 expertrec.com
cse.expertrec.com — Cisco Umbrella Rank: 207364
106 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 101
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 102
98 KB
19 5
Domain Requested by
11 www.tubz.com www.tubz.com
4 fonts.gstatic.com fonts.googleapis.com
2 cse.expertrec.com www.tubz.com
cse.expertrec.com
1 fonts.googleapis.com www.tubz.com
1 www.googletagmanager.com www.tubz.com
19 5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
Subject Issuer Validity Valid
tubz.com
cPanel, Inc. Certification Authority		 2024-05-10 -
2024-08-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.expertrec.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-18 -
2025-03-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.tubz.com/soaking-baths-heated-soaker.htm
Frame ID: 3F5122852E3D433E202C2BA970D9D14B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heated Soaking Tub | Soaking Bathtub with Heater

Detected technologies

Overall confidence: 100%
Detected patterns
  • cse\.expertrec\.com/api/js/ci_common\.js\?id=.*$
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

369 kB
Transfer

992 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request soaking-baths-heated-soaker.htm
www.tubz.com/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
3a231aeaacd5e35b03093895fa8984298a7b8ee53cc4fa39b9d497ddc82478c0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
private, must-revalidate
content-encoding
gzip
content-length
4317
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
content-type
text/html
date
Tue, 04 Jun 2024 01:25:21 GMT
expires
Sun, 09 Jun 2024 01:25:21 GMT
last-modified
Thu, 28 Mar 2024 14:54:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		287 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S1V7K95EGV
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2ec74f04ed6fa103b39d091a81fea5ca06ddf97a83e16237f3e9038b7d5f90c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 01:25:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99709
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 04 Jun 2024 01:25:21 GMT
google.min.js
www.tubz.com/js/ 		155 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tubz.com/js/google.min.js
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
51dd7b1a394b43709f0e1acad4cfa3db4cf5df6b832c51c8330c81edf4956d2d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
date
Tue, 04 Jun 2024 01:25:21 GMT
content-length
137
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 May 2023 16:07:08 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private
accept-ranges
bytes
expires
Tue, 11 Jun 2024 01:25:21 GMT
style-sheet-22.css
www.tubz.com/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tubz.com/style-sheet-22.css
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
0bb2ca2b3d0cb7aa4f7324247c9b7744f65c5fb91a9e4d7402fc3119e9cacfd3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
date
Tue, 04 Jun 2024 01:25:21 GMT
content-length
7704
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 21 May 2024 15:47:42 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public
accept-ranges
bytes
expires
Tue, 11 Jun 2024 01:25:21 GMT
css2
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;600&family=Source+Serif+Pro:wght@200;300;400;600&display=swap
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af2fac52bef4772f07eeb086d03f55985289896e0e01538d124e2352c05d182c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 01:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 01:25:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 01:25:21 GMT
heated-soaking-tub.jpg
www.tubz.com/images/Tub/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tubz.com/images/Tub/heated-soaking-tub.jpg
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
50ad29971dc65bb7eb6440f3181d69ec48a0ab883b2b5588b11927759ce1e273
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Feb 2022 22:13:38 GMT
server
Apache
date
Tue, 04 Jun 2024 01:25:21 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
content-length
31307
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 01:25:21 GMT
heated-soaking-bathtub.jpg
www.tubz.com/images/Tub/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tubz.com/images/Tub/heated-soaking-bathtub.jpg
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
f034e9f51351be698ed4019cdc830244bfbc61af86f126b34f5c6bc7eb5e2289
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 Oct 2017 16:04:57 GMT
server
Apache
date
Tue, 04 Jun 2024 01:25:21 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
content-length
6467
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 01:25:21 GMT
freestanding-heated-surface.jpg
www.tubz.com/images/Tub/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tubz.com/images/Tub/freestanding-heated-surface.jpg
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
05c50f93c178e38ba679ba69339fe374c586f11d124aa5b3a5c4411e2a5ea494
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 Oct 2017 16:04:56 GMT
server
Apache
date
Tue, 04 Jun 2024 01:25:21 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
content-length
5610
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 01:25:21 GMT
mcmenu.js
www.tubz.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tubz.com/mcmenu.js
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
f9f2c860491e54a1906caa87c3650b5702316d55a8f2af2c37786e1c0dbec94e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
date
Tue, 04 Jun 2024 01:25:21 GMT
content-length
5580
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 Mar 2023 21:50:25 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private
accept-ranges
bytes
expires
Tue, 11 Jun 2024 01:25:21 GMT
scroll.js
www.tubz.com/js/ 		587 B
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tubz.com/js/scroll.js
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
4e12f60783d42985ab03e78a5506853585ceb25640b79e1ec25d0ba3b29cafac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
date
Tue, 04 Jun 2024 01:25:21 GMT
content-length
274
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Oct 2022 18:47:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private
accept-ranges
bytes
expires
Tue, 11 Jun 2024 01:25:21 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;600&family=Source+Serif+Pro:wght@200;300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.tubz.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 02:04:05 GMT
x-content-type-options
nosniff
age
256876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 02:04:05 GMT
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;600&family=Source+Serif+Pro:wght@200;300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.tubz.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 02:41:00 GMT
x-content-type-options
nosniff
age
600261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20528
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:17:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 02:41:00 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;600&family=Source+Serif+Pro:wght@200;300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.tubz.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 07:04:53 GMT
x-content-type-options
nosniff
age
238828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21528
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 07:04:53 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasd8ctSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasd8ctSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;600&family=Source+Serif+Pro:wght@200;300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b75fc8d86f4fadfb2776f1be5c63e86245c931a240da3deb85be3ca986240adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.tubz.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 18:59:21 GMT
x-content-type-options
nosniff
age
195960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21076
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:42:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 18:59:21 GMT
Tubz-Facebook.jpg
www.tubz.com/images/tubz/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tubz.com/images/tubz/Tubz-Facebook.jpg
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
4860277a0fe3ca8ba09d9fb9403f8c8f023e1819a6b18005dd2f7b8d9b6230c6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 11 Nov 2021 17:34:49 GMT
server
Apache
date
Tue, 04 Jun 2024 01:25:21 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
content-length
2141
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 01:25:21 GMT
tubz-pinterest.jpg
www.tubz.com/images/tubz/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tubz.com/images/tubz/tubz-pinterest.jpg
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
d62a2a344f5821f89344932a1cc5186c4136538992e7147318b79fec2928f6d6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 11 Nov 2021 17:34:49 GMT
server
Apache
date
Tue, 04 Jun 2024 01:25:21 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
content-length
2370
x-xss-protection
1; mode=block
expires
Thu, 04 Jul 2024 01:25:21 GMT
ci_common.js
cse.expertrec.com/api/js/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.expertrec.com/api/js/ci_common.js?id=024f97d2-1c41-11ea-912e-0242ac130002
Requested by
Host: www.tubz.com
URL: https://www.tubz.com/soaking-baths-heated-soaker.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.139.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-139-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d8ba88c998f8f05c0841ebd235c985000e997701cefae4f1fdd2b16fd9a30969

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 01:25:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
http://127.0.0.1
cache-control
max-age=60
access-control-allow-credentials
true
expires
Tue, 04 Jun 2024 01:26:21 GMT
ci_customSearch_overlay.1717418044401.min.js
cse.expertrec.com/js/ 		423 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.expertrec.com/js/ci_customSearch_overlay.1717418044401.min.js
Requested by
Host: cse.expertrec.com
URL: https://cse.expertrec.com/api/js/ci_common.js?id=024f97d2-1c41-11ea-912e-0242ac130002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.139.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-139-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b0e3f5d58911e20595d0d40f2355601dd3314494427c02b72553fe9df4b5caed

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 01:25:21 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2024 12:35:12 GMT
server
nginx
etag
W/"665db880-69beb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Thu, 04 Jul 2024 01:25:21 GMT
favicon.ico
www.tubz.com/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tubz.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.248.7.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
node.lqwebserver.com
Software
Apache /
Resource Hash
2adb2132edaee676d993e6188eea5e4e5342d18f116f3d00d09558cb264b0978
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.tubz.com/soaking-baths-heated-soaker.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
date
Tue, 04 Jun 2024 01:25:22 GMT
content-length
3273
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 May 2023 17:27:46 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
public
accept-ranges
bytes
expires
Tue, 04 Jun 2024 01:25:27 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| mcmenuOptions object| mcmenu function| McMenu function| scrollFunction function| topFunction object| mybutton object| gaGlobal object| expertrec boolean| _er_js_loaded object| _er_config object| regeneratorRuntime object| _er_data object| _er_ls_service function| _er_setScreenShots object| _er_voiceService function| isNumberKey function| notLessThanMIn function| getPriceRange function| onChangePriceMin function| onChangePriceMax function| searchFilter function| collapsePanel function| clearValue function| _er_startSearch function| _er_startSuggest function| addCart object| _er_popper function| _er_update_popper function| openFilters function| closeFilters function| _er_facetFilter

2 Cookies

Domain/Path Name / Value
.tubz.com/ Name: _ga_S1V7K95EGV
Value: GS1.1.1717464321.1.0.1717464321.0.0.0
.tubz.com/ Name: _ga
Value: GA1.1.50021453.1717464321

2 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-S1V7K95EGV(Line 195)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-S1V7K95EGV&gtm=45je4630v879034833za200&_p=1717464321387&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=50021453.1717464321&ul=de-de&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1717464321&sct=1&seg=0&dl=https%3A%2F%2Fwww.tubz.com%2Fsoaking-baths-heated-soaker.htm&dt=Heated%20Soaking%20Tub%20%7C%20Soaking%20Bathtub%20with%20Heater&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=858' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-S1V7K95EGV(Line 195)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-S1V7K95EGV&gtm=45je4630v879034833za200&_p=1717464321387&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=50021453.1717464321&ul=de-de&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=2&sid=1717464321&sct=1&seg=0&dl=https%3A%2F%2Fwww.tubz.com%2Fsoaking-baths-heated-soaker.htm&dt=Heated%20Soaking%20Tub%20%7C%20Soaking%20Bathtub%20with%20Heater&en=user_engagement&_et=4254&tfd=5113' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com https://www.googletagmanager.com https://cse.expertrec.com/ 'unsafe-eval' 'unsafe-inline';font-src fonts.gstatic.com cdnjs.cloudflare.com https://www.tubz.com/tubztalk/wp-includes/fonts/dashicons.ttf data: 'self'; style-src 'self' fonts.googleapis.com/ cdnjs.cloudflare.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://expertrec.com/getCookie https://searchv7.expertrec.com/v6/search/024f97d2-1c41-11ea-912e-0242ac130002/ https://log.expertrec.com/v2/; img-src 'self' www.googletagmanager.com data: https://www.google-analytics.com/; base-uri 'self';form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cse.expertrec.com
fonts.googleapis.com
fonts.gstatic.com
www.googletagmanager.com
www.tubz.com
104.248.7.197
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2008
35.169.139.83
05c50f93c178e38ba679ba69339fe374c586f11d124aa5b3a5c4411e2a5ea494
0bb2ca2b3d0cb7aa4f7324247c9b7744f65c5fb91a9e4d7402fc3119e9cacfd3
2adb2132edaee676d993e6188eea5e4e5342d18f116f3d00d09558cb264b0978
3a231aeaacd5e35b03093895fa8984298a7b8ee53cc4fa39b9d497ddc82478c0
4860277a0fe3ca8ba09d9fb9403f8c8f023e1819a6b18005dd2f7b8d9b6230c6
4e12f60783d42985ab03e78a5506853585ceb25640b79e1ec25d0ba3b29cafac
50ad29971dc65bb7eb6440f3181d69ec48a0ab883b2b5588b11927759ce1e273
51dd7b1a394b43709f0e1acad4cfa3db4cf5df6b832c51c8330c81edf4956d2d
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
af2fac52bef4772f07eeb086d03f55985289896e0e01538d124e2352c05d182c
b0e3f5d58911e20595d0d40f2355601dd3314494427c02b72553fe9df4b5caed
b75fc8d86f4fadfb2776f1be5c63e86245c931a240da3deb85be3ca986240adc
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
d62a2a344f5821f89344932a1cc5186c4136538992e7147318b79fec2928f6d6
d8ba88c998f8f05c0841ebd235c985000e997701cefae4f1fdd2b16fd9a30969
f034e9f51351be698ed4019cdc830244bfbc61af86f126b34f5c6bc7eb5e2289
f2ec74f04ed6fa103b39d091a81fea5ca06ddf97a83e16237f3e9038b7d5f90c
f9f2c860491e54a1906caa87c3650b5702316d55a8f2af2c37786e1c0dbec94e