larosa.thermalct.com.mx Open in urlscan Pro
45.147.199.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://larosa.thermalct.com.mx/
Submission: On February 02 via api (February 2nd 2021, 1:09:09 am UTC) from BR

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 21 domains to perform 32 HTTP transactions. The main IP is 45.147.199.136, located in and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is larosa.thermalct.com.mx.

This is the only time larosa.thermalct.com.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.147.199.136 45.147.199.136	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2606:4700:303... 2606:4700:3032::6815:47ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
1	128.201.73.21 128.201.73.21	266618 (MEGA PROV...) (MEGA PROVEDOR - SERVICOS DE INTERNET LTDA - ME)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
2	104.196.130.199 104.196.130.199	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:b5d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.236.71.44 151.236.71.44	204720 (CDNETWORKS) (CDNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:5ca9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:293::19fe	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
1 7	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
32	21

3 45.147.199.136 (None, )

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: ebosh.srv

larosa.thermalct.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:47ca (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imagens.lelivros.love	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (Ascension Island)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.201.73.21 (Brazil)

ASN266618 (MEGA PROVEDOR - SERVICOS DE INTERNET LTDA - ME, BR)
PTR: dublin.nuvemidc.com

www.livrosefuxicos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.196.130.199 (United States)

ASN15169 (GOOGLE, US)
PTR: 199.130.196.104.bc.googleusercontent.com

www.prateleiradecima.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b5d7 (United States)

ASN13335 (CLOUDFLARENET, US)

img2.docer.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.44 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

static.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:5ca9 (United States)

ASN13335 (CLOUDFLARENET, US)

img2.docero.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:293::19fe (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

images-submarino.b2w.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::622 (Ascension Island)

ASN54113 (FASTLY, US)

image.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.112 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	addthis.com 1 redirects s7.addthis.com m.addthis.com	193 KB
4	yandex.ru 1 redirects mc.yandex.ru	66 KB
3	thermalct.com.mx larosa.thermalct.com.mx	50 KB
2	prateleiradecima.com www.prateleiradecima.com	345 KB
2	pinimg.com i.pinimg.com	258 KB
2	lelivros.love 1 redirects imagens.lelivros.love	791 KB
1	addthisedge.com v1.addthisedge.com	829 B
1	moatads.com z.moatads.com	1 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	youtube.com www.youtube.com
1	googleapis.com fonts.googleapis.com	611 B
1	isu.pub image.isu.pub	93 KB
1	b2w.io images-submarino.b2w.io	299 KB
1	docero.es img2.docero.es	432 KB
1	blogspot.com 1.bp.blogspot.com	601 KB
1	tildacdn.com static.tildacdn.com	236 KB
1	docer.pl img2.docer.pl	635 KB
1	twimg.com pbs.twimg.com	217 KB
1	livrosefuxicos.com www.livrosefuxicos.com	93 KB
1	jquery.com code.jquery.com	29 KB
1	cloudflare.com cdnjs.cloudflare.com	18 KB
32	21

	Domain	Requested by
5	s7.addthis.com	1 redirects larosa.thermalct.com.mx s7.addthis.com
4	mc.yandex.ru	1 redirects larosa.thermalct.com.mx
3	larosa.thermalct.com.mx	larosa.thermalct.com.mx
2	www.prateleiradecima.com	larosa.thermalct.com.mx
2	i.pinimg.com	larosa.thermalct.com.mx
2	imagens.lelivros.love	1 redirects larosa.thermalct.com.mx
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.youtube.com	larosa.thermalct.com.mx
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	image.isu.pub	larosa.thermalct.com.mx
1	images-submarino.b2w.io	larosa.thermalct.com.mx
1	img2.docero.es	larosa.thermalct.com.mx
1	1.bp.blogspot.com	larosa.thermalct.com.mx
1	static.tildacdn.com	larosa.thermalct.com.mx
1	img2.docer.pl	larosa.thermalct.com.mx
1	pbs.twimg.com	larosa.thermalct.com.mx
1	www.livrosefuxicos.com	larosa.thermalct.com.mx
1	code.jquery.com	larosa.thermalct.com.mx
1	cdnjs.cloudflare.com	larosa.thermalct.com.mx
32	22

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
prateleiradecima.com R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
*.tildacdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-28` - `2021-03-19`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
b2wdigital.com DigiCert SHA2 Secure Server CA	`2020-07-14` - `2021-07-14`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://larosa.thermalct.com.mx/
Frame ID: 5BA1DB9648C4344973A0571B61F82D10
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TRDVCzMyNQw
Frame ID: A041B8F715F6AD2810A8EAB64C635B99
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: BBCCD197B358B2940F5586B0498C9F29
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9ACA78F6DC03155F3F969BDAD9CF5414
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

32
Requests

84 %
HTTPS

70 %
IPv6

21
Domains

22
Subdomains

21
IPs

7
Countries

4370 kB
Transfer

5162 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://imagens.lelivros.love/2019/11/baixar-livro-a-conquista-amores-improvaveis-vol-04-elle-kennedy-em-pdf-epub-mobi-ou-ler-online.jpg HTTP 301
https://imagens.lelivros.love/2019/11/baixar-livro-a-conquista-amores-improvaveis-vol-04-elle-kennedy-em-pdf-epub-mobi-ou-ler-online.jpg

Request Chain 17

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 28

https://mc.yandex.ru/watch/67422199?wmode=7&page-url=http%3A%2F%2Flarosa.thermalct.com.mx%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A462%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A499867834522%3Ahid%3A640247318%3Az%3A60%3Ai%3A20210202020849%3Aet%3A1612228129%3Ac%3A1%3Arn%3A956889754%3Arqn%3A1%3Au%3A1612228129935991761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612228128667%3Awv%3A2%3Ads%3A172%2C17%2C133%2C1%2C1%2C0%2C%2C265%2C12%2C%2C%2C%2C590%3Adsn%3A172%2C17%2C133%2C0%2C0%2C0%2C%2C267%2C12%2C%2C%2C%2C590%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612228129%3At%3AElle%20kennedy%20livros%20pdf.%20Alem%C3%A3o%20PDF%20Baixar%20Gr%C3%A1tis HTTP 302
https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Flarosa.thermalct.com.mx%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A462%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A499867834522%3Ahid%3A640247318%3Az%3A60%3Ai%3A20210202020849%3Aet%3A1612228129%3Ac%3A1%3Arn%3A956889754%3Arqn%3A1%3Au%3A1612228129935991761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612228128667%3Awv%3A2%3Ads%3A172%2C17%2C133%2C1%2C1%2C0%2C%2C265%2C12%2C%2C%2C%2C590%3Adsn%3A172%2C17%2C133%2C0%2C0%2C0%2C%2C267%2C12%2C%2C%2C%2C590%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612228129%3At%3AElle%20kennedy%20livros%20pdf.%20Alem%C3%A3o%20PDF%20Baixar%20Gr%C3%A1tis

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
larosa.thermalct.com.mx/ 26 KB
9 KB 322ms
133ms Document
text/html 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://larosa.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: bc501468b48d5ec9c9bcd312d8bc90a07f603ab2b274098f65ec13ebd5f4d656

Request headers

Host: larosa.thermalct.com.mx
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Tue, 02 Feb 2021 01:08:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9382
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/ 177 KB
18 KB 15ms
14ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/bootstrap.min.css

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46079ffe1d51a0090b2139a2420812a0071a5ecf60ed04edeee319fd380ff92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3269411
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18253
cf-request-id: 0801e208e500000601a3184000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d90-2c4cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OR8NakCqdfYd2sbUjtwuTTSXY0YfMKf1dKVtjV9DgpB45nxPZf%2BWPVYHle5XWOx4sja5H3kK38npzvG7AqhZcHKbxr7vLHCX45KtXns9zKWGUyKWrxwQiD9ic%2BDHlpT8Ag%3D%3D"}],"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61b005ee3e230601-FRA
expires: Sun, 23 Jan 2022 01:08:49 GMT

GET
H2 200 jquery-2.2.3.min.js Show response
code.jquery.com/ 84 KB
29 KB 25ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.3.min.js
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2016 19:27:05 GMT
server: nginx
etag: W/"57041189-14e9b"
vary: Accept-Encoding
x-hw: 1612228129.dop224.fr8.t,1612228129.cds203.fr8.hn,1612228129.cds275.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29881

GET
H/1.1 200
OK gen.css
larosa.thermalct.com.mx/files/ 5 KB
2 KB 21ms
20ms Stylesheet
text/css 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://larosa.thermalct.com.mx/files/gen.css
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: 33f89a83966d581c29e8571c42a1f2be88bf470f9877c6c37e0be035b0e7079c

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 01:08:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Sep 2020 12:41:21 GMT
Server: nginx
ETag: W/"5f6b4271-1288"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK top.jpg
larosa.thermalct.com.mx/files/ 38 KB
38 KB 19ms
19ms Image
image/jpeg 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://larosa.thermalct.com.mx/files/top.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: e4bf56438a4a0fb5a4143fd671d474ddbc9ac14e2d5dceb7982d6a663f5d8770

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 01:08:49 GMT
Last-Modified: Thu, 17 Sep 2020 08:00:52 GMT
Server: nginx
ETag: "5f6317b4-9846"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 38982
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

baixar-livro-a-conquista-amores-improvaveis-vol-04-elle-kennedy-em-pdf-epub-mobi-ou-ler-online.jpg
imagens.lelivros.love/2019/11/
Redirect Chain

http://imagens.lelivros.love/2019/11/baixar-livro-a-conquista-amores-improvaveis-vol-04-elle-kennedy-em-pdf-epub-mobi-ou-ler-online.jpg
https://imagens.lelivros.love/2019/11/baixar-livro-a-conquista-amores-improvaveis-vol-04-elle-kennedy-em-pdf-epub-mobi-ou-ler-online.jpg

789 KB
791 KB

728ms
712ms

Image
image/jpeg

2606:4700:3032::6815:47ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagens.lelivros.love/2019/11/baixar-livro-a-conquista-amores-improvaveis-vol-04-elle-kennedy-em-pdf-epub-mobi-ou-ler-online.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7945adb292f61c472ef7c899cf619b781f5667366dc7938072a255f81e0767e6

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:50 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 807957
cf-request-id: 0801e20a2d00003260d8b8e000000001
pragma: public
last-modified: Fri, 10 Apr 2020 20:12:01 GMT
server: cloudflare
etag: "5e90d311-c5415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m2wgdHLtvx8niQudI7Xv%2B8oGE5vAUfoTYPJ%2BDu8nf9P8%2Fsbk8CUzILMRy3tItFMb2r7XMKeXB10XGhMvNzGXFN0sBQKDZBIAN%2FU2yiKy5VyJifPSCrQLiRl7cW57OSfgVDM%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 61b005f04dd93260-FRA
expires: Wed, 02 Feb 2022 01:08:49 GMT

Redirect headers

Date: Tue, 02 Feb 2021 01:08:49 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NO%2B1dMRPjjM6xhoI5bn4iKvzMh71CI8uiOHEr47hrhNTYZ4pNigKB42AV3zDstQUQdFYm48WHcswPWlYm9AjE1ghMpDGR2e%2Fs8yXmStpIYz0dScZN3yoXmFer5U59%2BJ7FDU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://imagens.lelivros.love/2019/11/baixar-livro-a-conquista-amores-improvaveis-vol-04-elle-kennedy-em-pdf-epub-mobi-ou-ler-online.jpg
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61b005ee9aa6d721-FRA
cf-request-id: 0801e2091f0000d721e131e000000001

GET
H2 200 29dbeddc88373cb6ae731beec0aa8117.jpg
i.pinimg.com/originals/29/db/ed/ 110 KB
110 KB 57ms
26ms Image
image/jpeg 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/29/db/ed/29dbeddc88373cb6ae731beec0aa8117.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5151cef1381b9e4cd8e570a50de145c60595581c7f87f7da5d5769bbfc4c2124

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
x-cdn: fastly
etag: "10c2ac35389f0372956900a528106a1d"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 112169

GET
H/1.1 200
OK o-jogo-elle-kennedy-1024x777.jpg
www.livrosefuxicos.com/wp-content/uploads/2017/05/ 92 KB
93 KB 471ms
423ms Image
image/jpeg 128.201.73.21
ME

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.livrosefuxicos.com/wp-content/uploads/2017/05/o-jogo-elle-kennedy-1024x777.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 128.201.73.21 , Brazil, ASN266618 (MEGA PROVEDOR - SERVICOS DE INTERNET LTDA - ME, BR),
Reverse DNS: dublin.nuvemidc.com
Software: LiteSpeed /
Resource Hash: 5835087cafa7e1d0095f67171891c6f8c0bd2ff403613af98d7e258bdf7c0430

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 01:08:49 GMT
Last-Modified: Fri, 02 Aug 2019 11:55:20 GMT
Server: LiteSpeed
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 94430
Expires: Tue, 09 Feb 2021 01:08:49 GMT

GET
H2 200 EU7PxfDUEAwRGSi.jpg
pbs.twimg.com/media/ 217 KB
217 KB 916ms
875ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EU7PxfDUEAwRGSi.jpg

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC0) /

Resource Hash

98206b9dfa878b30ba5aae4b285cb369e4e9a400872bb5e9f20ac4ef1eb79cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 856
date: Tue, 02 Feb 2021 01:08:49 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/3 media/1247162595884142604
last-modified: Mon, 06 Apr 2020 13:59:48 GMT
server: ECS (amb/6BC0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: MISS
x-connection-hash: 049169f1a2293c08c04087e3d15133a0
content-length: 221710

GET
H/1.1 200
OK 20200608111435-O-Jogo.jpg
www.prateleiradecima.com/wp-content/uploads/2020/06/ 151 KB
151 KB 469ms
107ms Image
image/jpeg 104.196.130.199
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prateleiradecima.com/wp-content/uploads/2020/06/20200608111435-O-Jogo.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.196.130.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 199.130.196.104.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4714c3cac480eb9969a3286f2482b9bd0a2c13bfdaf37bb41688d84b9b872acd

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 01:08:49 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 05 Sep 2020 01:55:56 GMT
Server: Apache
ETag: "25bae-5ae87493b6300"
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=15552000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 154542
Expires: Tue, 09 Feb 2021 01:08:49 GMT

GET
H2 200 x80x0n5.png
img2.docer.pl/image/l/ 634 KB
635 KB 176ms
147ms Image
image/png 2606:4700:3032::ac43:b5d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.docer.pl/image/l/x80x0n5.png

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b5d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e2c0aebc1189dd7b3ef00a654326d255492741fbbef15bb3137012641f3de76

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wK43EuWCqbefmawsMdt%2BFNvu1DE3Muy2H1i3oOO8N%2FsXQDm0gMBntQYS%2BP2zjhOlFs%2BqaSAtOpC%2FKQ%2FfX18Yb9TSQ0MZM3AcKBJYMuocr3SzrhGjjjSNprcw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: maxage=Sun, 25 Apr 2055 01:08:49
strict-transport-security: max-age=7776000; includeSubDomains
cf-ray: 61b005eea8c30621-FRA
cf-request-id: 0801e2092d0000062101220000000001
expires: Sun, 25 Apr 2055 01:08:49 GMT

GET
H2 200 455afe8ee08ddc72852b65025aa608fb.jpg
i.pinimg.com/originals/45/5a/fe/ 148 KB
149 KB 56ms
26ms Image
image/jpeg 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/45/5a/fe/455afe8ee08ddc72852b65025aa608fb.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d37ce8835f0f5d865e48fc48d3de2ed8d5c4c01c47889e542189050a53f91f98

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
x-cdn: fastly
etag: "7da4aa69c34a46eedea7473e09ccadad"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 151838

GET
H2 200 1_3.jpg
static.tildacdn.com/tild3437-6665-4363-b635-613432343634/ 235 KB
236 KB 250ms
144ms Image
image/jpeg 151.236.71.44
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild3437-6665-4363-b635-613432343634/1_3.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.44 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 04cb4936f0295335cbbef4d22e6ad576ea212f1cc6d5f81eaa81be222a2b6cd7

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
tserver: 9
last-modified: Wed, 23 Oct 2019 19:22:35 GMT
server: nginx
age: 504120
etag: "2a7e2afe997b5be26d78314244680b3e"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 240778
x-trans-id: 15d05d06e0dc12d8
x-timestamp: 1571858554.10736

GET
H2 200 LRM_EXPORT_474851482558683_20191009_093209404.jpeg
1.bp.blogspot.com/-Mkw9w6gooTE/XZ3UZ70Sh2I/AAAAAAAAMvA/HlSwQmknnGwmxJqLfOAFH7byWCvoPtdRQCLcBGAsYHQ/s1600/ 601 KB
601 KB 526ms
524ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Mkw9w6gooTE/XZ3UZ70Sh2I/AAAAAAAAMvA/HlSwQmknnGwmxJqLfOAFH7byWCvoPtdRQCLcBGAsYHQ/s1600/LRM_EXPORT_474851482558683_20191009_093209404.jpeg

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

52a86a2606f126154dfd99aa991378f626bfbbaf68cac8c84017143bbc280dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v32f1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LRM_EXPORT_474851482558683_20191009_093209404.jpeg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 614928
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:08:49 GMT

GET
H2 200 sx158v.png
img2.docero.es/image/l/ 431 KB
432 KB 482ms
421ms Image
image/png 2606:4700:3034::6815:5ca9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.docero.es/image/l/sx158v.png

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5ca9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.4.45-0+deb7u6

Resource Hash

e2e3b1fa404462f74cc771cbcf87be284a22ec61d6112909399f2c6afad5a7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; preload

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.45-0+deb7u6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GGTNIbo8QikjdV%2Bqk8P2nkqpMMYu5oo7NtLhX49OoaT1eKxeVSDXWKEQhiMJZ2LnC6fflguay2Sie1gShkG48oJ6LIjd%2Bnc1OTCwZ7lwfUWATbrxq3tp0yqNDQ%3D%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: maxage=Sun, 25 Apr 2055 01:07:24
strict-transport-security: max-age=15768000; preload
cf-ray: 61b005ef68aa4aa9-FRA
cf-request-id: 0801e2099e00004aa95c0d1000000001
expires: Sun, 25 Apr 2055 01:07:24 GMT

GET
H2 200 133620916_1SZ.jpg
images-submarino.b2w.io/produtos/imagens/133620908/ 297 KB
299 KB 627ms
608ms Image
image/webp 2a02:26f0:6c00:293::19fe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-submarino.b2w.io/produtos/imagens/133620908/133620916_1SZ.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:293::19fe , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: BIS /
Resource Hash: fb9bdf157090cc18277181eaf6f144ddcdf7e9908b24226a760688d2819d1f4b

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
last-modified: Fri, 29 Jan 2021 16:26:43 GMT
server: BIS
etag: 4eb34b0c6adc13777b2945b17252bb53333c17453b2b61e037e12cc469b6fca4
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control: public, max-age=604800
warning: 34818
content-disposition: inline; filename="133620916_1SZ.webp"
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length: 304194
x-request-id: 7P75OP2Mj1UwyKjITwBlV
expires: Tue, 09 Feb 2021 01:08:49 GMT

GET
H/1.1 200
OK The-Chase-1024x768.png
www.prateleiradecima.com/wp-content/uploads/2019/03/ 194 KB
194 KB 452ms
106ms Image
image/png 104.196.130.199
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prateleiradecima.com/wp-content/uploads/2019/03/The-Chase-1024x768.png
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.196.130.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 199.130.196.104.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8facfb30e39e3c67193d9dada5a3b36b3a0c74277c90a7ec15591a8582e870a5

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 01:08:49 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 05 Sep 2020 02:57:45 GMT
Server: Apache
ETag: "306e1-5ae88264e3c40"
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=15552000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 198369
Expires: Tue, 09 Feb 2021 01:08:49 GMT

GET
H2 200 page_1.jpg
image.isu.pub/181013022647-dd79259b5db2f775c1e9ec8359db6c9e/jpg/ 92 KB
93 KB 115ms
100ms Image
image/jpeg 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.isu.pub/181013022647-dd79259b5db2f775c1e9ec8359db6c9e/jpg/page_1.jpg
Requested by: Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e5b42ddac2b824d4fcb32fa71d27e6c23b3e81562a5f4010cfdbd136e5200c8

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 1670
x-cache: HIT, MISS
content-length: 94591
x-amz-id-2: U42Lq7fQAFz775PiWUiD77GZUGr2EKUmp3KOPnYvicQ6M3hRnX3taF67FzKkLfR11fe25OyeRYc=
x-served-by: cache-bwi5140-BWI, cache-hhn4054-HHN
last-modified: Sat, 13 Oct 2018 02:26:51 GMT
server: AmazonS3
x-timer: S1612228129.139011,VS0,VE94
etag: "88c743f3760c21f06ea70fc99c59bc6f"
x-amz-request-id: 3F45324C878417F7
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

66ms
23ms

Script
application/javascript

104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 02 Feb 2021 01:08:49 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Tue, 02 Feb 2021 01:08:49 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 css
fonts.googleapis.com/ 2 KB
611 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c03dc49439b0e09a0b1fc5e448b065c832aa14e3971426c6c8b0ddd76193ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 00:11:48 GMT
server: ESF
date: Tue, 02 Feb 2021 01:08:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Feb 2021 01:08:49 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
64 KB 147ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

405b39651348e2f81114eb3f074e792e4e4419fa54d0cefd947779630f3819df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
content-encoding: br
last-modified: Sun, 31 Jan 2021 20:12:11 GMT
etag: "60140a9e-1004f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65615
expires: Tue, 02 Feb 2021 02:08:49 GMT

GET
H2 200 TRDVCzMyNQw
www.youtube.com/embed/ Frame A041 0
0 95ms
95ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TRDVCzMyNQw

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/TRDVCzMyNQw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://larosa.thermalct.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://larosa.thermalct.com.mx/

Response headers

x-content-type-options: nosniff
content-length: 22218
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
content-encoding: br
date: Tue, 02 Feb 2021 01:08:49 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=2GIWFvAdoEw; path=/; domain=.youtube.com; secure; expires=Sun, 01-Aug-2021 01:08:49 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=2GIWFvAdoEw; path=/; domain=.youtube.com; secure; expires=Sun, 01-Aug-2021 01:08:49 GMT; httponly; samesite=None YSC=CYLA4TEsCCg; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 02-Feb-2021 01:38:49 GMT CONSENT=PENDING+105; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://larosa.thermalct.com.mx
Referer: https://fonts.googleapis.com/css?family=Montserrat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 15:30:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 121074
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Mon, 31 Jan 2022 15:30:55 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 74ms
27ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44327
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e3c090425f690a7/ 2 KB
829 B 192ms
190ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e3c090425f690a7/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f697289be2fc9cb51ef2226cf524a46c070642638544e096f233559167980aaa

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
content-encoding: gzip
etag: -190367735--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 653

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 177ms
147ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6018a621f11cbf57&bkl=0&bl=1&pdt=452&sid=6018a621f11cbf57&pub=ra-5e3c090425f690a7&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=larosa.thermalct.com.mx&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1612228129265&jsl=1&uvs=6018a621fbf04254000&skipb=1&callback=addthis.cbs.jsonp__045983039066513910
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e5c061d6e76a692d5af56eb3c068ad68239044ab1e7ea2660fc886ed675adced

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 01:08:49 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame BBCC 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9ACA 0
0 28ms
27ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://larosa.thermalct.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://larosa.thermalct.com.mx/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 02 Feb 2021 01:08:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 90ms
47ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Tue, 02 Feb 2021 01:08:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
H2

200

1 Show response
mc.yandex.ru/watch/67422199/
Redirect Chain

https://mc.yandex.ru/watch/67422199?wmode=7&page-url=http%3A%2F%2Flarosa.thermalct.com.mx%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A462%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Flarosa.thermalct.com.mx%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A462%3Afu%3A0%3Aen%3Autf-8%...

167 B
249 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Flarosa.thermalct.com.mx%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A462%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A499867834522%3Ahid%3A640247318%3Az%3A60%3Ai%3A20210202020849%3Aet%3A1612228129%3Ac%3A1%3Arn%3A956889754%3Arqn%3A1%3Au%3A1612228129935991761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612228128667%3Awv%3A2%3Ads%3A172%2C17%2C133%2C1%2C1%2C0%2C%2C265%2C12%2C%2C%2C%2C590%3Adsn%3A172%2C17%2C133%2C0%2C0%2C0%2C%2C267%2C12%2C%2C%2C%2C590%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612228129%3At%3AElle%20kennedy%20livros%20pdf.%20Alem%C3%A3o%20PDF%20Baixar%20Gr%C3%A1tis

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4b2d4cb67ec956b07d1ecb90d5ac2df66c879d8c97062da99dccf2a262ecc13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 01:08:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 02-Feb-2021 01:08:49 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://larosa.thermalct.com.mx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Tue, 02-Feb-2021 01:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Feb 2021 01:08:49 GMT
last-modified: Tue, 02-Feb-2021 01:08:49 GMT
location: /watch/67422199/1?wmode=7&page-url=http%3A%2F%2Flarosa.thermalct.com.mx%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A462%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A499867834522%3Ahid%3A640247318%3Az%3A60%3Ai%3A20210202020849%3Aet%3A1612228129%3Ac%3A1%3Arn%3A956889754%3Arqn%3A1%3Au%3A1612228129935991761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612228128667%3Awv%3A2%3Ads%3A172%2C17%2C133%2C1%2C1%2C0%2C%2C265%2C12%2C%2C%2C%2C590%3Adsn%3A172%2C17%2C133%2C0%2C0%2C0%2C%2C267%2C12%2C%2C%2C%2C590%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612228129%3At%3AElle%20kennedy%20livros%20pdf.%20Alem%C3%A3o%20PDF%20Baixar%20Gr%C3%A1tis
strict-transport-security: max-age=31536000
access-control-allow-origin: http://larosa.thermalct.com.mx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 02-Feb-2021 01:08:49 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: larosa.thermalct.com.mx
URL: http://larosa.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:08:49 GMT
last-modified: Sun, 31 Jan 2021 20:12:11 GMT
etag: "601418e5-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Feb 2021 02:08:49 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 23ms
23ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://larosa.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 02 Feb 2021 01:08:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thermalct.com.mx/	1970-01-19 15:51:40	Name: _ym_isad Value: 2
.addthis.com/	1970-01-20 01:16:23	Name: loc Value: MDAwMDBFVU5MR0UyMzExMTg1NzAwMDAwMDBDSA==
.thermalct.com.mx/	1970-01-20 00:36:04	Name: _ym_d Value: 1612228129
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: CYLA4TEsCCg
larosa.thermalct.com.mx/	1970-01-19 15:50:29	Name: __atuvs Value: 6018a621fbf04254000
.youtube.com/	1970-01-19 20:09:40	Name: VISITOR_INFO1_LIVE Value: 2GIWFvAdoEw
.thermalct.com.mx/	1970-01-20 00:36:04	Name: _ym_uid Value: 1612228129935991761
.addthis.com/	1970-01-20 01:16:23	Name: uvc Value: 1%7C5
larosa.thermalct.com.mx/	1970-01-20 01:16:23	Name: __atuvc Value: 1%7C5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
i.pinimg.com
image.isu.pub
imagens.lelivros.love
images-submarino.b2w.io
img2.docer.pl
img2.docero.es
larosa.thermalct.com.mx
m.addthis.com
mc.yandex.ru
pbs.twimg.com
s7.addthis.com
static.tildacdn.com
v1.addthisedge.com
www.livrosefuxicos.com
www.prateleiradecima.com
www.youtube.com
z.moatads.com
s7.addthis.com
104.196.130.199
104.75.88.112
128.201.73.21
151.236.71.44
2.18.235.40
2001:4de0:ac19::1:b:1a
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:3032::6815:47ca
2606:4700:3032::ac43:b5d7
2606:4700:3034::6815:5ca9
2606:4700::6810:125e
2a00:1450:4001:80e::2001
2a00:1450:4001:811::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a02:26f0:6c00:293::19fe
2a02:6b8::1:119
2a04:4e42:1b::622
2a04:4e42:9::84
45.147.199.136
04cb4936f0295335cbbef4d22e6ad576ea212f1cc6d5f81eaa81be222a2b6cd7
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e2c0aebc1189dd7b3ef00a654326d255492741fbbef15bb3137012641f3de76
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
33f89a83966d581c29e8571c42a1f2be88bf470f9877c6c37e0be035b0e7079c
405b39651348e2f81114eb3f074e792e4e4419fa54d0cefd947779630f3819df
46079ffe1d51a0090b2139a2420812a0071a5ecf60ed04edeee319fd380ff92b
4714c3cac480eb9969a3286f2482b9bd0a2c13bfdaf37bb41688d84b9b872acd
4b2d4cb67ec956b07d1ecb90d5ac2df66c879d8c97062da99dccf2a262ecc13d
5151cef1381b9e4cd8e570a50de145c60595581c7f87f7da5d5769bbfc4c2124
52a86a2606f126154dfd99aa991378f626bfbbaf68cac8c84017143bbc280dd0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c03dc49439b0e09a0b1fc5e448b065c832aa14e3971426c6c8b0ddd76193ac
5835087cafa7e1d0095f67171891c6f8c0bd2ff403613af98d7e258bdf7c0430
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
7945adb292f61c472ef7c899cf619b781f5667366dc7938072a255f81e0767e6
7e5b42ddac2b824d4fcb32fa71d27e6c23b3e81562a5f4010cfdbd136e5200c8
8facfb30e39e3c67193d9dada5a3b36b3a0c74277c90a7ec15591a8582e870a5
98206b9dfa878b30ba5aae4b285cb369e4e9a400872bb5e9f20ac4ef1eb79cfc
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
bc501468b48d5ec9c9bcd312d8bc90a07f603ab2b274098f65ec13ebd5f4d656
d37ce8835f0f5d865e48fc48d3de2ed8d5c4c01c47889e542189050a53f91f98
e2e3b1fa404462f74cc771cbcf87be284a22ec61d6112909399f2c6afad5a7e1
e4bf56438a4a0fb5a4143fd671d474ddbc9ac14e2d5dceb7982d6a663f5d8770
e5c061d6e76a692d5af56eb3c068ad68239044ab1e7ea2660fc886ed675adced
f697289be2fc9cb51ef2226cf524a46c070642638544e096f233559167980aaa
fb9bdf157090cc18277181eaf6f144ddcdf7e9908b24226a760688d2819d1f4b

larosa.thermalct.com.mx Open in urlscan Pro 45.147.199.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

84 %HTTPS

70 %IPv6

21 Domains

22 Subdomains

21 IPs

7 Countries

4370 kBTransfer

5162 kBSize

9 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

larosa.thermalct.com.mx Open in urlscan Pro
45.147.199.136 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

84 %
HTTPS

70 %
IPv6

21
Domains

22
Subdomains

21
IPs

7
Countries

4370 kB
Transfer

5162 kB
Size

9
Cookies

32 HTTP transactions
0 data transactions