urlscan.io logo urlscan.io
SecurityTrails logo

reserveren.thermenresorts.de Open in urlscan Pro
31.7.4.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reserveren.thermenresorts.de/
Effective URL: https://reserveren.thermenresorts.de/
Submission: On December 13 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 31.7.4.67, located in Netherlands and belongs to PREVIDER-AS, NL. The main domain is reserveren.thermenresorts.de.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.
This is the only time reserveren.thermenresorts.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 31.7.4.67 20847 (PREVIDER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
18 5
11    31.7.4.67 (Netherlands)

ASN20847 (PREVIDER-AS, NL)
PTR: server15.cube.cloud.shockmedia.nl
reserveren.thermenresorts.de
dmp.thermenresorts.nl
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:e68 (United States)

ASN13335 (CLOUDFLARENET, US)
edge.marker.io
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 thermenresorts.de
reserveren.thermenresorts.de
278 KB
5 gstatic.com
fonts.gstatic.com
72 KB
5 thermenresorts.nl
dmp.thermenresorts.nl
212 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
65 KB
1 marker.io
edge.marker.io — Cisco Umbrella Rank: 43116
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
18 6
Domain Requested by
6 reserveren.thermenresorts.de 1 redirects reserveren.thermenresorts.de
5 fonts.gstatic.com fonts.googleapis.com
5 dmp.thermenresorts.nl reserveren.thermenresorts.de
1 www.googletagmanager.com reserveren.thermenresorts.de
1 edge.marker.io reserveren.thermenresorts.de
1 fonts.googleapis.com reserveren.thermenresorts.de
18 6

This site contains no links.

Subject Issuer Validity Valid
reserveren.thermenresorts.nl
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
dmp.thermenresorts.nl
Sectigo RSA Domain Validation Secure Server CA		 2023-10-17 -
2024-10-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://reserveren.thermenresorts.de/
Frame ID: DCA2060970F2EFA852F8E6002F3AE4D8
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Thermen reserveren

Page URL History Show full URLs

  1. http://reserveren.thermenresorts.de/ HTTP 302
    https://reserveren.thermenresorts.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

18
Requests

100 %
HTTPS

80 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

641 kB
Transfer

1327 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reserveren.thermenresorts.de/ HTTP 302
    https://reserveren.thermenresorts.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
reserveren.thermenresorts.de/
Redirect Chain
  • http://reserveren.thermenresorts.de/
  • https://reserveren.thermenresorts.de/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reserveren.thermenresorts.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
f1fe29e515ae7973f33ae6c27ad9419c66df8ba00ef88967ccd6d7d94fb8a4f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https: *.cubetest.nl
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.cubetest.nl
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3600
content-encoding
gzip
content-length
1622
content-security-policy
frame-ancestors 'self' https: *.cubetest.nl
content-type
text/html
date
Wed, 13 Dec 2023 13:23:48 GMT
expires
Wed, 13 Dec 2023 14:23:48 GMT
last-modified
Thu, 07 Dec 2023 08:02:59 GMT
referrer-policy
same-origin strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=63072000; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://*.cubetest.nl
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=3600
Connection
close
Content-Length
221
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 13 Dec 2023 13:23:47 GMT
Expires
Wed, 13 Dec 2023 14:23:47 GMT
Location
https://reserveren.thermenresorts.de/
Referrer-Policy
same-origin
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700|PT+Serif:400,700
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15328bb36eb3ee11e3062498d023851a1c306afb42ff715cfcb161ea756c8a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reserveren.thermenresorts.de/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 13:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 13:23:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 13:23:48 GMT
iframe.support.js
edge.marker.io/latest/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.marker.io/latest/iframe.support.js
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bc3770abdc4c66199f45dc658c503d2e0d941a0ae0dc5719724d08ab4b70af2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reserveren.thermenresorts.de/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 13 Dec 2023 13:23:48 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6337
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 10:00:56 GMT
server
cloudflare
etag
W/"c538edf4bb5adb57c4a2fa8793e6eaea"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
834e86118a2e65ab-FRA
x-amz-cf-id
CKY0Q3Xtc_u39fXnax_0_Sanu94S-XAJarHuv8uMtaPeMiOtrAz8jQ==
index-27431730.js
reserveren.thermenresorts.de/assets/ 		651 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reserveren.thermenresorts.de/assets/index-27431730.js
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
8d3f85a91708d9bf774377efc54ee1f112d18c901f93a117d642d93af8a0afab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https: *.cubetest.nl
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.cubetest.nl
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reserveren.thermenresorts.de/
Origin
https://reserveren.thermenresorts.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=63072000; preload;
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin, strict-origin-when-cross-origin
last-modified
Thu, 07 Dec 2023 08:02:59 GMT
server
Apache
content-security-policy
frame-ancestors 'self' https: *.cubetest.nl
date
Wed, 13 Dec 2023 13:23:48 GMT
vary
Accept-Encoding
x-frame-options
ALLOW-FROM https://*.cubetest.nl
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Fri, 12 Jan 2024 13:23:48 GMT
index-2e5de758.css
reserveren.thermenresorts.de/assets/ 		47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reserveren.thermenresorts.de/assets/index-2e5de758.css
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
2e5de75838dc346ab7e8a7c5ce30b1a34aa0a93eda59ebee530d4baf6f9aa62a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https: *.cubetest.nl
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.cubetest.nl
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reserveren.thermenresorts.de/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=63072000; preload;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https: *.cubetest.nl
date
Wed, 13 Dec 2023 13:23:48 GMT
content-length
10491
x-xss-protection
1; mode=block
referrer-policy
same-origin, strict-origin-when-cross-origin
last-modified
Thu, 07 Dec 2023 08:02:59 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
ALLOW-FROM https://*.cubetest.nl
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 13:23:48 GMT
gtm.js
www.googletagmanager.com/ 		184 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MMDRV3M5
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5308dc7be3761ae72e4ae2434b7e85da05b3baaf8fcae94917078aecd6c82c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reserveren.thermenresorts.de/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 13 Dec 2023 13:23:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66324
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Dec 2023 13:23:48 GMT
pattern-ce0da417.svg
reserveren.thermenresorts.de/assets/ 		88 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reserveren.thermenresorts.de/assets/pattern-ce0da417.svg
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/assets/index-2e5de758.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
ce0da4177e33fba7da05f92ae342d9c1fbf5b7b5003e6a857c3f6f9b8436bc3b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https: *.cubetest.nl
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.cubetest.nl
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reserveren.thermenresorts.de/assets/index-2e5de758.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=63072000; preload;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https: *.cubetest.nl
date
Wed, 13 Dec 2023 13:23:48 GMT
content-length
38839
x-xss-protection
1; mode=block
referrer-policy
same-origin, strict-origin-when-cross-origin
last-modified
Thu, 07 Dec 2023 08:02:59 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
ALLOW-FROM https://*.cubetest.nl
content-type
image/svg+xml
cache-control
max-age=172800
accept-ranges
bytes
expires
Fri, 15 Dec 2023 13:23:48 GMT
checkout
dmp.thermenresorts.nl/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmp.thermenresorts.nl/api/checkout?channel=bussloo-nl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://reserveren.thermenresorts.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
cache-control
no-cache, private
date
Wed, 13 Dec 2023 13:23:48 GMT
referrer-policy
same-origin
server
Apache
strict-transport-security
max-age=63072000; preload;
vary
Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block
checkout
dmp.thermenresorts.nl/api/ 		63 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmp.thermenresorts.nl/api/checkout?channel=bussloo-nl
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/assets/index-27431730.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
22ee63f6444ea0e5ef5ebddec9eb79b8f44ea5abebe6515c9be265917c12009f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://reserveren.thermenresorts.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

date
Wed, 13 Dec 2023 13:23:48 GMT
strict-transport-security
max-age=63072000; preload;
x-content-type-options
nosniff
referrer-policy
same-origin
server
Apache
x-app-workspace
bussloo
x-frame-options
sameorigin
content-language
de
access-control-allow-origin
*
content-type
application/json
cache-control
no-cache, private
x-app-channel
bussloo-nl
x-xss-protection
1; mode=block
7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
fonts.gstatic.com/s/barlow/v12/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700|PT+Serif:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60cdff1621cd9803c61b2c7d010adcb8094f41fcab2da420f99dead9c097395f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reserveren.thermenresorts.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 12 Dec 2023 08:54:12 GMT
x-content-type-options
nosniff
age
102576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14736
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:13:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:54:12 GMT
2023
dmp.thermenresorts.nl/api/checkout/427a58c3-d86d-4806-ad44-b808ca6eedba/calendar/1/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmp.thermenresorts.nl/api/checkout/427a58c3-d86d-4806-ad44-b808ca6eedba/calendar/1/2023?channel=bussloo-nl
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/assets/index-27431730.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
21facf24f40e03944cd469787349916b153af5e2e5f640e4431c69bf2cc9f628
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://reserveren.thermenresorts.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 13 Dec 2023 13:23:49 GMT
strict-transport-security
max-age=63072000; preload;
x-content-type-options
nosniff
referrer-policy
same-origin
server
Apache
x-app-workspace
bussloo
x-frame-options
sameorigin
content-language
de
access-control-allow-origin
*
content-type
application/json
cache-control
no-cache, private
x-app-channel
bussloo-nl
x-xss-protection
1; mode=block
2023
dmp.thermenresorts.nl/api/checkout/427a58c3-d86d-4806-ad44-b808ca6eedba/calendar/12/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmp.thermenresorts.nl/api/checkout/427a58c3-d86d-4806-ad44-b808ca6eedba/calendar/12/2023?channel=bussloo-nl
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/assets/index-27431730.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
422d493782d7c91ef7672fb7ff3c9293d879f642f8786d6cb3b87fa2cb24587c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://reserveren.thermenresorts.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 13 Dec 2023 13:23:49 GMT
strict-transport-security
max-age=63072000; preload;
x-content-type-options
nosniff
referrer-policy
same-origin
server
Apache
x-app-workspace
bussloo
x-frame-options
sameorigin
content-language
de
access-control-allow-origin
*
content-type
application/json
cache-control
no-cache, private
x-app-channel
bussloo-nl
x-xss-protection
1; mode=block
7cHqv4kjgoGqM7E3_-gs51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v12/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700|PT+Serif:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aee78ed3fbb3a01cf9c4d1517a1371092897d581fdb107714df55381caa083d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reserveren.thermenresorts.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 09 Dec 2023 10:05:13 GMT
x-content-type-options
nosniff
age
357516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14656
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:19:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 10:05:13 GMT
7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v12/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700|PT+Serif:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reserveren.thermenresorts.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 09 Dec 2023 11:33:31 GMT
x-content-type-options
nosniff
age
352218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 11:33:31 GMT
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700|PT+Serif:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
202b8aa6108ec44ba8f3d717b0c9f7f94c7f4d76f01943104eaadaf6cf3da602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reserveren.thermenresorts.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 11 Dec 2023 18:20:55 GMT
x-content-type-options
nosniff
age
154974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13400
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:34:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 18:20:55 GMT
icomoon-3c86b3b5.woff2
reserveren.thermenresorts.de/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reserveren.thermenresorts.de/assets/icomoon-3c86b3b5.woff2
Requested by
Host: reserveren.thermenresorts.de
URL: https://reserveren.thermenresorts.de/assets/index-2e5de758.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
3c86b3b586cb93621b2a292d7e29343f05f80a8e2ff1573adcc4f8f66b32cb81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https: *.cubetest.nl
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.cubetest.nl
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reserveren.thermenresorts.de/assets/index-2e5de758.css
Origin
https://reserveren.thermenresorts.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=63072000; preload;
content-security-policy
frame-ancestors 'self' https: *.cubetest.nl
x-content-type-options
nosniff
referrer-policy
same-origin, strict-origin-when-cross-origin
last-modified
Thu, 07 Dec 2023 08:02:59 GMT
server
Apache
date
Wed, 13 Dec 2023 13:23:49 GMT
x-frame-options
ALLOW-FROM https://*.cubetest.nl
content-type
font/woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20840
x-xss-protection
1; mode=block
expires
Fri, 12 Jan 2024 13:23:49 GMT
7cHqv4kjgoGqM7E30-8s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v12/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700|PT+Serif:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56ce2a603fdf25710a1293732913a8bcf08133b741c987373863c0b54109d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reserveren.thermenresorts.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 11 Dec 2023 20:52:57 GMT
x-content-type-options
nosniff
age
145852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14852
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:02:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 20:52:57 GMT
TBU_winter_theehuis_winter_sneeuw_2-800.jpg
dmp.thermenresorts.nl/media/5085/conversions/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.thermenresorts.nl/media/5085/conversions/TBU_winter_theehuis_winter_sneeuw_2-800.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.7.4.67 , Netherlands, ASN20847 (PREVIDER-AS, NL),
Reverse DNS
server15.cube.cloud.shockmedia.nl
Software
Apache /
Resource Hash
2e0b3d451c305a6f078e65507cca075ca0fd740626d6fe0f15a3038cada3ebf1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reserveren.thermenresorts.de/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=63072000; preload;
date
Wed, 13 Dec 2023 13:23:49 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 12 Dec 2023 17:41:08 GMT
server
Apache
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
142401
x-xss-protection
1; mode=block
expires
Thu, 12 Dec 2024 13:23:49 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer string| baseUrl object| ReservationConfig object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY__ object| __vueuse_ssr_handlers__ boolean| __VUE__ object| google_tag_manager object| google_tag_data

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https: *.cubetest.nl
Strict-Transport-Security max-age=63072000; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.cubetest.nl
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dmp.thermenresorts.nl
edge.marker.io
fonts.googleapis.com
fonts.gstatic.com
reserveren.thermenresorts.de
www.googletagmanager.com
2606:4700:20::681a:e68
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200a
31.7.4.67
0bc3770abdc4c66199f45dc658c503d2e0d941a0ae0dc5719724d08ab4b70af2
15328bb36eb3ee11e3062498d023851a1c306afb42ff715cfcb161ea756c8a3e
202b8aa6108ec44ba8f3d717b0c9f7f94c7f4d76f01943104eaadaf6cf3da602
21facf24f40e03944cd469787349916b153af5e2e5f640e4431c69bf2cc9f628
22ee63f6444ea0e5ef5ebddec9eb79b8f44ea5abebe6515c9be265917c12009f
2e0b3d451c305a6f078e65507cca075ca0fd740626d6fe0f15a3038cada3ebf1
2e5de75838dc346ab7e8a7c5ce30b1a34aa0a93eda59ebee530d4baf6f9aa62a
3c86b3b586cb93621b2a292d7e29343f05f80a8e2ff1573adcc4f8f66b32cb81
422d493782d7c91ef7672fb7ff3c9293d879f642f8786d6cb3b87fa2cb24587c
5308dc7be3761ae72e4ae2434b7e85da05b3baaf8fcae94917078aecd6c82c43
60cdff1621cd9803c61b2c7d010adcb8094f41fcab2da420f99dead9c097395f
8d3f85a91708d9bf774377efc54ee1f112d18c901f93a117d642d93af8a0afab
9aee78ed3fbb3a01cf9c4d1517a1371092897d581fdb107714df55381caa083d
cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c
ce0da4177e33fba7da05f92ae342d9c1fbf5b7b5003e6a857c3f6f9b8436bc3b
e56ce2a603fdf25710a1293732913a8bcf08133b741c987373863c0b54109d94
f1fe29e515ae7973f33ae6c27ad9419c66df8ba00ef88967ccd6d7d94fb8a4f2