byman.thermalct.com.mx Open in urlscan Pro
45.147.199.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://byman.thermalct.com.mx/215209.html
Submission: On December 07 via api (December 7th 2020, 8:47:10 pm UTC) from BR

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 8 countries across 22 domains to perform 33 HTTP transactions. The main IP is 45.147.199.136, located in and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is byman.thermalct.com.mx.

This is the only time byman.thermalct.com.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.147.199.136 45.147.199.136	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2.18.233.188 2.18.233.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:28ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:dc4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.152 151.101.14.152	54113 (FASTLY) (FASTLY)
1	94.126.169.118 94.126.169.118	33876 (FLESK-AS) (FLESK-AS)
1	2606:4700:303... 2606:4700:3032::6812:347c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::272	54113 (FASTLY) (FASTLY)
1	177.135.94.134 177.135.94.134	18881 (TELEFONIC...) (TELEFONICA BRASIL S.A)
1 7	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
33	21

3 45.147.199.136 (None, )

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: ebosh.srv

byman.thermalct.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.188 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-188.deploy.static.akamaitechnologies.com

images-americanas.b2w.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:28ab (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.meutimao.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:dc4a (United States)

ASN13335 (CLOUDFLARENET, US)

reader011.staticloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.152 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

imgv2-1-f.scribdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.126.169.118 (Seixal, Portugal)

ASN33876 (FLESK-AS, PT)
PTR: cpanel18.dnscpanel.com

www.presenca.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6812:347c (United States)

ASN13335 (CLOUDFLARENET, US)

img2.docero.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::272 (Ascension Island)

ASN54113 (FASTLY, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 177.135.94.134 (Curitiba, Brazil)

ASN18881 (TELEFONICA BRASIL S.A, BR)
PTR: quimagraf.static.gvt.net.br

images.livrariasaraiva.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.112 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	addthis.com 1 redirects s7.addthis.com m.addthis.com	193 KB
5	yandex.ru 2 redirects mc.yandex.ru	96 KB
3	thermalct.com.mx byman.thermalct.com.mx	47 KB
2	yandex.com 1 redirects mc.yandex.com	391 B
2	gstatic.com fonts.gstatic.com	27 KB
2	wp.com i1.wp.com	115 KB
1	addthisedge.com v1.addthisedge.com	829 B
1	moatads.com z.moatads.com	1 KB
1	youtube.com www.youtube.com
1	googleapis.com fonts.googleapis.com	658 B
1	livrariasaraiva.com.br images.livrariasaraiva.com.br	166 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com	370 KB
1	docero.com.br img2.docero.com.br	1 MB
1	presenca.pt www.presenca.pt	1 MB
1	scribdassets.com imgv2-1-f.scribdassets.com	64 KB
1	staticloud.net reader011.staticloud.net	577 KB
1	meutimao.com.br cdn.meutimao.com.br	108 KB
1	b2w.io images-americanas.b2w.io	206 KB
1	twimg.com pbs.twimg.com	321 KB
1	ytimg.com i.ytimg.com	106 KB
1	jquery.com code.jquery.com	29 KB
1	cloudflare.com cdnjs.cloudflare.com	18 KB
33	22

	Domain	Requested by
5	mc.yandex.ru	2 redirects byman.thermalct.com.mx
5	s7.addthis.com	1 redirects byman.thermalct.com.mx s7.addthis.com
3	byman.thermalct.com.mx	byman.thermalct.com.mx
2	mc.yandex.com	1 redirects byman.thermalct.com.mx
2	fonts.gstatic.com	fonts.googleapis.com
2	i1.wp.com	byman.thermalct.com.mx
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.youtube.com	byman.thermalct.com.mx
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	images.livrariasaraiva.com.br	byman.thermalct.com.mx
1	images-na.ssl-images-amazon.com	byman.thermalct.com.mx
1	img2.docero.com.br	byman.thermalct.com.mx
1	www.presenca.pt	byman.thermalct.com.mx
1	imgv2-1-f.scribdassets.com	byman.thermalct.com.mx
1	reader011.staticloud.net	byman.thermalct.com.mx
1	cdn.meutimao.com.br	byman.thermalct.com.mx
1	images-americanas.b2w.io	byman.thermalct.com.mx
1	pbs.twimg.com	byman.thermalct.com.mx
1	i.ytimg.com	byman.thermalct.com.mx
1	code.jquery.com	byman.thermalct.com.mx
1	cdnjs.cloudflare.com	byman.thermalct.com.mx
33	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
edgestatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
b2wdigital.com DigiCert SHA2 Secure Server CA	`2020-07-14` - `2021-07-14`	a year	crt.sh
*.scribdassets.com Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh
presenca.pt R3	`2020-12-03` - `2021-03-03`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2020-09-16` - `2021-09-21`	a year	crt.sh
*.livrariasaraiva.com.br RapidSSL RSA CA 2018	`2020-04-15` - `2021-04-15`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://byman.thermalct.com.mx/215209.html
Frame ID: BAE772948C759748384D6D669C89DDD1
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_9eBJ7Xh_lE
Frame ID: A015A15B495E68DC1A1CF6B1708E2E77
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A62C18BFE7BC1E82133215F1CAF2390B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2D9ECDD4D161B1ED5D74D3B1F6BD2AEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

33
Requests

88 %
HTTPS

60 %
IPv6

22
Domains

23
Subdomains

21
IPs

8
Countries

4979 kB
Transfer

5896 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 28

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9115.Fw96ZXFaxtsmOFN0A0GP-j76NvoEeYyT-XgGZ3f28_tNfyvYVhXhPSPBRZHenZtm.Evad82NYlZ7xj-iI6BHTey9z9Y8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9115.KIjS8B6jaZN-7y8aakybyYR14QpNd0b1JF6Ekivno0gAprTm2nyGqGZCeBy60l3R_P8U91xNkdR2-mfCg2nfEw%2C%2C.imF29o6AP3lTaMmoDY7deb1elMo%2C

Request Chain 30

https://mc.yandex.ru/watch/67422199?wmode=7&page-url=http%3A%2F%2Fbyman.thermalct.com.mx%2F215209.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1607374005343%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201207214651%3Aet%3A1607374011%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A573933314696%3Arqn%3A1%3Arn%3A662926703%3Ahid%3A965272200%3Ads%3A196%2C15%2C83%2C1%2C0%2C0%2C0%2C5153%2C22%2C%2C%2C%2C5450%3Afp%3A5420%3Agdpr%3A14%3Av%3A1982%3Awv%3A2%3Arqnl%3A1%3Ast%3A1607374011%3Au%3A16073740111047620949%3App%3A3629563401%3At%3AEu%20fico%20loko%202%20livro%20pdf.%20Public%20Domain%20Baixar%20Gr%C3%A1tis HTTP 302
https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Fbyman.thermalct.com.mx%2F215209.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1607374005343%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201207214651%3Aet%3A1607374011%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A573933314696%3Arqn%3A1%3Arn%3A662926703%3Ahid%3A965272200%3Ads%3A196%2C15%2C83%2C1%2C0%2C0%2C0%2C5153%2C22%2C%2C%2C%2C5450%3Afp%3A5420%3Agdpr%3A14%3Av%3A1982%3Awv%3A2%3Arqnl%3A1%3Ast%3A1607374011%3Au%3A16073740111047620949%3App%3A3629563401%3At%3AEu%20fico%20loko%202%20livro%20pdf.%20Public%20Domain%20Baixar%20Gr%C3%A1tis

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 215209.html Show response
byman.thermalct.com.mx/ 23 KB
7 KB 294ms
83ms Document
text/html 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://byman.thermalct.com.mx/215209.html
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: f077ec271ee005e70ed991b621aaa1f17bd038cb1fec7ce7cba02f0397944b83

Request headers

Host: byman.thermalct.com.mx
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Mon, 07 Dec 2020 20:46:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6618
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/united/ 173 KB
18 KB 16ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/united/bootstrap.min.css

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fae0ce7ec551854957bf2f7970738ac8cc01c8c03d12fb5c9fcbc34a1d1485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 458522
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 17726
cf-request-id: 06e08dfd8d0000d729c893a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d90-2b2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FR48YSqZmv5uhdbr7QPm2XQCZi2KE3QfnlVulXMW%2Fds7Ng9O3wOZUG3GZX2Lrqg8xWw0BlJXJEZO%2FO7605ZFyep1k1I2qDIZWiL2RIWZiT5vpdNr7um6%2B8i30wWxAUnxww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe1190f48a3d729-FRA
expires: Sat, 27 Nov 2021 20:46:45 GMT

GET
H2 200 jquery-2.2.3.min.js Show response
code.jquery.com/ 84 KB
29 KB 9ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.3.min.js
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:45 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2016 19:27:05 GMT
server: nginx
etag: W/"57041189-14e9b"
vary: Accept-Encoding
x-hw: 1607374005.dop212.fr8.t,1607374005.cds279.fr8.hc,1607374005.cds275.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29881

GET
H/1.1 200
OK gen.css
byman.thermalct.com.mx/files/ 5 KB
2 KB 26ms
25ms Stylesheet
text/css 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://byman.thermalct.com.mx/files/gen.css
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: 33f89a83966d581c29e8571c42a1f2be88bf470f9877c6c37e0be035b0e7079c

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 20:46:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Sep 2020 12:41:21 GMT
Server: nginx
ETag: W/"5f6b4271-1288"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK top.jpg
byman.thermalct.com.mx/files/ 38 KB
38 KB 61ms
61ms Image
image/jpeg 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://byman.thermalct.com.mx/files/top.jpg
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: e4bf56438a4a0fb5a4143fd671d474ddbc9ac14e2d5dceb7982d6a663f5d8770

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 20:46:45 GMT
Last-Modified: Thu, 17 Sep 2020 08:00:52 GMT
Server: nginx
ETag: "5f6317b4-9846"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 38982
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_64731.jpg
i1.wp.com/ideiasvirtuais.com.br/wp-content/uploads/2017/11/ 51 KB
52 KB 79ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/ideiasvirtuais.com.br/wp-content/uploads/2017/11/IMG_64731.jpg?resize=1024%2C768&ssl=1

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6e75bc848352587ec2970bb6b8268e11840e55cc99ef7409ab85b1e5f9024444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 07 Dec 2020 20:46:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 17:06:48 GMT
server: nginx
etag: "21d4c3fe4e044383"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://ideiasvirtuais.com.br/wp-content/uploads/2017/11/IMG_64731.jpg>; rel="canonical"
content-length: 52522
expires: Sun, 04 Dec 2022 05:06:48 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/RHccVX7r7bg/ 106 KB
106 KB 62ms
43ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/RHccVX7r7bg/maxresdefault.jpg

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e29cfff35f56181ad7e35fb4f68bfe9ac76cafc1a3e85ad46e1af1781052b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:46 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1598032730"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108473
x-xss-protection: 0
expires: Mon, 07 Dec 2020 22:46:46 GMT

GET
H2 200 EenP1ZIXYAEca8s.png
pbs.twimg.com/media/ 320 KB
321 KB 40ms
19ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EenP1ZIXYAEca8s.png

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E2) /

Resource Hash

b182a1e0b3c70b013b2e77282190e630831932052813e185cb218d8cd1e53324

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:46 GMT
x-content-type-options: nosniff
age: 90536
x-cache: HIT
content-length: 327975
x-response-time: 603
surrogate-key: media media/bucket/9 media/1290791284404346881
last-modified: Tue, 04 Aug 2020 23:24:38 GMT
server: ECS (fcn/40E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 01d1a9f67e0c8c534b263575af23a951
accept-ranges: bytes

GET
H2 200 1201824250_1SZ.jpg
images-americanas.b2w.io/produtos/01/00/img/1201824/2/ 205 KB
206 KB 167ms
84ms Image
image/webp 2.18.233.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-americanas.b2w.io/produtos/01/00/img/1201824/2/1201824250_1SZ.jpg
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.188 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-188.deploy.static.akamaitechnologies.com
Software: BIS /
Resource Hash: 8dff596e0c9d1af8bf041af0c9c4623c244ae60a718c90aa54cc39621fddec1e

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 210
date: Mon, 07 Dec 2020 20:46:46 GMT
x-edgeconnect-midmile-rtt: 112
content-disposition: inline; filename="1201824250_1SZ.webp"
content-length: 209848
x-request-id: Q2BgiAQqU2L2OC8lmSbwX
last-modified: Tue, 01 Dec 2020 16:44:29 GMT
server: BIS
etag: 7843e87a267843d3da7b4af622d5103c02cd05ecf656eeba5ded73e67540e9e0
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control: public, max-age=604800
warning: 11284
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
expires: Mon, 14 Dec 2020 20:46:46 GMT

GET
H2 200 Regra_CBF.png
cdn.meutimao.com.br/_upload/forumtopico/2019/03/31/ 108 KB
108 KB 48ms
32ms Image
image/webp 2606:4700:10::6816:28ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.meutimao.com.br/_upload/forumtopico/2019/03/31/Regra_CBF.png
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6995248d7af2912d719439f1330010d1a53796564cbc04f691587b01941d0cc6

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:46 GMT
cf-cache-status: HIT
age: 959
cf-polished: origFmt=png, origSize=290406
content-disposition: inline; filename="Regra_CBF.webp"
content-length: 110334
cf-request-id: 06e08e009c000005d8ff34e000000001
last-modified: Sun, 31 Mar 2019 20:22:50 GMT
server: cloudflare
etag: "46e66-58569aaf90e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fe119142e5205d8-FRA
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 bg1.png
reader011.staticloud.net/reader011/html5/20190203/568c36df1a28ab023599a5d2/ 576 KB
577 KB 506ms
441ms Image
image/png 2606:4700:3031::ac43:dc4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reader011.staticloud.net/reader011/html5/20190203/568c36df1a28ab023599a5d2/bg1.png
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82674f394b021f9f3908e1d4dc80232dde1ba5dd6dd0406661a7ef25120b386b

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 589857
cf-request-id: 06e08e010e00000f9a2a241000000001
last-modified: Sun, 03 Feb 2019 06:04:58 GMT
server: cloudflare
etag: "5c56848a-90021"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LbRep7jwUz89wSavHiwURl9OIXhFIlX432OKlVaWp5%2FHccQaWeYfwOxJFBUeGaaWi9eKOrk2Pmb9L7ojppVMKxHeTdUp%2FRaf4rCesscepcnwHIJHmoPa3Z9YODH%2BmfiYprOhGe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5fe11914ef5b0f9a-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1598177170
imgv2-1-f.scribdassets.com/img/document/438664653/original/727c12f8c9/ 64 KB
64 KB 83ms
28ms Image
image/webp 151.101.14.152
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv2-1-f.scribdassets.com/img/document/438664653/original/727c12f8c9/1598177170?v=1
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.152 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2371279d67a81e20f2a05aa1efb671a4f145445ebb0d33ebedf1296d9168e899

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 532937
etag: "Su3M+d8EKegXzhsOQZVqzCiK66wctHPf0z3gCRDzi/Y"
x-served-by: cache-mdw17355-MDW, cache-fra19122-FRA
vary: Accept
x-cache: HIT, HIT
fastly-io-info: ifsz=180818 idim=768x1024 ifmt=jpeg ofsz=65348 odim=768x1024 ofmt=webp
cache-control: max-age=864000,stale-while-revalidate=86400,stale-if-error=86400
content-length: 65348
fastly-stats: io=1
accept-ranges: bytes
content-type: image/webp
x-timer: S1607374007.343329,VS0,VE2
x-cache-hits: 1, 1

GET
H2 200 60960254.jpg
www.presenca.pt//capas/ 1 MB
1 MB 413ms
87ms Image
image/jpeg 94.126.169.118
FLESK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.presenca.pt//capas/60960254.jpg
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.126.169.118 Seixal, Portugal, ASN33876 (FLESK-AS, PT),
Reverse DNS: cpanel18.dnscpanel.com
Software: Apache /
Resource Hash: 120c4f88b3c96fa06d9f4a6c253c5a33306295b8fbd619183fe025cbda82fe94

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:47 GMT
last-modified: Thu, 27 Aug 2020 15:04:56 GMT
server: Apache
accept-ranges: bytes
content-length: 1372031
content-type: image/jpeg

GET
H2 200 ccxv8.png
img2.docero.com.br/image/l/ 1 MB
1 MB 3961ms
3932ms Image
image/png 2606:4700:3032::6812:347c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.docero.com.br/image/l/ccxv8.png

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6812:347c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7064f262392e0a89267db9a671774a29828595271f7f0c9be7cf32f65f729d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:52 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dNl80ERpMVt33nNiw2RtkHkxeHrdFe0sn4xAzxQw10fn4Ro8sgRmF%2B%2BYLPXDqsOAQJdgQGNYw9wsOxCK96%2F0CMPJAE37be9HdFTntRqACWeeHwPmNxMa3dHa74QOd14%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: maxage=Sat, 27 Feb 2055 20:46:48
strict-transport-security: max-age=7776000; includeSubDomains
cf-ray: 5fe119217cc42bb9-FRA
cf-request-id: 06e08e08e700002bb92b80b000000001
expires: Sat, 27 Feb 2055 20:46:48 GMT

GET
H2 200 81dJHLqezCL.jpg
images-na.ssl-images-amazon.com/images/I/ 369 KB
370 KB 159ms
144ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/I/81dJHLqezCL.jpg
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e36113ac0ba542d7b45cc7f60491a82b1ac656cabe0c08743affb6a739c7db5d

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:50 GMT
last-modified: Mon, 10 Aug 2020 22:16:57 GMT
age: 1414018
x-cache: HIT from fastly, MISS from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 10 Nov 2040 15:05:37 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: c85822e5-1630-43bf-afe4-96eeba0176e5
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 378306
x-served-by: cache-dca17758-DCA, cache-hhn4030-HHN

GET
H/1.1 200
OK /
images.livrariasaraiva.com.br/imagemnet/imagem.aspx/ 166 KB
166 KB 1178ms
632ms Image
image/jpeg 177.135.94.134
TELEFONICA BRASIL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.livrariasaraiva.com.br/imagemnet/imagem.aspx/?pro_id=9377822&qld=90&l=830&a=-1=1007943217
Requested by: Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 177.135.94.134 Curitiba, Brazil, ASN18881 (TELEFONICA BRASIL S.A, BR),
Reverse DNS: quimagraf.static.gvt.net.br
Software: nginx/1.16.1 / ASP.NET
Resource Hash: d41cf14d1c5b2457ebd5deb68489fa37eba7390885e07bde99bacf9767c8154c

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 20:46:51 GMT
X-AspNetMvc-Version: 5.2
Server: nginx/1.16.1
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: private
Connection: keep-alive
Content-Length: 170187

GET
H2 200 manual-escatologia.jpg
i1.wp.com/javerevela.com.br/wp-content/uploads/2019/09/ 63 KB
63 KB 1117ms
1116ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/javerevela.com.br/wp-content/uploads/2019/09/manual-escatologia.jpg?resize=1280%2C720&ssl=1

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c5977ec5a675166eb62381b91685a5c28e2692f5b90f46d031c15feee5487ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS ams 7
date: Mon, 07 Dec 2020 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 20:46:51 GMT
server: nginx
etag: "1df2bb295079a87d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://javerevela.com.br/wp-content/uploads/2019/09/manual-escatologia.jpg>; rel="canonical"
content-length: 64114
expires: Thu, 08 Dec 2022 08:46:51 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

33ms
32ms

Script
application/javascript

104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 07 Dec 2020 20:46:45 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Mon, 07 Dec 2020 20:46:45 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 css
fonts.googleapis.com/ 3 KB
658 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,700

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/united/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4f421c581f4eb92de3620f0e1096cd731889fea2f9b5c94ba8a4f8f428f821e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/united/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 19:17:53 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 07 Dec 2020 20:46:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 07 Dec 2020 20:46:45 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 369 KB
94 KB 148ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

10935c31d2fc50ef3a3f8c94ae3316e979e2217f19193adb044c9d2914d89713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:50 GMT
content-encoding: br
last-modified: Mon, 07 Dec 2020 18:16:38 GMT
etag: "5fce6bea-17786"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96134
expires: Mon, 07 Dec 2020 21:46:50 GMT

GET
H2 200 _9eBJ7Xh_lE
www.youtube.com/embed/ Frame A015 0
0 120ms
100ms Document
text/html 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_9eBJ7Xh_lE

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/_9eBJ7Xh_lE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://byman.thermalct.com.mx/215209.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://byman.thermalct.com.mx/215209.html

Response headers

content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 21638
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
cache-control: no-cache
strict-transport-security: max-age=31536000
date: Mon, 07 Dec 2020 20:46:50 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=bA1HfkuAkr4; path=/; domain=.youtube.com; secure; expires=Sat, 05-Jun-2021 20:46:50 GMT; httponly; samesite=None YSC=f0VimI57WoE; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=bA1HfkuAkr4; path=/; domain=.youtube.com; secure; expires=Sat, 05-Jun-2021 20:46:50 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 07-Dec-2020 21:16:50 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://byman.thermalct.com.mx
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 11:20:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:01 GMT
server: sffe
age: 206772
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13720
x-xss-protection: 0
expires: Sun, 05 Dec 2021 11:20:38 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://byman.thermalct.com.mx
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 08:15:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:11 GMT
server: sffe
age: 563467
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14096
x-xss-protection: 0
expires: Wed, 01 Dec 2021 08:15:43 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 78ms
26ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:50 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=25429
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e3c090425f690a7/ 2 KB
829 B 865ms
865ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e3c090425f690a7/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f697289be2fc9cb51ef2226cf524a46c070642638544e096f233559167980aaa

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:51 GMT
content-encoding: gzip
etag: -190367735--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 653

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 125ms
125ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fce94bacd5e5e60&bkl=0&bl=1&pdt=396&sid=5fce94bacd5e5e60&pub=ra-5e3c090425f690a7&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=byman.thermalct.com.mx&fp=215209.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1607374010803&jsl=1&uvs=5fce94baa54e21ea000&skipb=1&callback=addthis.cbs.jsonp__55328660053924450
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 272cc61179ac2dc492d86c262ad264add166e5f983d461b314cf69f29f202e6e

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 20:46:50 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame A62C 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2D9E 0
0 30ms
30ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://byman.thermalct.com.mx/215209.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://byman.thermalct.com.mx/215209.html

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 07 Dec 2020 20:46:50 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 88ms
30ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Mon, 07 Dec 2020 20:46:50 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9115.Fw96ZXFaxtsmOFN0A0GP-j76NvoEeYyT-XgGZ3f28_tNfyvYVhXhPSPBRZHenZtm.Evad82NYlZ7xj-iI6BHTey9z9Y8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9115.KIjS8B6jaZN-7y8aakybyYR14QpNd0b1JF6Ekivno0gAprTm2nyGqGZCeBy60l3R_P8U91xNkdR2-mfCg2nfEw%2C%2C.imF29o6AP3lTaMmoDY7deb1elMo%2C

75 B
75 B

72ms
71ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9115.KIjS8B6jaZN-7y8aakybyYR14QpNd0b1JF6Ekivno0gAprTm2nyGqGZCeBy60l3R_P8U91xNkdR2-mfCg2nfEw%2C%2C.imF29o6AP3lTaMmoDY7deb1elMo%2C

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:51 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9115.KIjS8B6jaZN-7y8aakybyYR14QpNd0b1JF6Ekivno0gAprTm2nyGqGZCeBy60l3R_P8U91xNkdR2-mfCg2nfEw%2C%2C.imF29o6AP3lTaMmoDY7deb1elMo%2C
date: Mon, 07 Dec 2020 20:46:51 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 20:46:51 GMT
last-modified: Mon, 07 Dec 2020 18:16:38 GMT
etag: "5fca40f3-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Dec 2020 21:46:51 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/67422199/
Redirect Chain

https://mc.yandex.ru/watch/67422199?wmode=7&page-url=http%3A%2F%2Fbyman.thermalct.com.mx%2F215209.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1607374005343%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%...
https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Fbyman.thermalct.com.mx%2F215209.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1607374005343%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A...

167 B
249 B

56ms
55ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Fbyman.thermalct.com.mx%2F215209.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1607374005343%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201207214651%3Aet%3A1607374011%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A573933314696%3Arqn%3A1%3Arn%3A662926703%3Ahid%3A965272200%3Ads%3A196%2C15%2C83%2C1%2C0%2C0%2C0%2C5153%2C22%2C%2C%2C%2C5450%3Afp%3A5420%3Agdpr%3A14%3Av%3A1982%3Awv%3A2%3Arqnl%3A1%3Ast%3A1607374011%3Au%3A16073740111047620949%3App%3A3629563401%3At%3AEu%20fico%20loko%202%20livro%20pdf.%20Public%20Domain%20Baixar%20Gr%C3%A1tis

Requested by

Host: byman.thermalct.com.mx
URL: http://byman.thermalct.com.mx/215209.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4b2d4cb67ec956b07d1ecb90d5ac2df66c879d8c97062da99dccf2a262ecc13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Dec 2020 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 07-Dec-2020 20:46:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://byman.thermalct.com.mx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 07-Dec-2020 20:46:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Dec 2020 20:46:51 GMT
last-modified: Mon, 07-Dec-2020 20:46:51 GMT
location: /watch/67422199/1?wmode=7&page-url=http%3A%2F%2Fbyman.thermalct.com.mx%2F215209.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1607374005343%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201207214651%3Aet%3A1607374011%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A573933314696%3Arqn%3A1%3Arn%3A662926703%3Ahid%3A965272200%3Ads%3A196%2C15%2C83%2C1%2C0%2C0%2C0%2C5153%2C22%2C%2C%2C%2C5450%3Afp%3A5420%3Agdpr%3A14%3Av%3A1982%3Awv%3A2%3Arqnl%3A1%3Ast%3A1607374011%3Au%3A16073740111047620949%3App%3A3629563401%3At%3AEu%20fico%20loko%202%20livro%20pdf.%20Public%20Domain%20Baixar%20Gr%C3%A1tis
strict-transport-security: max-age=31536000
access-control-allow-origin: http://byman.thermalct.com.mx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 07-Dec-2020 20:46:51 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 29ms
28ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://byman.thermalct.com.mx/215209.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 07 Dec 2020 20:46:51 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thermalct.com.mx/	1970-01-19 14:29:35	Name: _ym_visorc_67422199 Value: w
.thermalct.com.mx/	1970-01-19 14:30:46	Name: _ym_isad Value: 2
.thermalct.com.mx/	1970-01-19 23:15:10	Name: _ym_d Value: 1607374011
.thermalct.com.mx/	1970-01-19 23:15:10	Name: _ym_uid Value: 16073740111047620949

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

byman.thermalct.com.mx
cdn.meutimao.com.br
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
i1.wp.com
images-americanas.b2w.io
images-na.ssl-images-amazon.com
images.livrariasaraiva.com.br
img2.docero.com.br
imgv2-1-f.scribdassets.com
m.addthis.com
mc.yandex.com
mc.yandex.ru
pbs.twimg.com
reader011.staticloud.net
s7.addthis.com
v1.addthisedge.com
www.presenca.pt
www.youtube.com
z.moatads.com
s7.addthis.com
104.111.216.96
104.75.88.112
151.101.14.152
177.135.94.134
192.0.77.2
2.18.233.188
2001:4de0:ac19::1:b:3b
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:10::6816:28ab
2606:4700:3031::ac43:dc4a
2606:4700:3032::6812:347c
2606:4700::6810:135e
2a00:1450:4001:809::2016
2a00:1450:4001:814::2003
2a00:1450:4001:816::200e
2a00:1450:4001:820::200a
2a02:6b8::1:119
2a04:4e42:1b::272
45.147.199.136
94.126.169.118
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
10935c31d2fc50ef3a3f8c94ae3316e979e2217f19193adb044c9d2914d89713
120c4f88b3c96fa06d9f4a6c253c5a33306295b8fbd619183fe025cbda82fe94
2371279d67a81e20f2a05aa1efb671a4f145445ebb0d33ebedf1296d9168e899
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
272cc61179ac2dc492d86c262ad264add166e5f983d461b314cf69f29f202e6e
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
31fae0ce7ec551854957bf2f7970738ac8cc01c8c03d12fb5c9fcbc34a1d1485
33f89a83966d581c29e8571c42a1f2be88bf470f9877c6c37e0be035b0e7079c
4b2d4cb67ec956b07d1ecb90d5ac2df66c879d8c97062da99dccf2a262ecc13d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6995248d7af2912d719439f1330010d1a53796564cbc04f691587b01941d0cc6
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
6e29cfff35f56181ad7e35fb4f68bfe9ac76cafc1a3e85ad46e1af1781052b67
6e75bc848352587ec2970bb6b8268e11840e55cc99ef7409ab85b1e5f9024444
7064f262392e0a89267db9a671774a29828595271f7f0c9be7cf32f65f729d49
82674f394b021f9f3908e1d4dc80232dde1ba5dd6dd0406661a7ef25120b386b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8dff596e0c9d1af8bf041af0c9c4623c244ae60a718c90aa54cc39621fddec1e
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b182a1e0b3c70b013b2e77282190e630831932052813e185cb218d8cd1e53324
c5977ec5a675166eb62381b91685a5c28e2692f5b90f46d031c15feee5487ed1
d41cf14d1c5b2457ebd5deb68489fa37eba7390885e07bde99bacf9767c8154c
d4f421c581f4eb92de3620f0e1096cd731889fea2f9b5c94ba8a4f8f428f821e
e36113ac0ba542d7b45cc7f60491a82b1ac656cabe0c08743affb6a739c7db5d
e4bf56438a4a0fb5a4143fd671d474ddbc9ac14e2d5dceb7982d6a663f5d8770
f077ec271ee005e70ed991b621aaa1f17bd038cb1fec7ce7cba02f0397944b83
f697289be2fc9cb51ef2226cf524a46c070642638544e096f233559167980aaa

byman.thermalct.com.mx Open in urlscan Pro 45.147.199.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

33 Requests

88 %HTTPS

60 %IPv6

22 Domains

23 Subdomains

21 IPs

8 Countries

4979 kBTransfer

5896 kBSize

4 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

byman.thermalct.com.mx Open in urlscan Pro
45.147.199.136 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

88 %
HTTPS

60 %
IPv6

22
Domains

23
Subdomains

21
IPs

8
Countries

4979 kB
Transfer

5896 kB
Size

4
Cookies

33 HTTP transactions
0 data transactions