fava.thermalct.com.mx Open in urlscan Pro
45.147.199.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fava.thermalct.com.mx/
Submission: On November 21 via api (November 21st 2020, 8:18:28 pm UTC) from BR

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 22 domains to perform 32 HTTP transactions. The main IP is 45.147.199.136, located in and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is fava.thermalct.com.mx.

This is the only time fava.thermalct.com.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.147.199.136 45.147.199.136	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:303... 2606:4700:3032::ac43:9698	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.86.53 65.9.86.53	16509 (AMAZON-02) (AMAZON-02)
1	88.157.217.144 88.157.217.144	2860 (NOS_COMUN...) (NOS_COMUNICACOES)
1	176.61.147.201 176.61.147.201	33876 (FLESK-AS) (FLESK-AS)
1	2a02:26f0:170... 2a02:26f0:1700:78f::3a4c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	176.61.147.176 176.61.147.176	33876 (FLESK-AS) (FLESK-AS)
1	2606:4700::68... 2606:4700::6812:927	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.216.132.235 52.216.132.235	16509 (AMAZON-02) (AMAZON-02)
1	194.107.127.165 194.107.127.165	49941 (EUROTUX) (EUROTUX)
1	2a04:4e42:1b:... 2a04:4e42:1b::272	54113 (FASTLY) (FASTLY)
1	65.9.86.74 65.9.86.74	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:293::19fe	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
32	22

3 45.147.199.136 (None, )

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: ebosh.srv

fava.thermalct.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:9698 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.livrariacordis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)

lojasaraiva.vteximg.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.157.217.144 (Odemira, Portugal)

ASN2860 (NOS_COMUNICACOES, PT)
PTR: a88-157-217-144.static.cpe.netcabo.pt

cdn.sabado.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.61.147.201 (Portugal)

ASN33876 (FLESK-AS, PT)

www.cm-alcacerdosal.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:78f::3a4c (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

static.natgeo.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.61.147.176 (Portugal)

ASN33876 (FLESK-AS, PT)
PTR: cpanel.diarionline.pt

regiao-sul.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:927 (United States)

ASN13335 (CLOUDFLARENET, US)

i1.rgstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.132.235 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

nova-escola-producao.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.107.127.165 (Portugal)

ASN49941 (EUROTUX, PT)
PTR: sso.trustinnews.pt

images.trustinnews.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::272 (Ascension Island)

ASN54113 (FASTLY, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)

febracis.vteximg.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:293::19fe (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

images-americanas.b2w.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.112 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	addthis.com 1 redirects s7.addthis.com m.addthis.com	193 KB
5	yandex.ru 2 redirects mc.yandex.ru	96 KB
3	thermalct.com.mx fava.thermalct.com.mx	49 KB
2	yandex.com 1 redirects mc.yandex.com	366 B
2	vteximg.com.br lojasaraiva.vteximg.com.br febracis.vteximg.com.br	475 KB
1	addthisedge.com v1.addthisedge.com	829 B
1	moatads.com z.moatads.com	1 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	youtube.com www.youtube.com
1	googleapis.com fonts.googleapis.com	610 B
1	b2w.io images-americanas.b2w.io	112 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com	228 KB
1	trustinnews.pt images.trustinnews.pt	513 KB
1	amazonaws.com nova-escola-producao.s3.amazonaws.com	81 KB
1	rgstatic.net i1.rgstatic.net	541 B
1	regiao-sul.pt regiao-sul.pt	33 KB
1	natgeo.pt static.natgeo.pt	447 KB
1	cm-alcacerdosal.pt www.cm-alcacerdosal.pt	261 KB
1	sabado.pt cdn.sabado.pt	81 KB
1	livrariacordis.com.br cdn.livrariacordis.com.br
1	jquery.com code.jquery.com	29 KB
1	cloudflare.com cdnjs.cloudflare.com	18 KB
32	22

	Domain	Requested by
5	mc.yandex.ru	2 redirects fava.thermalct.com.mx
5	s7.addthis.com	1 redirects fava.thermalct.com.mx s7.addthis.com
3	fava.thermalct.com.mx	fava.thermalct.com.mx
2	mc.yandex.com	1 redirects fava.thermalct.com.mx
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.youtube.com	fava.thermalct.com.mx
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	images-americanas.b2w.io	fava.thermalct.com.mx
1	febracis.vteximg.com.br	fava.thermalct.com.mx
1	images-na.ssl-images-amazon.com	fava.thermalct.com.mx
1	images.trustinnews.pt	fava.thermalct.com.mx
1	nova-escola-producao.s3.amazonaws.com	fava.thermalct.com.mx
1	i1.rgstatic.net	fava.thermalct.com.mx
1	regiao-sul.pt	fava.thermalct.com.mx
1	static.natgeo.pt	fava.thermalct.com.mx
1	www.cm-alcacerdosal.pt	fava.thermalct.com.mx
1	cdn.sabado.pt	fava.thermalct.com.mx
1	lojasaraiva.vteximg.com.br	fava.thermalct.com.mx
1	cdn.livrariacordis.com.br	fava.thermalct.com.mx
1	code.jquery.com	fava.thermalct.com.mx
1	cdnjs.cloudflare.com	fava.thermalct.com.mx
32	24

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
www.cofina.pt Go Daddy Secure Certificate Authority - G2	`2020-09-17` - `2021-02-16`	5 months	crt.sh
nationalgeographic.co.uk Entrust Certification Authority - L1K	`2020-07-22` - `2022-07-21`	2 years	crt.sh
webmail.regiao-sul.pt Let's Encrypt Authority X3	`2020-11-10` - `2021-02-08`	3 months	crt.sh
*.rgstatic.net AlphaSSL CA - SHA256 - G2	`2020-08-31` - `2021-10-02`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.trustinnews.pt Go Daddy Secure Certificate Authority - G2	`2020-10-15` - `2021-10-18`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2020-09-16` - `2021-09-21`	a year	crt.sh
*.vtexassets.com Amazon	`2020-09-26` - `2021-10-28`	a year	crt.sh
b2wdigital.com DigiCert SHA2 Secure Server CA	`2020-07-14` - `2021-07-14`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://fava.thermalct.com.mx/
Frame ID: 652745FEF822BA9AD3861A282E30046D
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Oz15GwRK3_I
Frame ID: FF3181D0E30856C49CC22C71BC3DFE3E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 88784B5D823EA9CF5ACA9EC4D818DE07
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4663B9B58769F14E7251415B407FA398
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

32
Requests

81 %
HTTPS

52 %
IPv6

22
Domains

24
Subdomains

22
IPs

7
Countries

2630 kB
Transfer

3557 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 27

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9099.J7_WKjshH74TGeSiJB4A74tkgAvzWLYGwDq1eeMbFuOo3iCI21OwTLLeXnX_uk2D.BYhOmvUgpatUqT3m2BomWCDCST0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9099.KORh3zbxsAbAEVrbcI2cicFOTzG7hN0-Ycb-VrRgJRdP8Ri1iH4ErNy5CtcD9wi2dAMRXNB5XCBuMjgp-eRH5g%2C%2C.fRjOpciTicAeA3HWGDP4JRpG1pQ%2C

Request Chain 30

https://mc.yandex.ru/watch/67422199?wmode=7&page-url=http%3A%2F%2Ffava.thermalct.com.mx%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605989890239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201121211811%3Aet%3A1605989891%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1187308983994%3Arqn%3A1%3Arn%3A429466887%3Ahid%3A639967900%3Ads%3A298%2C15%2C172%2C0%2C0%2C0%2C0%2C261%2C13%2C%2C%2C%2C749%3Afp%3A617%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605989891%3Au%3A1605989891886532418%3App%3A3629563401%3At%3AA%20arte%20de%20fazer%20o%20dobro%20do%20trabalho%20na%20metade%20do%20tempo.%20Nova%20Vers%C3%A3o%20Baixar%20Gr%C3%A1tis HTTP 302
https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Ffava.thermalct.com.mx%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605989890239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201121211811%3Aet%3A1605989891%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1187308983994%3Arqn%3A1%3Arn%3A429466887%3Ahid%3A639967900%3Ads%3A298%2C15%2C172%2C0%2C0%2C0%2C0%2C261%2C13%2C%2C%2C%2C749%3Afp%3A617%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605989891%3Au%3A1605989891886532418%3App%3A3629563401%3At%3AA%20arte%20de%20fazer%20o%20dobro%20do%20trabalho%20na%20metade%20do%20tempo.%20Nova%20Vers%C3%A3o%20Baixar%20Gr%C3%A1tis

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
fava.thermalct.com.mx/ 22 KB
8 KB 485ms
172ms Document
text/html 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://fava.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: c6763c71ee4ba4619c8502eafbe562d45d5075a94eb3543bd5f075885fbe27b1

Request headers

Host: fava.thermalct.com.mx
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Sat, 21 Nov 2020 20:18:10 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8342
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/ 177 KB
18 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/bootstrap.min.css

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46079ffe1d51a0090b2139a2420812a0071a5ecf60ed04edeee319fd380ff92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 117346
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 18253
cf-request-id: 068e0e12ab0000c2fea7b8c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:40 GMT
server: cloudflare
etag: "5eb03d90-2c4cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fmADjw7mF8rlmx66%2Bap6e3JqeY5WW2LTis72aeDhNVwXIMBHVo4oDBJKXm40cSIB%2FBCP6553jLcnvqjp8r5FQhPgxhEUSy9tca%2FdBTLt0pDj2M%2FsDOmt1kpw7prBscyMLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f5d1931186ec2fe-FRA
expires: Thu, 11 Nov 2021 20:18:10 GMT

GET
H2 200 jquery-2.2.3.min.js Show response
code.jquery.com/ 84 KB
29 KB 26ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.3.min.js
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:10 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2016 19:27:05 GMT
server: nginx
etag: W/"57041189-14e9b"
vary: Accept-Encoding
x-hw: 1605989890.dop214.fr8.t,1605989890.cds281.fr8.hn,1605989890.cds275.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29881

GET
H/1.1 200
OK gen.css
fava.thermalct.com.mx/files/ 5 KB
2 KB 19ms
19ms Stylesheet
text/css 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://fava.thermalct.com.mx/files/gen.css
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: 33f89a83966d581c29e8571c42a1f2be88bf470f9877c6c37e0be035b0e7079c

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 20:18:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Sep 2020 12:41:21 GMT
Server: nginx
ETag: W/"5f6b4271-1288"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK top.jpg
fava.thermalct.com.mx/files/ 38 KB
38 KB 21ms
21ms Image
image/jpeg 45.147.199.136
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fava.thermalct.com.mx/files/top.jpg
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 45.147.199.136 -, , ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: ebosh.srv
Software: nginx /
Resource Hash: e4bf56438a4a0fb5a4143fd671d474ddbc9ac14e2d5dceb7982d6a663f5d8770

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 20:18:10 GMT
Last-Modified: Thu, 17 Sep 2020 08:00:52 GMT
Server: nginx
ETag: "5f6317b4-9846"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 38982
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 403 POST_0004__DSC0842.png
cdn.livrariacordis.com.br/wp-content/uploads/2019/03/06213559/ 0
0 61ms
15ms Image
text/html 2606:4700:3032::ac43:9698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livrariacordis.com.br/wp-content/uploads/2019/03/06213559/POST_0004__DSC0842.png
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK 1003458963.jpg
lojasaraiva.vteximg.com.br/arquivos/ids/3234256/ 135 KB
136 KB 397ms
365ms Image
image/webp 65.9.86.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lojasaraiva.vteximg.com.br/arquivos/ids/3234256/1003458963.jpg?v=637033973616670000
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 65.9.86.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a8c0402ce646afa8762516a05723383c4b759f267e1409c57566f83dc06b40ec

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 20:18:11 GMT
X-VTEX-Cache-Server: apicache20
X-Amz-Cf-Pop: AMS1-C1
Via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Vtex-Processed-At: Wed, 18 Nov 2020 09:58:45 GMT
X-Cache: Miss from cloudfront
X-VTEX-Janus-Router-Backend-App: prtarq-vv1.42.0
Connection: keep-alive
Content-Length: 138256
X-VTEX-Cache-Time: 0.000
Last-Modified: Fri, 06 Sep 2019 20:09:29 GMT
Server: nginx
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=345600
X-VTEX-Cache-Status-Janus-ApiCache: HIT
X-Powered-By-VTEX-Cache: 2.0.0
X-Amz-Cf-Id: 727yBjspf8xcMjAAhyWnXpO3qdun64rmI-PgfmNV_JsoRoNbuvcMKQ==

GET
H/1.1 200
OK img_1200x900$2020_05_02_08_45_42_627073.jpg
cdn.sabado.pt/images/2020-05/ 81 KB
81 KB 322ms
75ms Image
image/jpeg 88.157.217.144
NOS_COMUNICACOES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sabado.pt/images/2020-05/img_1200x900$2020_05_02_08_45_42_627073.jpg
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 88.157.217.144 Odemira, Portugal, ASN2860 (NOS_COMUNICACOES, PT),
Reverse DNS: a88-157-217-144.static.cpe.netcabo.pt
Software: CDN04 /
Resource Hash: 5ac9e9f62c649f337282eaba6b8a1c98b769f431f5a82c9c413bfc42fb134723

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 21 Nov 2020 20:18:10 GMT
Last-Modified: Wed, 18 Nov 2020 23:09:59 GMT
Server: CDN04
ImgOnDisk: 1
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
X-Server: FA01FE04
Content-Type: image/jpeg
Content-Length: 82493
Expires: Sat, 28 Nov 2020 20:18:11 GMT

GET
H/1.1 200
OK campanha_cancro_da_pele_2020.width-800.jpg
www.cm-alcacerdosal.pt/media/images/ 261 KB
261 KB 242ms
126ms Image
image/jpeg 176.61.147.201
FLESK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cm-alcacerdosal.pt/media/images/campanha_cancro_da_pele_2020.width-800.jpg
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: HTTP/1.1
Server: 176.61.147.201 , Portugal, ASN33876 (FLESK-AS, PT),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: a0c96b6f9a2a492e567d260ae6dfafbacccc42f5318b3c9725e666c6f1c09e1f

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 20:57:45 GMT
Last-Modified: Fri, 03 Jul 2020 14:02:08 GMT
Server: nginx/1.0.15
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 266952
Expires: Mon, 21 Dec 2020 20:57:45 GMT

GET
H2 200 nationalgeographic_2676502-large.jpg
static.natgeo.pt/files/styles/image_3200/public/ 446 KB
447 KB 444ms
375ms Image
image/jpg 2a02:26f0:1700:78f::3a4c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.natgeo.pt/files/styles/image_3200/public/nationalgeographic_2676502-large.jpg?w=1900&h=1269
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:78f::3a4c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 474b9e47a2bb55a31935eb446235244265f20258e6d24057c1f205458b3505b8

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 12:21:00 GMT
x-amz-apigw-id: WX9geECUliAFh7Q=
x-amzn-requestid: 367853c2-4272-4fd7-b718-5db94e41dc4d
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amzn-trace-id: Root=1-5fb97602-1e0efb8e51b9e4007364c082;Sampled=0
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sun, 21 Nov 2021 20:17:22 GMT

GET
H2 200 espanha-1200x720.jpg
regiao-sul.pt/wp-content/uploads/2020/03/ 32 KB
33 KB 227ms
72ms Image
image/webp 176.61.147.176
FLESK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regiao-sul.pt/wp-content/uploads/2020/03/espanha-1200x720.jpg
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.61.147.176 , Portugal, ASN33876 (FLESK-AS, PT),
Reverse DNS: cpanel.diarionline.pt
Software: Apache /
Resource Hash: e92e9455f84ec8a53ad4fe81e897e66ffc5a1a3cecde35c964e095d73375876f

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:10 GMT
content-encoding: gzip
last-modified: Fri, 17 Jul 2020 12:23:36 GMT
server: Apache
vary: Accept,Accept-Encoding,User-Agent
content-type: image/webp
cache-control: max-age=2592000
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
content-length: 33234
expires: Mon, 21 Dec 2020 20:18:10 GMT

GET
H2 200 largepreview.png
i1.rgstatic.net/publication/274670111_A_persistencia_do_conflito_industrial_organizado_Greves_em_Portugal_entre_1960_e_2008/links/5caf537ea6fdcc1d498c9796/ 43 B
541 B 215ms
186ms Image
image/png 2606:4700::6812:927
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.rgstatic.net/publication/274670111_A_persistencia_do_conflito_industrial_organizado_Greves_em_Portugal_entre_1960_e_2008/links/5caf537ea6fdcc1d498c9796/largepreview.png
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:927 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f9990414c6f684965940e59100224d1b14b86680d69ce42d23398feb93e5e1

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 20:18:10 GMT
x-correlation-id: rgreq-a5273c6f4f087d8fc5dd7183215e468d
cf-cache-status: MISS
last-modified: Sat, 21 Nov 20 20:18:10 +0000
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray: 5f5d1931885b2b4d-FRA
cf-request-id: 068e0e12f300002b4db7391000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK sistematizacao-de-conceito
nova-escola-producao.s3.amazonaws.com/aatWVjkscAS7wDZPJG4qFrU6k6EvJP4q4WMYrmbHGznFPgyYfDw6ESUgRHUR/ 82 KB
81 KB 592ms
178ms Image
image/png 52.216.132.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nova-escola-producao.s3.amazonaws.com/aatWVjkscAS7wDZPJG4qFrU6k6EvJP4q4WMYrmbHGznFPgyYfDw6ESUgRHUR/sistematizacao-de-conceito
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.132.235 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ee2cc1027d52197a14adcf49c6d3805a8346e38fdb59ed63945aca9ae1e1957

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 20:18:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jul 2020 04:33:11 GMT
Server: AmazonS3
x-amz-request-id: DCFF8DAC5E55D1C6
ETag: "0deb73ba11f6f8326cf85542a2e81bc9"
x-amz-version-id: Ey9illXNeIh8Ms4Ax7QIxE7N4yEzwBo2
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 82275
x-amz-id-2: GksRypUTYSOwjlCC9XvxFExFXdAbP3+jnOnrdCjJbKmAvKUsTpmiSuZV+vXgis2L4mPDbKhswsQ=

GET
H2 200 13133199FalsosGuimaraes.jpg
images.trustinnews.pt/uploads/sites/5/2019/10/ 512 KB
513 KB 202ms
57ms Image
image/jpeg 194.107.127.165
EUROTUX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.trustinnews.pt/uploads/sites/5/2019/10/13133199FalsosGuimaraes.jpg

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.107.127.165 , Portugal, ASN49941 (EUROTUX, PT),

Reverse DNS

sso.trustinnews.pt

Software

Resource Hash

59758422c323dc960b520771092039c1b813fbcac6fca491d9e9311dee1eea5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:10 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 2019 12:19:18 GMT
age: 18818
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; block-all-mixed-content;
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 524198
x-content-type-options: nosniff

GET
H2 200 91sViREW75L._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ 228 KB
228 KB 112ms
98ms Image
image/jpeg 2a04:4e42:1b::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/I/91sViREW75L._AC_SL1500_.jpg
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6bd38df1a49971d250eb7bd16fe5098565b57dd2821ae89b9048d3292b592f21

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:10 GMT
last-modified: Tue, 19 Mar 2019 21:29:35 GMT
age: 167750
x-cache: HIT from fastly, MISS from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 14 Nov 2040 21:42:21 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: 8c9fce28-cda4-4dc3-9ecf-8fcce8de1e45
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 233066
x-served-by: cache-dca17769-DCA, cache-hhn4052-HHN

GET
H2 200 scrum.png
febracis.vteximg.com.br/arquivos/ids/156634-1000-1000/ 339 KB
340 KB 560ms
452ms Image
image/png 65.9.86.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://febracis.vteximg.com.br/arquivos/ids/156634-1000-1000/scrum.png?v=637166037207970000
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d09b38b30f9ce18d439a284844398fa1078f8084ec56e3f1941f882fbfe846f

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
x-vtex-cache-server: apicache23
x-amz-cf-pop: AMS1-C1
via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
x-vtex-processed-at: Mon, 16 Nov 2020 19:04:12 GMT
x-cache: Miss from cloudfront
x-vtex-janus-router-backend-app: prtarq-vv1.42.0
content-length: 346875
x-vtex-cache-time: 0.000
last-modified: Thu, 06 Feb 2020 16:35:28 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=345600
x-vtex-cache-status-janus-apicache: HIT
x-powered-by-vtex-cache: 2.0.0
x-amz-cf-id: c_UCeYV2G4z9nBVWYNUqoE3C8ybSRy9lRke8DAApcWExgejZaEiZkQ==

GET
H2 200 120961658SZ.jpg
images-americanas.b2w.io/produtos/01/00/item/120961/6/ 110 KB
112 KB 221ms
206ms Image
image/webp 2a02:26f0:6c00:293::19fe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-americanas.b2w.io/produtos/01/00/item/120961/6/120961658SZ.jpg
Requested by: Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:293::19fe , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: BIS /
Resource Hash: 2121155cd554380b3696a94f68c551901f8f7b4e6b2e1898f976596bf2a8e1c1

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
last-modified: Sat, 21 Nov 2020 20:13:39 GMT
server: BIS
etag: 8bad1045fb9bc2535c3c18610b155c4fdb0f6dcc1e80a6f1852c931f2a26726d
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control: public, max-age=604800
warning: 34134
content-disposition: inline; filename="120961658SZ.webp"
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length: 113062
x-request-id: v7zGFoTXm_0Ke7sEmjcGA
expires: Sat, 28 Nov 2020 20:18:11 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

70ms
24ms

Script
application/javascript

104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 21 Nov 2020 20:18:10 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Sat, 21 Nov 2020 20:18:10 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 css
fonts.googleapis.com/ 2 KB
610 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c03dc49439b0e09a0b1fc5e448b065c832aa14e3971426c6c8b0ddd76193ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.3.1/minty/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 19:56:27 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sat, 21 Nov 2020 20:18:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 21 Nov 2020 20:18:10 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 152ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
content-encoding: br
last-modified: Sat, 21 Nov 2020 18:08:42 GMT
etag: "5f993b61-17714"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96020
expires: Sat, 21 Nov 2020 21:18:11 GMT

GET
H2 200 Oz15GwRK3_I
www.youtube.com/embed/ Frame FF31 0
0 90ms
89ms Document
text/html 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Oz15GwRK3_I

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Oz15GwRK3_I
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fava.thermalct.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://fava.thermalct.com.mx/

Response headers

p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: br
content-length: 20196
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
date: Sat, 21 Nov 2020 20:18:10 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=2OOUOFy06y0; path=/; domain=.youtube.com; secure; expires=Thu, 20-May-2021 20:18:10 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=2OOUOFy06y0; path=/; domain=.youtube.com; secure; expires=Thu, 20-May-2021 20:18:10 GMT; httponly; samesite=None YSC=xsXHxcVZTJ4; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 21-Nov-2020 20:48:10 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://fava.thermalct.com.mx
Referer: https://fonts.googleapis.com/css?family=Montserrat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 11:20:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 550646
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Mon, 15 Nov 2021 11:20:44 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 72ms
25ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31582
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e3c090425f690a7/ 2 KB
829 B 305ms
303ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e3c090425f690a7/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f697289be2fc9cb51ef2226cf524a46c070642638544e096f233559167980aaa

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
content-encoding: gzip
etag: -190367735--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=59, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 653

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 127ms
125ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fb97602be220bcf&bkl=0&bl=1&pdt=609&sid=5fb97602be220bcf&pub=ra-5e3c090425f690a7&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=fava.thermalct.com.mx&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1605989890996&jsl=1&uvs=5fb976020c7f5e9e000&skipb=1&callback=addthis.cbs.jsonp__084318767081343230
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1350f14bdfd0b9c0478969c8d8ed10f2948ad655d8a5f9689db826c397d9fdc

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 20:18:11 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 8878 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4663 0
0 36ms
36ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fava.thermalct.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://fava.thermalct.com.mx/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 21 Nov 2020 20:18:11 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 88ms
28ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sat, 21 Nov 2020 20:18:11 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9099.J7_WKjshH74TGeSiJB4A74tkgAvzWLYGwDq1eeMbFuOo3iCI21OwTLLeXnX_uk2D.BYhOmvUgpatUqT3m2BomWCDCST0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9099.KORh3zbxsAbAEVrbcI2cicFOTzG7hN0-Ycb-VrRgJRdP8Ri1iH4ErNy5CtcD9wi2dAMRXNB5XCBuMjgp-eRH5g%2C%2C.fRjOpciTicAeA3HWGDP4JRpG1pQ%2C

75 B
75 B

48ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9099.KORh3zbxsAbAEVrbcI2cicFOTzG7hN0-Ycb-VrRgJRdP8Ri1iH4ErNy5CtcD9wi2dAMRXNB5XCBuMjgp-eRH5g%2C%2C.fRjOpciTicAeA3HWGDP4JRpG1pQ%2C

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9099.KORh3zbxsAbAEVrbcI2cicFOTzG7hN0-Ycb-VrRgJRdP8Ri1iH4ErNy5CtcD9wi2dAMRXNB5XCBuMjgp-eRH5g%2C%2C.fRjOpciTicAeA3HWGDP4JRpG1pQ%2C
date: Sat, 21 Nov 2020 20:18:11 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 20:18:11 GMT
last-modified: Sat, 21 Nov 2020 18:08:42 GMT
etag: "5fb7be9a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 21 Nov 2020 21:18:11 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 30ms
30ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 21 Nov 2020 20:18:11 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2

200

1 Show response
mc.yandex.ru/watch/67422199/
Redirect Chain

https://mc.yandex.ru/watch/67422199?wmode=7&page-url=http%3A%2F%2Ffava.thermalct.com.mx%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605989890239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3A...
https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Ffava.thermalct.com.mx%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605989890239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%...

167 B
249 B

48ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/67422199/1?wmode=7&page-url=http%3A%2F%2Ffava.thermalct.com.mx%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605989890239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201121211811%3Aet%3A1605989891%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1187308983994%3Arqn%3A1%3Arn%3A429466887%3Ahid%3A639967900%3Ads%3A298%2C15%2C172%2C0%2C0%2C0%2C0%2C261%2C13%2C%2C%2C%2C749%3Afp%3A617%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605989891%3Au%3A1605989891886532418%3App%3A3629563401%3At%3AA%20arte%20de%20fazer%20o%20dobro%20do%20trabalho%20na%20metade%20do%20tempo.%20Nova%20Vers%C3%A3o%20Baixar%20Gr%C3%A1tis

Requested by

Host: fava.thermalct.com.mx
URL: http://fava.thermalct.com.mx/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4b2d4cb67ec956b07d1ecb90d5ac2df66c879d8c97062da99dccf2a262ecc13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fava.thermalct.com.mx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 20:18:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 21-Nov-2020 20:18:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://fava.thermalct.com.mx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 21-Nov-2020 20:18:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Nov 2020 20:18:11 GMT
last-modified: Sat, 21-Nov-2020 20:18:11 GMT
location: /watch/67422199/1?wmode=7&page-url=http%3A%2F%2Ffava.thermalct.com.mx%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605989890239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201121211811%3Aet%3A1605989891%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1187308983994%3Arqn%3A1%3Arn%3A429466887%3Ahid%3A639967900%3Ads%3A298%2C15%2C172%2C0%2C0%2C0%2C0%2C261%2C13%2C%2C%2C%2C749%3Afp%3A617%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605989891%3Au%3A1605989891886532418%3App%3A3629563401%3At%3AA%20arte%20de%20fazer%20o%20dobro%20do%20trabalho%20na%20metade%20do%20tempo.%20Nova%20Vers%C3%A3o%20Baixar%20Gr%C3%A1tis
strict-transport-security: max-age=31536000
access-control-allow-origin: http://fava.thermalct.com.mx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 21-Nov-2020 20:18:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 23:35:17	Name: uvc Value: 1%7C47
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xsXHxcVZTJ4
.thermalct.com.mx/	1970-01-19 14:06:31	Name: _ym_visorc_67422199 Value: w
.addthis.com/	1970-01-19 23:35:17	Name: loc Value: MDAwMDBFVU5MTkIyMzE3MTg1NjAwMDAwMDBDSA==
fava.thermalct.com.mx/	1970-01-19 23:35:17	Name: __atuvc Value: 1%7C47
.thermalct.com.mx/	1970-01-19 22:52:05	Name: _ym_d Value: 1605989891
.youtube.com/	1970-01-19 18:25:41	Name: VISITOR_INFO1_LIVE Value: 2OOUOFy06y0
.thermalct.com.mx/	1970-01-19 22:52:05	Name: _ym_uid Value: 1605989891886532418
fava.thermalct.com.mx/	1970-01-19 14:06:31	Name: __atuvs Value: 5fb976020c7f5e9e000
.thermalct.com.mx/	1970-01-19 14:07:41	Name: _ym_isad Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.livrariacordis.com.br
cdn.sabado.pt
cdnjs.cloudflare.com
code.jquery.com
fava.thermalct.com.mx
febracis.vteximg.com.br
fonts.googleapis.com
fonts.gstatic.com
i1.rgstatic.net
images-americanas.b2w.io
images-na.ssl-images-amazon.com
images.trustinnews.pt
lojasaraiva.vteximg.com.br
m.addthis.com
mc.yandex.com
mc.yandex.ru
nova-escola-producao.s3.amazonaws.com
regiao-sul.pt
s7.addthis.com
static.natgeo.pt
v1.addthisedge.com
www.cm-alcacerdosal.pt
www.youtube.com
z.moatads.com
s7.addthis.com
104.111.216.96
104.75.88.112
176.61.147.176
176.61.147.201
194.107.127.165
2001:4de0:ac19::1:b:2b
2606:4700:3032::ac43:9698
2606:4700::6810:135e
2606:4700::6812:927
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:816::200e
2a02:26f0:1700:78f::3a4c
2a02:26f0:6c00:293::19fe
2a02:6b8::1:119
2a04:4e42:1b::272
45.147.199.136
52.216.132.235
65.9.86.53
65.9.86.74
88.157.217.144
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
2121155cd554380b3696a94f68c551901f8f7b4e6b2e1898f976596bf2a8e1c1
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
33f89a83966d581c29e8571c42a1f2be88bf470f9877c6c37e0be035b0e7079c
46079ffe1d51a0090b2139a2420812a0071a5ecf60ed04edeee319fd380ff92b
474b9e47a2bb55a31935eb446235244265f20258e6d24057c1f205458b3505b8
4b2d4cb67ec956b07d1ecb90d5ac2df66c879d8c97062da99dccf2a262ecc13d
4ee2cc1027d52197a14adcf49c6d3805a8346e38fdb59ed63945aca9ae1e1957
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c03dc49439b0e09a0b1fc5e448b065c832aa14e3971426c6c8b0ddd76193ac
59758422c323dc960b520771092039c1b813fbcac6fca491d9e9311dee1eea5e
5ac9e9f62c649f337282eaba6b8a1c98b769f431f5a82c9c413bfc42fb134723
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
64f9990414c6f684965940e59100224d1b14b86680d69ce42d23398feb93e5e1
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
6bd38df1a49971d250eb7bd16fe5098565b57dd2821ae89b9048d3292b592f21
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893
9d09b38b30f9ce18d439a284844398fa1078f8084ec56e3f1941f882fbfe846f
a0c96b6f9a2a492e567d260ae6dfafbacccc42f5318b3c9725e666c6f1c09e1f
a1350f14bdfd0b9c0478969c8d8ed10f2948ad655d8a5f9689db826c397d9fdc
a8c0402ce646afa8762516a05723383c4b759f267e1409c57566f83dc06b40ec
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
c6763c71ee4ba4619c8502eafbe562d45d5075a94eb3543bd5f075885fbe27b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bf56438a4a0fb5a4143fd671d474ddbc9ac14e2d5dceb7982d6a663f5d8770
e92e9455f84ec8a53ad4fe81e897e66ffc5a1a3cecde35c964e095d73375876f
f697289be2fc9cb51ef2226cf524a46c070642638544e096f233559167980aaa

fava.thermalct.com.mx Open in urlscan Pro 45.147.199.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

81 %HTTPS

52 %IPv6

22 Domains

24 Subdomains

22 IPs

7 Countries

2630 kBTransfer

3557 kBSize

10 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

fava.thermalct.com.mx Open in urlscan Pro
45.147.199.136 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

81 %
HTTPS

52 %
IPv6

22
Domains

24
Subdomains

22
IPs

7
Countries

2630 kB
Transfer

3557 kB
Size

10
Cookies

32 HTTP transactions
0 data transactions