urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2607:f8b0:4004:c1b::69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://topadvisitpro.pro/lion/591vdcfasd.php
Effective URL: https://www.google.com/
Submission: On January 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2607:f8b0:4004:c1b::69, located in and belongs to . The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1C3 on January 2nd 2024. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    45.90.56.13 (Geneva, Switzerland)

ASN204957 (GREENFLOID-AS, US)
PTR: mon-fri.gg
topadvisitpro.pro
14    45.60.63.22 (United States)

ASN19551 (INCAPSULA, US)
auth3.tim.com.br
3    2607:f8b0:4004:c1f::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    91.241.94.8 (Greece)

ASN49582 (UPSTREAM-AS Greece, GR)
www.timpromos.com.br
1    2001:4860:4802:32::181 (None, )

ASN- ()
analytics.google.com
1    2607:f8b0:4004:c08::9b (None, )

ASN- ()
stats.g.doubleclick.net
1    2607:f8b0:4004:c09::65 (None, )

ASN- ()
google.com
2    2607:f8b0:4004:c1b::69 (None, )

ASN- ()
www.google.com
Domain Requested by
14 auth3.tim.com.br 3 redirects auth3.tim.com.br
3 www.googletagmanager.com auth3.tim.com.br
www.googletagmanager.com
2 www.google.com topadvisitpro.pro
www.google.com
2 www.timpromos.com.br auth3.tim.com.br
2 topadvisitpro.pro 1 redirects auth3.tim.com.br
1 google.com 1 redirects
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
0 www.gstatic.com Failed www.google.com
0 analytics-br-tim.securewebfraud.io Failed
0 wap.dindo.com.br Failed auth3.tim.com.br
28 11

This site contains no links.

Subject Issuer Validity Valid
auth3.tim.com.br
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.google.com/
Frame ID: 7C17EFF0BF13F1470D5C0097FFB1C203
Requests: 24 HTTP requests in this frame

Frame: https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25
Frame ID: 39F0BCE300EE5736629F47BC2C5A077C
Requests: 1 HTTP requests in this frame

Frame: https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
Frame ID: 52C48E1C570DB0DFE5E62A57A4DAD995
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://topadvisitpro.pro/lion/591vdcfasd.php HTTP 301
    http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982F... Page URL
  2. https://google.com/ HTTP 301
    https://www.google.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

54 %
HTTPS

63 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

336 kB
Transfer

1659 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://topadvisitpro.pro/lion/591vdcfasd.php HTTP 301
    http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2 Page URL
  2. https://google.com/ HTTP 301
    https://www.google.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://topadvisitpro.pro/lion/591vdcfasd.php HTTP 301
  • http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Request Chain 14
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16 HTTP 302
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16 HTTP 302
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
Request Chain 16
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png HTTP 302
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
heloading
auth3.tim.com.br/v3/accesscontrol-web/
Redirect Chain
  • http://topadvisitpro.pro/lion/591vdcfasd.php
  • http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&en...
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
HTTP/1.1
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
a91a14d9348464ad7656a276ea6789cbba2aa2dcc38e0fb1f0249b3d5fdd63a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Type
text/html; charset=ISO-8859-1
Date
Fri, 26 Jan 2024 22:36:16 GMT
Keep-Alive
timeout=4, max=1500
Server
Apache
Transfer-Encoding
chunked
X-CDN
Imperva
X-Iinfo
13-72979393-72979394 NNYN CT(156 -1 0) RT(1706308575299 4) q(0 0 1 1) r(10 10) U24

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Jan 2024 22:36:14 GMT
Keep-Alive
timeout=5, max=100
Location
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2#ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwgPSAnJzt2YXIgcz1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnR5cGU9J3RleHQvamF2YXNjcmlwdCc7cy5zcmM9Jy8vdG9wYWR2aXNpdHByby5wcm8vbGlvbi8yMjJnZGhqL3RlbXAuanMnO2lkQ2xpY2s9Jyc7bGluaz0nYUhSMGNEb3ZMM2QzZHk1MGFXMXdjbTl0YjNNdVkyOXRMbUp5TDA5VVFTMUNVbFJKVFMxRFJVNVVVaTl5Wlc1a1lXWnBlR0V4TFhkbFpXdHNlUzF3ZEMxa2Iya3RkMlZpUDBoRlMyVjVkMjl5WkQxUFZFRmZVa1ZPUkVGZlJrbFlRVjlYUlVWTFgwZFNURjh4Sm5WMGJWOXpiM1Z5WTJVOVoyOXlhV3hzWVNaMWRHMWZiV1ZrYVhWdFBXTndZU1oxZEcxZlkyOXVkR1Z1ZEQxeVpXNWtZV1pwZUdFeEpuVjBiVjlqWVcxd1lXbG5iajFQVkVGZlVrVk9SRUZmUmtsWVFWOVhSVVZMWDBkU1RGOHhMV2R2Y21sc2JHRXRkMlZpTFdOd1lTMXlaVzVrWVdacGVHRXhMV2x0WVdkbEptZHliRjlwWkQwNU1EZDVOVEptTUU4MWRUZGFVakEwVG1STU1YUXdWa1ZwTUZKbGFtSW1aM0pzWDNCMVltbGtQVGcxT1NabmNteGZjM1ZpWDNCMVltbGtQUT09Jztkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKHMpOw==
Server
Apache/2.4.38 (Debian)
TIM-Login-styles-sheet.css
auth3.tim.com.br/OTP/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/css/TIM-Login-styles-sheet.css
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:18 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2017 03:57:51 GMT
server
Apache
x-cdn
Imperva
etag
"1742c1-539a-54eaac6d7edc0"
content-type
text/css
x-iinfo
5-14703048-14703051 NNYN CT(192 999 0) RT(1706308576422 30) q(0 0 12 1) r(14 14) U24
x-incap-sess-cookie-hdr
8clkY1SKfl0LnKhaNJ0McOEztGUAAAAArsHxs+zj9+wpCyyj+KxiTQ==
accept-ranges
bytes
cns.css
wap.dindo.com.br/newMobile/auth/tim/ 		0
0
jquery.min.js
auth3.tim.com.br/OTP/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/jquery.min.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:17 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2016 17:46:50 GMT
server
Apache
x-cdn
Imperva
etag
"1742c7-17b8b-53c67327e7680"
content-type
application/javascript
x-iinfo
5-14703048-14703054 NNYN CT(158 321 0) RT(1706308576422 30) q(0 0 5 6) r(7 7) U24
x-incap-sess-cookie-hdr
3xAyRSKY7wELnKhaNJ0McOEztGUAAAAAnX+btqOCtfabOtmZoatc3Q==
accept-ranges
bytes
jquery.mask.min.js
auth3.tim.com.br/OTP/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/jquery.mask.min.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:17 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:15:48 GMT
server
Apache
x-cdn
Imperva
etag
"42850-1788-53c4d9e356100"
content-type
application/javascript
x-iinfo
5-14703048-14703056 NNYN CT(149 849 0) RT(1706308576422 39) q(0 0 10 -1) r(12 12) U24
x-incap-sess-cookie-hdr
KCx3UY3YKw0LnKhaNJ0McOEztGUAAAAA0MpArQQdmXGSVHwXb1Dsow==
accept-ranges
bytes
jquery.bxslider.min.js
auth3.tim.com.br/OTP/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/jquery.bxslider.min.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
646de1820a3f0a81b2aa7ea26de561e5cbab36ef8430d7bb7b7f0ab024569b40

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:18 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2016 11:15:48 GMT
server
Apache
x-cdn
Imperva
etag
"4284f-4e4c-53c4d9e356100"
content-type
application/javascript
x-iinfo
5-14703048-14703058 NNYN CT(156 886 0) RT(1706308576422 42) q(0 0 11 -1) r(12 12) U24
x-incap-sess-cookie-hdr
MMloSjcxeggLnKhaNJ0McOEztGUAAAAAvAZ0P9hOxBKIETYou/7Drg==
accept-ranges
bytes
bowser.js
auth3.tim.com.br/OTP/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/bowser.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
71928367deed25916c0de98665f5733b47e07ae048a79a0901a48fabb9876040

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:17 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2017 19:10:36 GMT
server
Apache
x-cdn
Imperva
etag
"f806d-2219-545ea78dd8300"
content-type
application/javascript
x-iinfo
5-14703048-14703053 NNYN CT(149 852 0) RT(1706308576422 34) q(0 0 10 -1) r(12 12) U24
x-incap-sess-cookie-hdr
UuIEDGvwOD0LnKhaNJ0McOEztGUAAAAASqufkV+CqO8Ws5a+Fi4jlA==
accept-ranges
bytes
spinner.js
auth3.tim.com.br/OTP/js/ 		611 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/spinner.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
d8151845717c3ed76a8002136f43423e7efedc096b4f60eb7aefe62c65544eef

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:18 GMT
content-encoding
gzip
last-modified
Wed, 05 Sep 2018 17:22:45 GMT
server
Apache
x-cdn
Imperva
etag
"f806c-263-5752305ca4340"
content-type
application/javascript
x-iinfo
5-14703048-14703060 NNYN CT(155 882 0) RT(1706308576422 44) q(0 0 11 -1) r(12 12) U24
x-incap-sess-cookie-hdr
fj40B7ChjGgLnKhaNJ0McOEztGUAAAAA2t6Z5JJO9MyF5k5OWdEo5w==
accept-ranges
bytes
logClientV3.js
auth3.tim.com.br/OTP/js/ 		304 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/OTP/js/logClientV3.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
c28f024df8df9c3553efca35b134d3bde558f9e5f85a3b052d581bef81c47c90

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:18 GMT
content-encoding
gzip
last-modified
Mon, 25 Nov 2019 18:36:55 GMT
server
Apache
x-cdn
Imperva
etag
"4236c-130-598300c411fc0"
content-type
application/javascript
x-iinfo
5-14703048-14703056 PNYN RT(1706308576422 46) q(0 12 12 -1) r(13 13) U24
x-incap-sess-cookie-hdr
qm6yf1RfMAgLnKhaNJ0McOEztGUAAAAAGWFBEKuV21laNS32V8C/9Q==
accept-ranges
bytes
loading.gif
auth3.tim.com.br/OTP/imgs/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth3.tim.com.br/OTP/imgs/loading.gif
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
3e75a6774ef7041083d556b2f83a816acdd398eff6add8c1867c0cea9ddf6d4b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:18 GMT
last-modified
Wed, 31 Aug 2016 14:46:24 GMT
server
Apache
x-cdn
Imperva
etag
"42816-5992-53b5f2946f000"
content-type
image/gif
x-iinfo
5-14703048-14703058 PNNN RT(1706308576422 1593) q(0 0 0 -1) r(1 1) U24
x-incap-sess-cookie-hdr
O6s+FoMenzkLnKhaNJ0McOIztGUAAAAAaNUgUK4tCq3EFX/KFI5ifg==
accept-ranges
bytes
content-length
22930
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-XXXX
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://auth3.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
header.aspx
wap.dindo.com.br/newMobile/auth/tim/ Frame 39F0 		0
0
temp.js
topadvisitpro.pro/lion/222gdhj/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://topadvisitpro.pro/lion/222gdhj/temp.js
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
HTTP/1.1
Server
45.90.56.13 Geneva, Switzerland, ASN204957 (GREENFLOID-AS, US),
Reverse DNS
mon-fri.gg
Software
Apache/2.4.38 (Debian) /
Resource Hash
f05e67abbb4c8036ae631ee4fc5a99428d5bad75fd8996dfb01c09ec6ade3a1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 22:36:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2023 10:56:15 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2599-60cdab7290029-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3248
rendafixa1-weekly-pt-doi-web
www.timpromos.com.br/OTA-BRTIM-CENTR/ 		169 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.timpromos.com.br/OTA-BRTIM-CENTR/rendafixa1-weekly-pt-doi-web?HEKeyword=OTA_RENDA_FIXA_WEEK_GRL_1&utm_source=gorilla&utm_medium=cpa&utm_content=rendafixa1&utm_campaign=OTA_RENDA_FIXA_WEEK_GRL_1-gorilla-web-cpa-rendafixa1-image&grl_id=907y52f0O5u7ZR04NdL1t0VEi0Rejb&grl_pubid=859&grl_sub_pubid=
Requested by
Host: auth3.tim.com.br
URL: https://auth3.tim.com.br/OTP/js/jquery.min.js
Protocol
HTTP/1.1
Server
91.241.94.8 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
9490d44beb42fa006a56b9c9a2d6357aaa705d3c2b422cf5d5c9ac53bf076dd9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 22:36:20 GMT
Content-Encoding
gzip
Via
1.1 brtim1-varnish-5d85b7f48-6dnqh (Varnish/7.4)
Strict-Transport-Security
max-age=0; includeSubDomains
Age
0
Vary
Accept-Encoding
X-Cache
MISS
X-Varnish
207695084
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=1000
OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css
auth3.tim.com.br/v3/accesscontrol-web/assets/ Frame 52C4
Redirect Chain
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
Protocol
H2
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

location
https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
x-iinfo
5-14703048-0 PNNN RT(1706308576422 5292) q(0 0 0 -1) r(1 -1) U24
cache-control
no-cache, no-store
x-incap-sess-cookie-hdr
9KAODjm8fHILnKhaNJ0McOUztGUAAAAARVud+mFWON5AfU8sQF1Mpg==
content-length
122
content-type
text/html
gtm.js
www.googletagmanager.com/ 		182 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55MH8K7M
Requested by
Host: auth3.tim.com.br
URL: http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d67560b4eda2f71426f7aee31cd20da76b245c16e01c5335ce4c538041eded04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66564
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Jan 2024 22:36:22 GMT
OTA-rendafixa1-logo.png
auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/ Frame 52C4
Redirect Chain
  • http://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png
  • https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png
Protocol
H2
Server
45.60.63.22 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

Date
Fri, 26 Jan 2024 22:36:22 GMT
Server
Apache
X-CDN
Imperva
Content-Type
text/html; charset=iso-8859-1
Location
https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png
X-Iinfo
18-42143213-42143214 NNNN CT(157 -1 0) RT(1706308581076 2) q(0 0 2 1) r(11 11) U24
Connection
Keep-Alive
Keep-Alive
timeout=4, max=1500
Content-Length
275
AQ4z3kk7ZCcSIBWNCRPtNIcrNtP6HgtKWxTEEvF4EaU1abz6e-EeXYzCgJcg_Wih01xI
analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/ Frame 52C4 		0
0
AQ4z3kk7ZCcSIBWNCRPtNIcrNtP6HgtKWxTEEvF4EaU1abz6e-EeXYzCgJcg_Wih01xI
www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/ Frame 52C4 		51 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3kk7ZCcSIBWNCRPtNIcrNtP6HgtKWxTEEvF4EaU1abz6e-EeXYzCgJcg_Wih01xI
Protocol
HTTP/1.1
Server
91.241.94.8 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jan 2024 22:36:22 GMT
Content-Type
image/gif
Cache-Control
no-store, private
Content-Disposition
attachment; filename="pixel"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=1000
Content-Length
51
js
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B1HB0WT4GL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55MH8K7M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4abd6ff5b6cf2a4fdcd226db72cd17a7403f7ac80812b7fcf752d7fd8b1b2082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:36:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89162
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 22:36:22 GMT
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-B1HB0WT4GL&gtm=45je41o0v9173685420z89173677604&_p=1706308581977&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1557754923.1706308582&ul=en-us&sr=1600x1200&_s=1&sid=1706308582&sct=1&seg=0&dl=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading%3Fbmctx%3DD1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C%26contextType%3Dexternal%26username%3Dstring%26enablePersistentLogin%3Dtrue%26password%3Dsecure_string%26challenge_url%3Dhttp%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fheloading%26request_id%3D8407358969913691941%26authn_try_count%3D0%26locale%3Duk_UA%26resource_url%3Dhttps%25253A%25252F%25252Fauth3.tim.com.br%25252Fv3%25252Faccesscontrol-web%25252Fhe%25253Fclient_id%25253Db4da3e0624b94cbabb4d4c82b84b3012%252526csp%25253D751%252526appid%25253D11657%252526msisdn%25253D16982527516%252526redirect_uri%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252525252FNCN%252525252Fcallback%252525252Fpending%252526SecureSessionId%25253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%252526campaignReturnURL%25253Dhttp%252525253A%252525252F%252525252Fwww.timpromos.com.br%252522%25253E%2500%2500%2500%2500%2500%2500%2500%25253CScript%25253Eeval(atob(window.location.hash.substr(1)))%25253C%25252FScript%25253E%252525252FNCN%252525252Fredirect%252526paymentType%25253D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7961
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1HB0WT4GL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 22:36:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://auth3.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B1HB0WT4GL&cid=1557754923.1706308582&gtm=45je41o0v9173685420z89173677604&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1HB0WT4GL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 22:36:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://auth3.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
www.google.com/
Redirect Chain
  • https://google.com/
  • https://www.google.com/
198 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: topadvisitpro.pro
URL: http://topadvisitpro.pro/lion/222gdhj/temp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::69 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
88110f429325c27461fa3bc30cbba4f9244d380e5ecb6ea43cafb60f368d088a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
56400
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-cnYor4oyQBZDL-agVowWUA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Fri, 26 Jan 2024 22:36:23 GMT
expires
-1
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000
content-length
220
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-iarWwtVWXkOGv3BmOpgzTw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Fri, 26 Jan 2024 22:36:23 GMT
expires
Sun, 25 Feb 2024 22:36:23 GMT
location
https://www.google.com/
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
www.google.com/xjs/_/js/k=xjs.hd.en.r15tfw-0Tds.O/am=AAAAAAAAAAAAAAAAAAAAAAAgAAAAQAL9hEMANkAAAAAAAySAAIAARgCiUJAAYABAEPBQJgAAMAECQ2ACSBF4JwEAABNQBRAAAAAAAADBAFEAgQcEAACgAwBADEWABiQIUAAEAAAAIA8AwQEw... 		658 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/xjs/_/js/k=xjs.hd.en.r15tfw-0Tds.O/am=AAAAAAAAAAAAAAAAAAAAAAAgAAAAQAL9hEMANkAAAAAAAySAAIAARgCiUJAAYABAEPBQJgAAMAECQ2ACSBF4JwEAABNQBRAAAAAAAADBAFEAgQcEAACgAwBADEWABiQIUAAEAAAAIA8AwQEwSEEAAAAAAAAAAAAAASQIwgUJQEEAAQAAAAAAAAAAAICUNFFhGA/d=1/ed=1/dg=2/br=1/rs=ACT90oGKiMp8xGROEKYMyjzSrlHgIjrptg/ee=AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,pnvXVc;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;hLUtwc:KB8OKd;heHB1:sFczq;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO,pnvXVc;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::69 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
26162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280133
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 23:51:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gws-team"
vary
Accept-Encoding, Origin
report-to
{"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 15:20:21 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		0
0
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
rs=AA2YrTvLnSTmjOk117_e95V0EKaPsslVbQ
www.gstatic.com/og/_/js/k=og.qtm.en_US.RScl3bbyirc.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ 		0
0
rs=AA2YrTtRVVd7Ifu6yXdUSAZNCo3PPUxNcQ
www.gstatic.com/og/_/ss/k=og.qtm.p59jgm9SRCU.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ 		0
0
desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wap.dindo.com.br
URL
https://wap.dindo.com.br/newMobile/auth/tim/cns.css
Domain
wap.dindo.com.br
URL
https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25
Domain
analytics-br-tim.securewebfraud.io
URL
http://analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3kk7ZCcSIBWNCRPtNIcrNtP6HgtKWxTEEvF4EaU1abz6e-EeXYzCgJcg_Wih01xI
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Domain
www.gstatic.com
URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.RScl3bbyirc.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvLnSTmjOk117_e95V0EKaPsslVbQ
Domain
www.gstatic.com
URL
https://www.gstatic.com/og/_/ss/k=og.qtm.p59jgm9SRCU.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTtRVVd7Ifu6yXdUSAZNCo3PPUxNcQ
Domain
www.google.com
URL
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| $ function| jQuery object| bowser function| logClient object| s string| idClick string| link function| _0xb311 function| _0x4596 function| _0x4ac69e function| rand string| fill object| _0x212f function| _0x5cb9 string| CURRENT_APP_URL string| AJAX_EVENT_ENDPOINT function| secureDMsisdnValidationFn function| prefillValues function| countryCode object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Domain/Path Name / Value
topadvisitpro.pro/lion Name: f7e825e1eb287f8edd169ab7f72d6c44
Value: 1
auth3.tim.com.br/ Name: JSESSIONID
Value: 4NpH6qXW8zWS4iGbbBvzie2A77JP_iJkAP55f1xZxiKlY3IiyhMI!481158243
.tim.com.br/ Name: visid_incap_2787765
Value: clMYeBHdTNyavSs0MTxz4d8ztGUAAAAAQUIPAAAAAAA6Pl1Bl5Mx0zHAdqDbE9sc
.tim.com.br/ Name: incap_ses_8074_2787765
Value: ZUzHXvPJTlELnKhaNJ0McOEztGUAAAAAkxC1tXB7AZb2egvjbfnYTg==
.tim.com.br/ Name: _gcl_au
Value: 1.1.1561436542.1706308582
.tim.com.br/ Name: _ga
Value: GA1.1.1557754923.1706308582
.tim.com.br/ Name: _ga_B1HB0WT4GL
Value: GS1.1.1706308582.1.0.1706308582.60.0.0

5 Console Messages

Source Level URL
Text
network error URL: https://wap.dindo.com.br/newMobile/auth/tim/cns.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.googletagmanager.com/gtm.js?id=GTM-XXXX
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: http://topadvisitpro.pro/lion/222gdhj/temp.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-br-tim.securewebfraud.io
analytics.google.com
auth3.tim.com.br
google.com
stats.g.doubleclick.net
topadvisitpro.pro
wap.dindo.com.br
www.google.com
www.googletagmanager.com
www.gstatic.com
www.timpromos.com.br
analytics-br-tim.securewebfraud.io
wap.dindo.com.br
www.google.com
www.gstatic.com
2001:4860:4802:32::181
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::65
2607:f8b0:4004:c1b::69
2607:f8b0:4004:c1f::61
45.60.63.22
45.90.56.13
91.241.94.8
38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce
3e75a6774ef7041083d556b2f83a816acdd398eff6add8c1867c0cea9ddf6d4b
4abd6ff5b6cf2a4fdcd226db72cd17a7403f7ac80812b7fcf752d7fd8b1b2082
646de1820a3f0a81b2aa7ea26de561e5cbab36ef8430d7bb7b7f0ab024569b40
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
71928367deed25916c0de98665f5733b47e07ae048a79a0901a48fabb9876040
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
88110f429325c27461fa3bc30cbba4f9244d380e5ecb6ea43cafb60f368d088a
9490d44beb42fa006a56b9c9a2d6357aaa705d3c2b422cf5d5c9ac53bf076dd9
a91a14d9348464ad7656a276ea6789cbba2aa2dcc38e0fb1f0249b3d5fdd63a3
c28f024df8df9c3553efca35b134d3bde558f9e5f85a3b052d581bef81c47c90
d67560b4eda2f71426f7aee31cd20da76b245c16e01c5335ce4c538041eded04
d8151845717c3ed76a8002136f43423e7efedc096b4f60eb7aefe62c65544eef
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f05e67abbb4c8036ae631ee4fc5a99428d5bad75fd8996dfb01c09ec6ade3a1b