urlscan.io logo urlscan.io
SecurityTrails logo

www.terme-olimia.com Open in urlscan Pro
51.145.136.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wellcardklub.si/
Effective URL: https://www.terme-olimia.com/sl/wellcard-olimia
Submission: On March 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 42 HTTP transactions. The main IP is 51.145.136.196, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.terme-olimia.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 6th 2024. Valid for: a year.
This is the only time www.terme-olimia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 51.145.136.196 8075 (MICROSOFT...)
1 2a04:4e42::729 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 213.250.38.19 5603 (SIOL-NET ...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
42 10
25    51.145.136.196 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wellcardklub.si
www.terme-olimia.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
3    2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80a::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    213.250.38.19 (Ljubljana, Slovenia)

ASN5603 (SIOL-NET Telekom Slovenije d.d., SI)
marketing.terme-olimia.com
1    2606:4700:10::ac43:2925 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.midas-network.com
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
27 terme-olimia.com
www.terme-olimia.com
marketing.terme-olimia.com
3 MB
4 gstatic.com
fonts.gstatic.com
111 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
274 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
274 B
1 midas-network.com
cdn.midas-network.com — Cisco Umbrella Rank: 112739
242 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
588 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
572 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4640
16 KB
1 wellcardklub.si
wellcardklub.si
133 B
42 11
Domain Requested by
24 www.terme-olimia.com www.terme-olimia.com
browser.sentry-cdn.com
4 fonts.gstatic.com fonts.googleapis.com
3 marketing.terme-olimia.com www.terme-olimia.com
browser.sentry-cdn.com
3 www.googletagmanager.com www.terme-olimia.com
www.googletagmanager.com
2 connect.facebook.net www.terme-olimia.com
connect.facebook.net
2 fonts.googleapis.com www.terme-olimia.com
1 www.facebook.com www.terme-olimia.com
1 cdn.midas-network.com www.terme-olimia.com
1 googleads.g.doubleclick.net www.terme-olimia.com
1 www.google.com 1 redirects
1 browser.sentry-cdn.com www.terme-olimia.com
1 wellcardklub.si 1 redirects
42 12
Subject Issuer Validity Valid
*.terme-olimia.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-07		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-21 -
2024-03-20		 3 months crt.sh
marketing.terme-olimia.com
R3		 2024-02-15 -
2024-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-12 -
2024-05-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.terme-olimia.com/sl/wellcard-olimia
Frame ID: 33705A0F5A391AF9E1D07A400F221889
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wellcard Olimia - Terme Olimia, Podčetrtek, Slovenija

Page URL History Show full URLs

  1. https://wellcardklub.si/ HTTP 301
    https://www.terme-olimia.com/sl/wellcard-olimia Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

42
Requests

98 %
HTTPS

82 %
IPv6

11
Domains

12
Subdomains

10
IPs

3
Countries

3311 kB
Transfer

5743 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wellcardklub.si/ HTTP 301
    https://www.terme-olimia.com/sl/wellcard-olimia Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=155386471.1710343249&url=https%3A%2F%2Fwww.terme-olimia.com%2Fsl%2Fwellcard-olimia&dma=0&npa=0&gtm=45He43b0n71NLXT6Mv6894895za200&auid=488084763.1710343249 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=155386471.1710343249&url=https%3A%2F%2Fwww.terme-olimia.com%2Fsl%2Fwellcard-olimia&dma=0&npa=0&gtm=45He43b0n71NLXT6Mv6894895za200&auid=488084763.1710343249

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wellcard-olimia
www.terme-olimia.com/sl/
Redirect Chain
  • https://wellcardklub.si/
  • https://www.terme-olimia.com/sl/wellcard-olimia
78 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f2f2ac18d80cb3efb6221445adbb5345c3dc145ebeedc9ea87cd4c760aebd6c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=120
content-encoding
gzip
content-length
15902
content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 15:20:47 GMT
etag
"721056de-c5c0-46f4-9430-4367bcf36ac3"
expires
Wed, 13 Mar 2024 15:22:48 GMT
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
last-modified
Thu, 22 Feb 2024 07:16:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
170
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 15:20:45 GMT
location
https://www.terme-olimia.com/sl/wellcard-olimia
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
layout-main.css
www.terme-olimia.com/Contents/css/ 		542 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
927fcced76f2fbf6caf243e564f17e88b61ede5f5befd6a0f7c6806c6b03f41b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Wed, 13 Mar 2024 15:20:47 GMT
content-length
75416
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Feb 2024 10:05:44 GMT
server
etag
"04ce38f654da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
bundle.min.js
browser.sentry-cdn.com/5.5.0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.5.0/bundle.min.js
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.terme-olimia.com/
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:20:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 05 Jul 2019 11:17:04 GMT
server
Fastly
age
4260036
etag
"39339cf627bc67e34d4c623bea4c0b4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16371
expires
Wed, 25 Sep 2024 10:36:51 GMT
cookies.png
www.terme-olimia.com/Contents/img/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/cookies.png
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a20f1a840592361a9934daae35b88975eebe3307b669f14654a83968b09c826
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Jun 2023 11:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:47 GMT
etag
"0c8d9d068a3d91:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
91057
x-xss-protection
1; mode=block
ScriptResource.axd
www.terme-olimia.com/ 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/ScriptResource.axd?d=QIaKYqkJqGH9pb13LtgOu-015a_4DpmZ2GTEwoHJBcwlGjg8EOKpLxbWqN8UQq7bCidY2kDsXVVy9eb1NVozPApRmbCMmpvSOf4uf7-TWgsPgvXUKGvAhq7k7CfNvod4v7qJSKHUJ4WF6EJJ0XGquDt_pPAufF3nDmteOQwMZuoikcPefYAcVH0VU9K0kM-G0&t=ffffffffb673d41b
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
796cfee0d1df39ad2f93b6f214610d29be6b626f0fab147061a7fd72e5f2cb40
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Wed, 13 Mar 2024 15:20:47 GMT
content-length
40124
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Mar 2024 11:45:29 GMT
server
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
expires
Thu, 06 Mar 2025 12:45:29 GMT
ScriptResource.axd
www.terme-olimia.com/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/ScriptResource.axd?d=3huBZKwaQKcS_MDC7iuSt5KmkVg__0Qq6qXq1zOV38Ssba21EKE2ZcvyNafM7GNboEo8ipLZudi4OsoA4GmrTsh8Txp30PaV2MTDqBboecIvZXqcRrkdfiU1jiBwNDwLtzllPsS2w0_SvAJfLD6tnwS_Ru-k1U1Vvc7y-IEezGDX7P29C_P9ANbGnKn17YLT0&t=ffffffffb673d41b
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf545e810a861e9230d11968b90c430346dcfbd96be8336138e79fcdd2b2ea25
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Wed, 13 Mar 2024 15:20:48 GMT
content-length
12429
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Mar 2024 11:45:29 GMT
server
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
expires
Thu, 06 Mar 2025 12:45:29 GMT
terme-olimia.svg
www.terme-olimia.com/Contents/img/ 		16 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/terme-olimia.svg
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a21c45544516274c8a3aa3cd6e1494f1ef1690b1fc9332266ef84d320af2590c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Wed, 13 Mar 2024 15:20:48 GMT
content-length
5446
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
etag
"0f07183c124d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
facebook-footer.png
www.terme-olimia.com/Contents/img/ 		407 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/facebook-footer.png
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba9618dc4d2ac97d0ead7ac12becb746157afdf205a2362229046a1bd8ee1b70
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0f07183c124d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
407
x-xss-protection
1; mode=block
instagram-footer.png
www.terme-olimia.com/Contents/img/ 		650 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/instagram-footer.png
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
24838d5520cbf7970c91c513e8e2904d475db40024fd91585a2d5488617c8425
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0f07183c124d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
650
x-xss-protection
1; mode=block
linkedin-footer.png
www.terme-olimia.com/Contents/img/ 		461 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/linkedin-footer.png
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb7e4e961ea32bfe89cc2d6fbd6d140556a7360bec35059874a92831134a7c64
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0f07183c124d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
461
x-xss-protection
1; mode=block
youtube-footer.png
www.terme-olimia.com/Contents/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/youtube-footer.png
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae622eacfc58b45dd9bb92109673582045612bd1aab2e77163d21bb8cc0f28fe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0f07183c124d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
2093
x-xss-protection
1; mode=block
page.sl.js
www.terme-olimia.com/Contents/ 		1 MB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/Contents/page.sl.js?x=638459436483504298
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9cb11471614fb2c17347586fd8ed8f48939160147a693e84963ed94e3c4fee7e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Wed, 13 Mar 2024 15:20:48 GMT
content-length
231600
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Feb 2024 12:44:20 GMT
server
etag
"0aa4bb0c364da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		277 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLXT6M
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d50b61d2d4b0db24c4dfa9faaae83179bb1479072090a9b691249db79d7a3af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:20:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98678
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Mar 2024 15:20:48 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
257d57bb9be59d6770bd1c593b8f7fa3651d2f87ce72dd6e1130c67e73550100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 15:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 15:20:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 15:20:48 GMT
css
fonts.googleapis.com/ 		25 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap&subset=latin-ext
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2f532a4b04da6ce8b10c5723bc2f80ede9bbc1d1161606c471a8bf30c917365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 15:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 15:20:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 15:20:48 GMT
bg-02.svg
www.terme-olimia.com/Contents/img/ 		230 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/bg-02.svg
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
460741733e65ce0a6249fdfe4f2d261ff58b79ac8fc8f26202be6561cdceccc3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0f07183c124d81:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
230
x-xss-protection
1; mode=block
bg-01.svg
www.terme-olimia.com/Contents/img/ 		230 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/bg-01.svg
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a08cab1c3f9e1abf822e163f117c7b7559152d5b30e0211b6827ed174659cd5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0f07183c124d81:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
230
x-xss-protection
1; mode=block
slo-flag.png
www.terme-olimia.com/Contents/img/ 		651 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/slo-flag.png
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26a6a78df9cacf085534a68e0cc0f010e5e2a2d505829e8d6e927abecf0d6ea1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:36 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0f07183c124d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
651
x-xss-protection
1; mode=block
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:20:09 GMT
x-content-type-options
nosniff
age
406839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Mar 2025 22:20:09 GMT
fa-solid-900.woff2
www.terme-olimia.com/contents/fonts/font-awesome/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/contents/fonts/font-awesome/fa-solid-900.woff2
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64407fa171e20487909571bc6d3410778aa012c6891893cde58f09d3f2d8b827
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:34 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0c34082c124d81:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
73664
x-xss-protection
1; mode=block
fa-brands-400.woff2
www.terme-olimia.com/contents/fonts/font-awesome/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/contents/fonts/font-awesome/fa-brands-400.woff2
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c99447c0467a6686ac287c918f58863746f4a110da909e45d3e40e110d1d2e0f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:34 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0c34082c124d81:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
63448
x-xss-protection
1; mode=block
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:52:25 GMT
x-content-type-options
nosniff
age
23303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28512
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 08:52:25 GMT
fa-light-300.woff2
www.terme-olimia.com/contents/fonts/font-awesome/ 		92 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/contents/fonts/font-awesome/fa-light-300.woff2
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f3d5fef7692918616eaa963e436ca2e166a6a446d6162f4d68734b145cc4625
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:34 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0c34082c124d81:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
94240
x-xss-protection
1; mode=block
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:52:33 GMT
x-content-type-options
nosniff
age
23295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 08:52:33 GMT
TK3iWkUHHAIjg752Fz8Ghe4.woff2
fonts.gstatic.com/s/oswald/v53/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752Fz8Ghe4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5dc54bae9968691dcf36c223fd1bca396b2bbee0eb668350ac6883e5daa66861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 03:58:04 GMT
x-content-type-options
nosniff
age
40964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23680
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:23:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 03:58:04 GMT
fa-regular-400.woff2
www.terme-olimia.com/contents/fonts/font-awesome/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/contents/fonts/font-awesome/fa-regular-400.woff2
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71b95feb5096d4e3f1638a20e890e424479e08bcacaf2f68275efd8e147b44de
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.terme-olimia.com/Contents/css/layout-main.css?v=0003
Origin
https://www.terme-olimia.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 18 Feb 2022 12:17:34 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"0c34082c124d81:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
88692
x-xss-protection
1; mode=block
sl
www.terme-olimia.com/api/shop/getCart/ 		1 KB
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/api/shop/getCart/sl
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.5.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30c83c87a0d40ec639e83108ff2ff90825885254ccc67e1e5921023e32a4f783
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
x-aspnetmvc-version
5.2
server
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
date
Wed, 13 Mar 2024 15:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
content-length
538
x-xss-protection
1; mode=block
sl
www.terme-olimia.com/profile/api/nalozi/ 		197 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/profile/api/nalozi/sl
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.5.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7349b1353f86095755f8afc1db436e36838a9a28d55cf130ce0438cbdf18ee3d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
x-aspnetmvc-version
5.2
server
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
date
Wed, 13 Mar 2024 15:20:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
content-length
231
x-xss-protection
1; mode=block
sl
www.terme-olimia.com/profile/api/nalozi-mobile/ 		209 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/profile/api/nalozi-mobile/sl
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.5.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2363c8653afd9dafb49efb1398fcd866ade7c83d78c801901dcafc1aa644011a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
x-aspnetmvc-version
5.2
server
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
date
Wed, 13 Mar 2024 15:20:49 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
content-length
221
x-xss-protection
1; mode=block
f8b596676bd047b69309caafc9eaba39
www.terme-olimia.com/rest-api/obvestila/ 		4 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.terme-olimia.com/rest-api/obvestila/f8b596676bd047b69309caafc9eaba39
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.5.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
x-aspnetmvc-version
5.2
server
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
date
Wed, 13 Mar 2024 15:20:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
content-length
124
x-xss-protection
1; mode=block
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=155386471.1710343249&url=https%3A%2F%2Fwww.terme-olimia.com%2Fsl%2Fwellcard-olimia&dma=0&npa=0&gtm=45He43b0n71NLXT6Mv6894895za200&a...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=155386471.1710343249&url=https%3A%2F%2Fwww.terme-olimia.com%2Fsl%2Fwellcard-olimia&dma=0&npa=0&gtm=45He43b0n71NLXT6Mv6...
42 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=155386471.1710343249&url=https%3A%2F%2Fwww.terme-olimia.com%2Fsl%2Fwellcard-olimia&dma=0&npa=0&gtm=45He43b0n71NLXT6Mv6894895za200&auid=488084763.1710343249
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 15:20:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 15:20:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=155386471.1710343249&url=https%3A%2F%2Fwww.terme-olimia.com%2Fsl%2Fwellcard-olimia&dma=0&npa=0&gtm=45He43b0n71NLXT6Mv6894895za200&auid=488084763.1710343249
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		328 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CDQZ3DD0TY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXT6M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d5ea3b6e54583e2854a88e0da16aea9059b92ae97f9841a1346dc07b1a716f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:20:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102069
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Mar 2024 15:20:49 GMT
destination
www.googletagmanager.com/gtag/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1009516450&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXT6M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
caebb5ea883b0842a6b1efa533e8c781c296bbc36fca8edb0acbc76ebc9f8451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:20:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78849
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Mar 2024 15:20:49 GMT
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Mar 2024 15:20:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
GnpUM1c6dAbw4EV0s6s70Ae4BzzZC04Na9E40JBS2ArzpJgLMFXz/m8Z+lzzshLvAL88hlPbtmJvQtTxzgCZ5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
mtc.js
marketing.terme-olimia.com/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marketing.terme-olimia.com/mtc.js
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.250.38.19 Ljubljana, Slovenia, ASN5603 (SIOL-NET Telekom Slovenije d.d., SI),
Reverse DNS
Software
nginx /
Resource Hash
56c1dd77e646a31c1c3fbef71222c6af240f3139182e59d1d9081d73ecd72db5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 15:20:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Wed, 13 Mar 2024 15:20:50 GMT
ccb8a474-7741-4dbc-b417-419b9f8a000c
cdn.midas-network.com/MidasPixel/IndexAsync/ 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.midas-network.com/MidasPixel/IndexAsync/ccb8a474-7741-4dbc-b417-419b9f8a000c?gtmcb=1173354915
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2925 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:20:49 GMT
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-expose-headers
Request-Context
cache-control
private
cf-ray
863d029e4b5143b8-EWR
content-length
0
request-context
appId=cid-v1:a2c4a87b-281c-449d-94a9-899669266ec7
wellcard-olimia-cover.jpg
www.terme-olimia.com/images/default-source/pasice/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/images/default-source/pasice/wellcard-olimia-cover.jpg?sfvrsn=5522d9d8_12
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8132932aab14d157c4bb281b329323ddad2abea3f79d06753e260f73fd14871
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 15:20:48 GMT
content-disposition
inline; filename=wellcard-olimia-cover.jpg
content-length
2064467
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 08:01:06 GMT
server
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=7776000
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
expires
Tue, 11 Jun 2024 14:20:49 GMT
vstopnica.png
www.terme-olimia.com/Contents/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terme-olimia.com/Contents/img/vstopnica.png
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.145.136.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d1f7433ceb508f6a098d734f43497c5b149b44fe2456b12eea19644e13077a9a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/sl/wellcard-olimia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Oct 2022 14:00:34 GMT
server
date
Wed, 13 Mar 2024 15:20:48 GMT
etag
"255f79d330e2d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache,max-age=2678400
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'none'; payment 'none';
accept-ranges
bytes
content-length
3711
x-xss-protection
1; mode=block
898384066861276
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/898384066861276?v=2.9.148&r=stable&domain=www.terme-olimia.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ca08a5c127770785acdd0c0f16c6e3ac4c288e685f287d41e7c4294d0114e88
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Mar 2024 15:20:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=63, mss=1294, tbw=62438, tp=-1, tpl=-1, uplat=51, ullat=0
pragma
public
x-fb-debug
qz3FEkunrx7c/Icz07UaBoGm5lmUd0n+wplQgkmDwcLKyRzn8hs0mXkxBR9VR7FJFvUVe0GY3ZdIN3s1d1nrsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=898384066861276&ev=PageView&dl=https%3A%2F%2Fwww.terme-olimia.com%2Fsl%2Fwellcard-olimia&rl=&if=false&ts=1710343249578&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1710343249576.878156480&ler=empty&cdl=API_unavailable&it=1710343249476&coo=false&rqm=GET
Requested by
Host: www.terme-olimia.com
URL: https://www.terme-olimia.com/sl/wellcard-olimia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.terme-olimia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 13 Mar 2024 15:20:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
event
marketing.terme-olimia.com/mtc/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://marketing.terme-olimia.com/mtc/event
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.5.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.250.38.19 Ljubljana, Slovenia, ASN5603 (SIOL-NET Telekom Slovenije d.d., SI),
Reverse DNS
Software
nginx /
Resource Hash
a25a196b8a46a8a1f951a40a43514a0b851f9ab3486a98003e3071b76d1bed55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.terme-olimia.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 13 Mar 2024 15:20:51 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Server
nginx
Access-Control-Max-Age
36000
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.terme-olimia.com
Cache-Control
max-age=0, must-revalidate, private
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Authorization
Expires
Wed, 13 Mar 2024 15:20:51 GMT
event
marketing.terme-olimia.com/mtc/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://marketing.terme-olimia.com/mtc/event
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.250.38.19 Ljubljana, Slovenia, ASN5603 (SIOL-NET Telekom Slovenije d.d., SI),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.terme-olimia.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Authorization
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin
https://www.terme-olimia.com
Access-Control-Max-Age
36000
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Mar 2024 15:20:50 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| Sentry object| __SENTRY__ function| gtag function| consentGranted object| match number| d boolean| loadgtm string| sf_appPath function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find function| $ function| jQuery object| intlTelInputUtils function| lazyLoad object| gooya object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| intlTelInputGlobals function| onWorkFieldChange object| workFieldElement object| workFieldOtherElement object| workFieldOtherFormGroupElement object| onWorkFieldChangeDelegate function| onDariloFieldChange object| dariloFieldElement object| velikostFieldElement object| onDariloFieldChangeDelegate object| languageId function| onChildCountChange object| childCountElement object| onChildCountChangeDelegate function| updateLabels function| toggleKomunikacijskiKanaliWrap object| vrstaObdelaveOsnovnoElement object| vrstaObdelaveProfiliranjeElement object| komunikacijskiKanaliWrap string| cookieDomain function| fbq function| _fbq string| MauticTrackingObject function| mt function| onYouTubeIframeAPIReady object| MauticJS function| s4 string| MauticDomain object| MauticLang object| mtcId

12 Cookies

Domain/Path Name / Value
www.terme-olimia.com/ Name: ASP.NET_SessionId
Value: fohval2kcanbyab3q3jvjmeh
.terme-olimia.com/ Name: _gcl_au
Value: 1.1.488084763.1710343249
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.terme-olimia.com/ Name: _fbp
Value: fb.1.1710343249576.878156480
marketing.terme-olimia.com/ Name: 8fc93175795d3acfbc2ab295e07d8f00
Value: 7k2l3odjrfr6u6lhrf90fp5g9i
marketing.terme-olimia.com/ Name: mautic_device_id
Value: c834gu1iec3lmi42fd7x4a9
marketing.terme-olimia.com/ Name: mtc_id
Value: 5170122
marketing.terme-olimia.com/ Name: mtc_sid
Value: c834gu1iec3lmi42fd7x4a9
marketing.terme-olimia.com/ Name: mautic_referer_id
Value: 26012884
www.terme-olimia.com/ Name: mtc_id
Value: 5170122
www.terme-olimia.com/ Name: mtc_sid
Value: c834gu1iec3lmi42fd7x4a9
www.terme-olimia.com/ Name: mautic_device_id
Value: c834gu1iec3lmi42fd7x4a9

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
other warning URL: https://www.terme-olimia.com/sl/wellcard-olimia
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/898384066861276?v=2.9.148&r=stable&domain=www.terme-olimia.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: https:; script-src *.terme-olimia.com *.gooya.io *.phobs.net *.sos-sw.si *.googletagmanager.com *.cloudflare.com *.googlesyndication.com *.bootstrapcdn.com *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.google.com *.facebook.net *.intelliad.de *.doubleclick.net *.sentry-cdn.com *.hotjar.com *.iprom.net *.iprom.si *.google.si 'unsafe-inline' 'unsafe-eval'; style-src *.gooya.io *.terme-olimia.com *.phobs.net *.googleapis.com *.google.com *.sos-sw.si *.googletagmanager.com 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
cdn.midas-network.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
marketing.terme-olimia.com
wellcardklub.si
www.facebook.com
www.google.com
www.googletagmanager.com
www.terme-olimia.com
213.250.38.19
2606:4700:10::ac43:2925
2607:f8b0:4006:80a::2004
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2008
2607:f8b0:4006:824::2003
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::729
51.145.136.196
0a08cab1c3f9e1abf822e163f117c7b7559152d5b30e0211b6827ed174659cd5
2363c8653afd9dafb49efb1398fcd866ade7c83d78c801901dcafc1aa644011a
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
24838d5520cbf7970c91c513e8e2904d475db40024fd91585a2d5488617c8425
257d57bb9be59d6770bd1c593b8f7fa3651d2f87ce72dd6e1130c67e73550100
26a6a78df9cacf085534a68e0cc0f010e5e2a2d505829e8d6e927abecf0d6ea1
2f3d5fef7692918616eaa963e436ca2e166a6a446d6162f4d68734b145cc4625
30c83c87a0d40ec639e83108ff2ff90825885254ccc67e1e5921023e32a4f783
3d50b61d2d4b0db24c4dfa9faaae83179bb1479072090a9b691249db79d7a3af
460741733e65ce0a6249fdfe4f2d261ff58b79ac8fc8f26202be6561cdceccc3
4ca08a5c127770785acdd0c0f16c6e3ac4c288e685f287d41e7c4294d0114e88
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
56c1dd77e646a31c1c3fbef71222c6af240f3139182e59d1d9081d73ecd72db5
5dc54bae9968691dcf36c223fd1bca396b2bbee0eb668350ac6883e5daa66861
64407fa171e20487909571bc6d3410778aa012c6891893cde58f09d3f2d8b827
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
6f2f2ac18d80cb3efb6221445adbb5345c3dc145ebeedc9ea87cd4c760aebd6c
71b95feb5096d4e3f1638a20e890e424479e08bcacaf2f68275efd8e147b44de
7349b1353f86095755f8afc1db436e36838a9a28d55cf130ce0438cbdf18ee3d
796cfee0d1df39ad2f93b6f214610d29be6b626f0fab147061a7fd72e5f2cb40
7a20f1a840592361a9934daae35b88975eebe3307b669f14654a83968b09c826
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb
927fcced76f2fbf6caf243e564f17e88b61ede5f5befd6a0f7c6806c6b03f41b
9cb11471614fb2c17347586fd8ed8f48939160147a693e84963ed94e3c4fee7e
9d5ea3b6e54583e2854a88e0da16aea9059b92ae97f9841a1346dc07b1a716f1
a21c45544516274c8a3aa3cd6e1494f1ef1690b1fc9332266ef84d320af2590c
a25a196b8a46a8a1f951a40a43514a0b851f9ab3486a98003e3071b76d1bed55
ae622eacfc58b45dd9bb92109673582045612bd1aab2e77163d21bb8cc0f28fe
ba9618dc4d2ac97d0ead7ac12becb746157afdf205a2362229046a1bd8ee1b70
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c8132932aab14d157c4bb281b329323ddad2abea3f79d06753e260f73fd14871
c99447c0467a6686ac287c918f58863746f4a110da909e45d3e40e110d1d2e0f
caebb5ea883b0842a6b1efa533e8c781c296bbc36fca8edb0acbc76ebc9f8451
cb7e4e961ea32bfe89cc2d6fbd6d140556a7360bec35059874a92831134a7c64
cf545e810a861e9230d11968b90c430346dcfbd96be8336138e79fcdd2b2ea25
d1f7433ceb508f6a098d734f43497c5b149b44fe2456b12eea19644e13077a9a
dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f532a4b04da6ce8b10c5723bc2f80ede9bbc1d1161606c471a8bf30c917365