Report - track.apmiumsercicio.club/868480fc-0f75-4712-af52-2de2dbbd57b5/2?zoneid=6973322&cost=0.001000&visitor

Report Overview

Submitted URL
track.apmiumsercicio.club/868480fc-0f75-4712-af52-2de2dbbd57b5/2?zoneid=6973322&cost=0.001000&visitor_id=807262286614900736
IP
18.193.209.105
ASN
#16509 AMAZON-02
Submitted
2024-04-25 22:58:00
Access
public
Website Title
timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Final URL
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-24	3.1 kB	1.3 kB	216.239.34.36
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	459 B	5.3 kB	142.250.74.106
track.apmiumsercicio.club	unknown	2024-03-05	2024-03-05	2024-04-18	577 B	857 B	18.193.209.105
lightdigital.g2afse.com	270032	2019-02-26	2022-03-26	2024-02-27	535 B	679 B	34.90.14.205
www.timpromos.com.br	140429	2015-04-27	2016-06-28	2024-04-17	13 kB	109 kB	91.241.94.8
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	1.3 kB	284 kB	142.250.74.168
analytics-br-tim.securewebfraud.io	unknown	2018-05-11	2022-06-26	2024-03-03	462 B	330 B	91.220.208.18
www.google.no	25607	2001-02-26	2016-04-05	2024-04-25	594 B	578 B	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-25 22:57:35	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2024-04-25 22:57:35	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2024-04-25 22:57:35	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	unknown	47 B	2023-04-11	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:25:25 Last Seen2024-05-05 03:41:17 Times Seen4839 Hash 2512414f817df8312569d55032748f81 13467df6e962aa77bb36867ff1412e1ba9f8feb1 e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	131 kB	2024-04-26	2024-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 00:58:02 Last Seen2024-04-26 00:58:02 Times Seen1 Hash 02162a89f5754110e105dd504ad013a7 dfb78b946f7aa751144d3e3e404d8d3dac2bb552 79ae785ebc5f46b73d9cf5dbb4eae6d90684916e2cd68e1d7a5a3109352450c1 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/sandbox%20eval%20code	147 B	2023-04-11	2024-05-05
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 14:09:32 Times Seen344919 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c	278 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:58:02 Last Seen2024-04-26 00:58:03 Times Seen2 Hash 1d210c9cf14f390c4b3c7bad144aabd8 1c62d3df7da5906c7658e95ee0738ee1a0148270 a126549725f65d4300b6e86359f9cdac110c5e08ab59c89e33682984200c4caa Loading...

	www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c	278 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:58:02 Last Seen2024-04-26 00:58:03 Times Seen2 Hash f688cc521801cf3eee25d0ebc0c8c1e5 1492586d446d239efb15770eb4a08aad1c0bc30e ea1cc79d2752f98a424cfda1ba1b02a547452714ae6824fcd41d29a4a73bea93 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	75 B	2023-03-07	2024-05-02
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-05-02 11:40:31 Times Seen657 Hash 219540904c0178c788f7876c475cf695 34be8b20e8abc01ba107bb54f70c2319511043b7 328ca9901193cec5051c6c7fe1404faf85e4ce1cfed2d9bb7bc429a8573d90ca Loading...

	unknown	79 B	2023-04-11	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-05 12:40:20 Times Seen125492 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	548 B	2023-03-07	2024-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-04-26 00:58:24 Times Seen45 Hash 58e40a18675f7394bc136d3ee190af4a 4f2839b8e560d8ad16436b7b0bbdeb5f6e01c975 fdc254dea572b181abec2e65506bc614620f5cbe6726542d318937355cc783f4 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	245 B	2023-03-07	2024-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-04-26 00:58:24 Times Seen42 Hash 15466418eff1d341f2f721aa49144685 c8e4fa6f45c0d7412f496749b85decad5a28544a a504092f39c1f308752b0a039e92fbdbe9185febcad9889a29594ae5bdbff3dc Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7	254 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:58:02 Last Seen2024-04-26 00:58:03 Times Seen2 Hash 9ceafc4dace4e9c524c8a67463874b1b 3482932d3986a1585db6e409f3a298725cbe3321 ac95259cca2c5cf790e1326bbad7e374e533e1a247a3c63f95709a1ae2304446 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-05
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 14:09:32 Times Seen344413 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	37 B	2023-04-11	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-05 14:07:18 Times Seen234332 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	1.3 kB	2023-03-07	2024-05-02
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-05-02 11:40:31 Times Seen650 Hash 32107fcc1984fa62bea9d7dbbf932c08 ea6c30a9630a580a1656fb7360431afaf7bd9416 984649f7580993dc5ffefe351760e74f630f271d6593c7dde254f044a5fd4380 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	960 B	2023-10-26	2024-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-26 14:26:17 Last Seen2024-04-26 00:58:24 Times Seen77 Hash f62e683862cc04acf5d1d65ee9aad719 64b0ffe29f2a527db1a03bda443d3e3018bced88 3bb8a5c4a2cf21d3936c9e3af1978c30363e26be1ff4e024cca572c5c42220cc Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	56 B	2023-03-07	2024-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-04-26 00:58:24 Times Seen326 Hash e633aa08ae12366911d8e26c62df0ac7 a16f61cc6d9dbd371d1111eaff9b8e9ab3532ad7 4d9920d1b0a027e9d1e7994912dede5626a56cef010170b15fb45edc85f882ed Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249	2.8 kB	2023-11-26	2024-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-26 13:55:16 Last Seen2024-04-26 00:58:25 Times Seen41 Hash 47306d1d21e67d9a0fba1d0c401ffed1 3a81c074d1a04571e95636b11a66424b61157ff6 b47e9bc8cf1c7713ac45fe84d764a29bac25d39f513f292b41d1db7f8919a2ad Loading...

HTTP Transactions (18)

URL IP Response Size

track.apmiumsercicio.club/868480fc-0f75-4712-af52-2de2dbbd57b5/2?zoneid=6973322&cost=0.001000&visitor_id=807262286614900736

18.193.209.105

302 Found

0 B

URL User Request GET HTTP/2
track.apmiumsercicio.club/868480fc-0f75-4712-af52-2de2dbbd57b5/2?zoneid=6973322&cost=0.001000&visitor_id=807262286614900736
IP
18.193.209.105:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjecttrack.apmiumsercicio.club
FingerprintA4:0B:04:1D:DC:63:22:C1:9C:FE:2A:B1:54:EA:3C:AB:DB:9B:4F:12
ValidityTue, 05 Mar 2024 16:03:22 GMT - Mon, 03 Jun 2024 16:03:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /868480fc-0f75-4712-af52-2de2dbbd57b5/2?zoneid=6973322&cost=0.001000&visitor_id=807262286614900736 HTTP/1.1
Host: track.apmiumsercicio.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 25 Apr 2024 22:57:34 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://lightdigital.g2afse.com/click?pid=249&offer_id=6885&sub1=wfnj92covkofjmr03iocen76
pragma: no-cache
set-cookie: 868480fc-0f75-4712-af52-2de2dbbd57b5-v4=zzroqKbgkUge4IQ5bFsHv5uLfAwFli6ltehV3pc1rs8; Max-Age=86400; Expires=Fri, 26-Apr-2024 22:57:34 GMT; Domain=track.apmiumsercicio.club; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=OmzCJs42KNUUOUorW4WtrDM%2FK2n1n6AXDjgSc6Z7KZmIZ%2F3ikAWyLXiX8p%2BEcewWhA9iIXThLEVa45j2SGJUjdFB4RV00U2RmxVTHDEZaDN8fg3VUss%2B3kH1uu9zDbV2ITXubBLXLPN7hL1ppB6ezA%3D%3D; Max-Age=31536000; Expires=Fri, 25-Apr-2025 22:57:34 GMT; Domain=track.apmiumsercicio.club; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

lightdigital.g2afse.com/click?pid=249&offer_id=6885&sub1=wfnj92covkofjmr03iocen76

34.90.14.205

302 Found

0 B

URL User Request GET HTTP/2
lightdigital.g2afse.com/click?pid=249&offer_id=6885&sub1=wfnj92covkofjmr03iocen76
IP
34.90.14.205:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerDigiCert Inc
Subject*.g2afse.com
Fingerprint3A:C2:12:6C:59:0C:A9:12:C1:47:C8:05:B6:0F:75:69:7A:76:D6:85
ValidityMon, 28 Aug 2023 00:00:00 GMT - Wed, 04 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=249&offer_id=6885&sub1=wfnj92covkofjmr03iocen76 HTTP/1.1
Host: lightdigital.g2afse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 25 Apr 2024 22:57:34 GMT
content-length: 0
location: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=662adfde457987000159d84e; expires=Fri, 25 Apr 2025 22:57:34 GMT; secure; SameSite=None
afoffers={"6885":1714085854}; expires=Fri, 25 Apr 2025 22:57:34 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

91.241.94.8

200 OK

45 kB

URL User Request GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

File type
HTML document, ASCII text, with very long lines (61556)
Size
45 kB (45224 bytes)
Hash
b034dc5872a600a41418bb37f996bcaa
36853a090eb2a83824024e34cd5b9a5ac4c84b2e
e85977b8836fec4868c7452b8b90daf78eaf39f91b0f2c858f2ffd290f414efb

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249 HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 22:57:34 GMT
Cache-Control: no-cache, private
Strict-Transport-Security: max-age=0; includeSubDomains
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
X-Varnish: 547549552
Age: 0
Via: 1.1 brtim1-varnish-5d85b7f48-6dnqh (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: MISS
Access-Control-Allow-Origin: *
Set-Cookie: ng_session=eyJpdiI6IkI3emMxZGliTzVWeGw3YzFwd2tXUXc9PSIsInZhbHVlIjoiSmxGVHIvb1ZObjd6em9OSStZem5rMzJ6OE9iQ0IyTU1vWkxKQzNYcXpWMGtXR3N4OVFHY09uT2svWTUrNXJuQTV1RlE0NzVwV05XNFppSGRRVDkrWE01SWR5SDdDOWJ2YVVxcDc2dnNFT2V1OFRBTnlidWZBN3VMR2h1dUlGbHgiLCJtYWMiOiJlNWEzYmNmYzU3MWQ1ZjhhMmZmZmQ5ZjdmYzQxMzkyNmVkMmFmN2QzZDZjNWZkMjAwNjYwMjA5NDI0NWNhZjdkIiwidGFnIjoiIn0%3D; expires=Fri, 26 Apr 2024 04:57:35 GMT; Max-Age=21600; path=/; httponly; samesite=lax
ctxid=eyJpdiI6ImQ4NWFKOEhpbWdzQnlDUEpzT2xic1E9PSIsInZhbHVlIjoib0k4RGJqWnZ5cVg4SWNLNExTWk1hb2NYbWc3d0VjM2l4U0VTdkRlUTZyQllyR09NdUg5K3QwczJlekprYjRmTXFNWUdSY2JPaGM3YzFIMWQxQXZkd2ZCRTJ0RXBsOWZqRWJFc3JFeFA0NUE9IiwibWFjIjoiNTBkYjQyNjNhNzI5MzBhZjI4Yjc3NjQyZTE1NjFlOWFiMGY1YTc2MzNiNWMyNTg0YWI1OTNiNzUxNTc5ZDE0NyIsInRhZyI6IiJ9; expires=Sun, 23 Apr 2034 22:57:34 GMT; Max-Age=315359999; path=/; httponly; samesite=lax
rd=deleted; expires=Wed, 26 Apr 2023 22:57:34 GMT; Max-Age=0; path=/; httponly; samesite=lax
userSessionID=eyJpdiI6Ik85VUxUblpUL0l5WHFzMjRqSFdrd2c9PSIsInZhbHVlIjoiTktJTkVOTlpBYXN5cWRCZnJpOU12QjB5ek15ZjM0YVRlN0lsNGhPN1kvLzRhNnZCNHBsdEg2ZGVuMm1RTXl0WXhFMmkwOUJ3WkxjeWp1ZWx0cjhPMldLRUQ1WC9xTGllNG1kUDZIWWVqY2s9IiwibWFjIjoiYTUyOTExZmU2NzcwOGUzZGRlYzJjMmY3M2ZiMzY5YzI5NDk3N2IyMDc4YTA5YTA2MjBiNWY3MGRmNWFlNTk1NiIsInRhZyI6IiJ9; expires=Thu, 25 Apr 2024 23:27:34 GMT; Max-Age=1799; path=/; httponly; samesite=lax
userPermID=eyJpdiI6IjdGZmVSVmJ6V0xqUTVpdEtiV2VOUHc9PSIsInZhbHVlIjoiYTRkTVVncjVZbjM4SVdMSWNndStHQXNpZXd2UlJEWG93VVlndG1vbmJaTXF0ajg4RndEay9ZUEtVWXQxd2RpclFFVzAxS1dMR2pKcE1pclFjNy9iQ1YwN21yc2toSU5sN0IyZFlBcHg5Vm89IiwibWFjIjoiNThmOWZmN2U1NDU4N2EwNzJhNmExNGIyMGRiZGI4NTY3ZDAxNjZjNzE5NGUyMjY3NGVmZTVjM2Y5NTFhMDczMiIsInRhZyI6IiJ9; expires=Sun, 23 Apr 2034 22:57:34 GMT; Max-Age=315359999; path=/; httponly; samesite=lax
TS01c950bd=01b02e3e8968cfeed7fe752b5e7274af71d28ffb3130f3a70c6a363ba783ac61551c2e7decb710e5f32c6bff948ca7ef584f8cab89; Path=/; Domain=.www.timpromos.com.br
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52

91.241.94.8

200 OK

3.1 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

File type
ASCII text, with CRLF, LF line terminators
Size
3.1 kB (3052 bytes)
Hash
5c68dc7f869919ea52fff1ca7b59900d
54f044e2490c433b166e822f0c794d32ddafc638
02403d4dc531f5ed01df67faa19ec3c8b96a290b8b916668684e6357ad7365a0

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52 HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Cookie: ng_session=eyJpdiI6IkI3emMxZGliTzVWeGw3YzFwd2tXUXc9PSIsInZhbHVlIjoiSmxGVHIvb1ZObjd6em9OSStZem5rMzJ6OE9iQ0IyTU1vWkxKQzNYcXpWMGtXR3N4OVFHY09uT2svWTUrNXJuQTV1RlE0NzVwV05XNFppSGRRVDkrWE01SWR5SDdDOWJ2YVVxcDc2dnNFT2V1OFRBTnlidWZBN3VMR2h1dUlGbHgiLCJtYWMiOiJlNWEzYmNmYzU3MWQ1ZjhhMmZmZmQ5ZjdmYzQxMzkyNmVkMmFmN2QzZDZjNWZkMjAwNjYwMjA5NDI0NWNhZjdkIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6ImQ4NWFKOEhpbWdzQnlDUEpzT2xic1E9PSIsInZhbHVlIjoib0k4RGJqWnZ5cVg4SWNLNExTWk1hb2NYbWc3d0VjM2l4U0VTdkRlUTZyQllyR09NdUg5K3QwczJlekprYjRmTXFNWUdSY2JPaGM3YzFIMWQxQXZkd2ZCRTJ0RXBsOWZqRWJFc3JFeFA0NUE9IiwibWFjIjoiNTBkYjQyNjNhNzI5MzBhZjI4Yjc3NjQyZTE1NjFlOWFiMGY1YTc2MzNiNWMyNTg0YWI1OTNiNzUxNTc5ZDE0NyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik85VUxUblpUL0l5WHFzMjRqSFdrd2c9PSIsInZhbHVlIjoiTktJTkVOTlpBYXN5cWRCZnJpOU12QjB5ek15ZjM0YVRlN0lsNGhPN1kvLzRhNnZCNHBsdEg2ZGVuMm1RTXl0WXhFMmkwOUJ3WkxjeWp1ZWx0cjhPMldLRUQ1WC9xTGllNG1kUDZIWWVqY2s9IiwibWFjIjoiYTUyOTExZmU2NzcwOGUzZGRlYzJjMmY3M2ZiMzY5YzI5NDk3N2IyMDc4YTA5YTA2MjBiNWY3MGRmNWFlNTk1NiIsInRhZyI6IiJ9; userPermID=eyJpdiI6IjdGZmVSVmJ6V0xqUTVpdEtiV2VOUHc9PSIsInZhbHVlIjoiYTRkTVVncjVZbjM4SVdMSWNndStHQXNpZXd2UlJEWG93VVlndG1vbmJaTXF0ajg4RndEay9ZUEtVWXQxd2RpclFFVzAxS1dMR2pKcE1pclFjNy9iQ1YwN21yc2toSU5sN0IyZFlBcHg5Vm89IiwibWFjIjoiNThmOWZmN2U1NDU4N2EwNzJhNmExNGIyMGRiZGI4NTY3ZDAxNjZjNzE5NGUyMjY3NGVmZTVjM2Y5NTFhMDczMiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e8968cfeed7fe752b5e7274af71d28ffb3130f3a70c6a363ba783ac61551c2e7decb710e5f32c6bff948ca7ef584f8cab89
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 22:57:35 GMT
Last-Modified: Tue, 11 Jul 2023 09:00:37 GMT
ETag: "56be-600325524041f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3052
Content-Type: text/css
X-Varnish: 548937654
Age: 0
Via: 1.1 brtim1-varnish-5d85b7f48-6dnqh (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: MISS
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png

91.241.94.8

200 OK

213 B

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

File type
PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced
Size
213 B (213 bytes)
Hash
d249b874e72ea9acce9f630517b48c4e
78a06a4b69bbd59d7fa9c70723640c775caf37cc
1861c75e1a0c132e357bccf763069d785f5954fe959d784abb1773f93b87bd28

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Cookie: ng_session=eyJpdiI6IkI3emMxZGliTzVWeGw3YzFwd2tXUXc9PSIsInZhbHVlIjoiSmxGVHIvb1ZObjd6em9OSStZem5rMzJ6OE9iQ0IyTU1vWkxKQzNYcXpWMGtXR3N4OVFHY09uT2svWTUrNXJuQTV1RlE0NzVwV05XNFppSGRRVDkrWE01SWR5SDdDOWJ2YVVxcDc2dnNFT2V1OFRBTnlidWZBN3VMR2h1dUlGbHgiLCJtYWMiOiJlNWEzYmNmYzU3MWQ1ZjhhMmZmZmQ5ZjdmYzQxMzkyNmVkMmFmN2QzZDZjNWZkMjAwNjYwMjA5NDI0NWNhZjdkIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6ImQ4NWFKOEhpbWdzQnlDUEpzT2xic1E9PSIsInZhbHVlIjoib0k4RGJqWnZ5cVg4SWNLNExTWk1hb2NYbWc3d0VjM2l4U0VTdkRlUTZyQllyR09NdUg5K3QwczJlekprYjRmTXFNWUdSY2JPaGM3YzFIMWQxQXZkd2ZCRTJ0RXBsOWZqRWJFc3JFeFA0NUE9IiwibWFjIjoiNTBkYjQyNjNhNzI5MzBhZjI4Yjc3NjQyZTE1NjFlOWFiMGY1YTc2MzNiNWMyNTg0YWI1OTNiNzUxNTc5ZDE0NyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik85VUxUblpUL0l5WHFzMjRqSFdrd2c9PSIsInZhbHVlIjoiTktJTkVOTlpBYXN5cWRCZnJpOU12QjB5ek15ZjM0YVRlN0lsNGhPN1kvLzRhNnZCNHBsdEg2ZGVuMm1RTXl0WXhFMmkwOUJ3WkxjeWp1ZWx0cjhPMldLRUQ1WC9xTGllNG1kUDZIWWVqY2s9IiwibWFjIjoiYTUyOTExZmU2NzcwOGUzZGRlYzJjMmY3M2ZiMzY5YzI5NDk3N2IyMDc4YTA5YTA2MjBiNWY3MGRmNWFlNTk1NiIsInRhZyI6IiJ9; userPermID=eyJpdiI6IjdGZmVSVmJ6V0xqUTVpdEtiV2VOUHc9PSIsInZhbHVlIjoiYTRkTVVncjVZbjM4SVdMSWNndStHQXNpZXd2UlJEWG93VVlndG1vbmJaTXF0ajg4RndEay9ZUEtVWXQxd2RpclFFVzAxS1dMR2pKcE1pclFjNy9iQ1YwN21yc2toSU5sN0IyZFlBcHg5Vm89IiwibWFjIjoiNThmOWZmN2U1NDU4N2EwNzJhNmExNGIyMGRiZGI4NTY3ZDAxNjZjNzE5NGUyMjY3NGVmZTVjM2Y5NTFhMDczMiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e8968cfeed7fe752b5e7274af71d28ffb3130f3a70c6a363ba783ac61551c2e7decb710e5f32c6bff948ca7ef584f8cab89
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 15:20:14 GMT
Last-Modified: Tue, 11 Jul 2023 09:00:32 GMT
ETag: "d5-6003254e5e153"
Content-Length: 213
Cache-Control: max-age=5184000
Expires: Sun, 09 Jun 2024 15:20:14 GMT
Content-Type: image/png
X-Varnish: 550989995 473120112
Age: 1323441
Via: 1.1 brtim1-varnish-5d85b7f48-lwm6b (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: HIT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png

91.241.94.8

200 OK

9.7 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

File type
PNG image data, 111 x 70, 8-bit/color RGBA, non-interlaced
Size
9.7 kB (9748 bytes)
Hash
6da9ebdc999edd3ba3c5e2cde0b01d61
54078e9fa6d1e26ce41028f5057bcc80f031f41e
141c0d48f06736237ded509d4df01a20418e34e54fc5ae4351090ed9dc1570a8

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Cookie: ng_session=eyJpdiI6IkI3emMxZGliTzVWeGw3YzFwd2tXUXc9PSIsInZhbHVlIjoiSmxGVHIvb1ZObjd6em9OSStZem5rMzJ6OE9iQ0IyTU1vWkxKQzNYcXpWMGtXR3N4OVFHY09uT2svWTUrNXJuQTV1RlE0NzVwV05XNFppSGRRVDkrWE01SWR5SDdDOWJ2YVVxcDc2dnNFT2V1OFRBTnlidWZBN3VMR2h1dUlGbHgiLCJtYWMiOiJlNWEzYmNmYzU3MWQ1ZjhhMmZmZmQ5ZjdmYzQxMzkyNmVkMmFmN2QzZDZjNWZkMjAwNjYwMjA5NDI0NWNhZjdkIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6ImQ4NWFKOEhpbWdzQnlDUEpzT2xic1E9PSIsInZhbHVlIjoib0k4RGJqWnZ5cVg4SWNLNExTWk1hb2NYbWc3d0VjM2l4U0VTdkRlUTZyQllyR09NdUg5K3QwczJlekprYjRmTXFNWUdSY2JPaGM3YzFIMWQxQXZkd2ZCRTJ0RXBsOWZqRWJFc3JFeFA0NUE9IiwibWFjIjoiNTBkYjQyNjNhNzI5MzBhZjI4Yjc3NjQyZTE1NjFlOWFiMGY1YTc2MzNiNWMyNTg0YWI1OTNiNzUxNTc5ZDE0NyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik85VUxUblpUL0l5WHFzMjRqSFdrd2c9PSIsInZhbHVlIjoiTktJTkVOTlpBYXN5cWRCZnJpOU12QjB5ek15ZjM0YVRlN0lsNGhPN1kvLzRhNnZCNHBsdEg2ZGVuMm1RTXl0WXhFMmkwOUJ3WkxjeWp1ZWx0cjhPMldLRUQ1WC9xTGllNG1kUDZIWWVqY2s9IiwibWFjIjoiYTUyOTExZmU2NzcwOGUzZGRlYzJjMmY3M2ZiMzY5YzI5NDk3N2IyMDc4YTA5YTA2MjBiNWY3MGRmNWFlNTk1NiIsInRhZyI6IiJ9; userPermID=eyJpdiI6IjdGZmVSVmJ6V0xqUTVpdEtiV2VOUHc9PSIsInZhbHVlIjoiYTRkTVVncjVZbjM4SVdMSWNndStHQXNpZXd2UlJEWG93VVlndG1vbmJaTXF0ajg4RndEay9ZUEtVWXQxd2RpclFFVzAxS1dMR2pKcE1pclFjNy9iQ1YwN21yc2toSU5sN0IyZFlBcHg5Vm89IiwibWFjIjoiNThmOWZmN2U1NDU4N2EwNzJhNmExNGIyMGRiZGI4NTY3ZDAxNjZjNzE5NGUyMjY3NGVmZTVjM2Y5NTFhMDczMiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e8968cfeed7fe752b5e7274af71d28ffb3130f3a70c6a363ba783ac61551c2e7decb710e5f32c6bff948ca7ef584f8cab89
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 15:22:09 GMT
Last-Modified: Wed, 31 Aug 2022 12:35:17 GMT
ETag: "2614-5e788bab358b1"
Content-Length: 9748
Cache-Control: max-age=5184000
Expires: Sun, 09 Jun 2024 15:22:09 GMT
Content-Type: image/png
X-Varnish: 550989996 474925684
Age: 1323325
Via: 1.1 brtim1-varnish-5d85b7f48-lwm6b (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: HIT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW

91.241.94.8

200

51 B

URL GET HTTP/1.1
www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

File type
GIF image data, version 89a, 1 x 1
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Cookie: ng_session=eyJpdiI6IkI3emMxZGliTzVWeGw3YzFwd2tXUXc9PSIsInZhbHVlIjoiSmxGVHIvb1ZObjd6em9OSStZem5rMzJ6OE9iQ0IyTU1vWkxKQzNYcXpWMGtXR3N4OVFHY09uT2svWTUrNXJuQTV1RlE0NzVwV05XNFppSGRRVDkrWE01SWR5SDdDOWJ2YVVxcDc2dnNFT2V1OFRBTnlidWZBN3VMR2h1dUlGbHgiLCJtYWMiOiJlNWEzYmNmYzU3MWQ1ZjhhMmZmZmQ5ZjdmYzQxMzkyNmVkMmFmN2QzZDZjNWZkMjAwNjYwMjA5NDI0NWNhZjdkIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6ImQ4NWFKOEhpbWdzQnlDUEpzT2xic1E9PSIsInZhbHVlIjoib0k4RGJqWnZ5cVg4SWNLNExTWk1hb2NYbWc3d0VjM2l4U0VTdkRlUTZyQllyR09NdUg5K3QwczJlekprYjRmTXFNWUdSY2JPaGM3YzFIMWQxQXZkd2ZCRTJ0RXBsOWZqRWJFc3JFeFA0NUE9IiwibWFjIjoiNTBkYjQyNjNhNzI5MzBhZjI4Yjc3NjQyZTE1NjFlOWFiMGY1YTc2MzNiNWMyNTg0YWI1OTNiNzUxNTc5ZDE0NyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik85VUxUblpUL0l5WHFzMjRqSFdrd2c9PSIsInZhbHVlIjoiTktJTkVOTlpBYXN5cWRCZnJpOU12QjB5ek15ZjM0YVRlN0lsNGhPN1kvLzRhNnZCNHBsdEg2ZGVuMm1RTXl0WXhFMmkwOUJ3WkxjeWp1ZWx0cjhPMldLRUQ1WC9xTGllNG1kUDZIWWVqY2s9IiwibWFjIjoiYTUyOTExZmU2NzcwOGUzZGRlYzJjMmY3M2ZiMzY5YzI5NDk3N2IyMDc4YTA5YTA2MjBiNWY3MGRmNWFlNTk1NiIsInRhZyI6IiJ9; userPermID=eyJpdiI6IjdGZmVSVmJ6V0xqUTVpdEtiV2VOUHc9PSIsInZhbHVlIjoiYTRkTVVncjVZbjM4SVdMSWNndStHQXNpZXd2UlJEWG93VVlndG1vbmJaTXF0ajg4RndEay9ZUEtVWXQxd2RpclFFVzAxS1dMR2pKcE1pclFjNy9iQ1YwN21yc2toSU5sN0IyZFlBcHg5Vm89IiwibWFjIjoiNThmOWZmN2U1NDU4N2EwNzJhNmExNGIyMGRiZGI4NTY3ZDAxNjZjNzE5NGUyMjY3NGVmZTVjM2Y5NTFhMDczMiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e8968cfeed7fe752b5e7274af71d28ffb3130f3a70c6a363ba783ac61551c2e7decb710e5f32c6bff948ca7ef584f8cab89
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Thu, 25 Apr 2024 22:57:34 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg

91.241.94.8

200 OK

46 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 320x480, components 3
Size
46 kB (46164 bytes)
Hash
1624b5dc8b5e63caf616de322bea25b1
627bea45379aab59eda65ba135b9b2f55929d109
e06c79c5477b4060b11e096da1e520d4ff8863525184bfa60a414b5a0490d63d

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52
Cookie: ng_session=eyJpdiI6IkI3emMxZGliTzVWeGw3YzFwd2tXUXc9PSIsInZhbHVlIjoiSmxGVHIvb1ZObjd6em9OSStZem5rMzJ6OE9iQ0IyTU1vWkxKQzNYcXpWMGtXR3N4OVFHY09uT2svWTUrNXJuQTV1RlE0NzVwV05XNFppSGRRVDkrWE01SWR5SDdDOWJ2YVVxcDc2dnNFT2V1OFRBTnlidWZBN3VMR2h1dUlGbHgiLCJtYWMiOiJlNWEzYmNmYzU3MWQ1ZjhhMmZmZmQ5ZjdmYzQxMzkyNmVkMmFmN2QzZDZjNWZkMjAwNjYwMjA5NDI0NWNhZjdkIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6ImQ4NWFKOEhpbWdzQnlDUEpzT2xic1E9PSIsInZhbHVlIjoib0k4RGJqWnZ5cVg4SWNLNExTWk1hb2NYbWc3d0VjM2l4U0VTdkRlUTZyQllyR09NdUg5K3QwczJlekprYjRmTXFNWUdSY2JPaGM3YzFIMWQxQXZkd2ZCRTJ0RXBsOWZqRWJFc3JFeFA0NUE9IiwibWFjIjoiNTBkYjQyNjNhNzI5MzBhZjI4Yjc3NjQyZTE1NjFlOWFiMGY1YTc2MzNiNWMyNTg0YWI1OTNiNzUxNTc5ZDE0NyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik85VUxUblpUL0l5WHFzMjRqSFdrd2c9PSIsInZhbHVlIjoiTktJTkVOTlpBYXN5cWRCZnJpOU12QjB5ek15ZjM0YVRlN0lsNGhPN1kvLzRhNnZCNHBsdEg2ZGVuMm1RTXl0WXhFMmkwOUJ3WkxjeWp1ZWx0cjhPMldLRUQ1WC9xTGllNG1kUDZIWWVqY2s9IiwibWFjIjoiYTUyOTExZmU2NzcwOGUzZGRlYzJjMmY3M2ZiMzY5YzI5NDk3N2IyMDc4YTA5YTA2MjBiNWY3MGRmNWFlNTk1NiIsInRhZyI6IiJ9; userPermID=eyJpdiI6IjdGZmVSVmJ6V0xqUTVpdEtiV2VOUHc9PSIsInZhbHVlIjoiYTRkTVVncjVZbjM4SVdMSWNndStHQXNpZXd2UlJEWG93VVlndG1vbmJaTXF0ajg4RndEay9ZUEtVWXQxd2RpclFFVzAxS1dMR2pKcE1pclFjNy9iQ1YwN21yc2toSU5sN0IyZFlBcHg5Vm89IiwibWFjIjoiNThmOWZmN2U1NDU4N2EwNzJhNmExNGIyMGRiZGI4NTY3ZDAxNjZjNzE5NGUyMjY3NGVmZTVjM2Y5NTFhMDczMiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e8968cfeed7fe752b5e7274af71d28ffb3130f3a70c6a363ba783ac61551c2e7decb710e5f32c6bff948ca7ef584f8cab89
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 15:36:12 GMT
Last-Modified: Wed, 31 Aug 2022 12:35:17 GMT
ETag: "b454-5e788bab452b1"
Content-Length: 46164
Cache-Control: max-age=5184000
Expires: Sun, 09 Jun 2024 15:36:12 GMT
Content-Type: image/jpeg
X-Varnish: 547043574 474757546
Age: 1322482
Via: 1.1 brtim1-varnish-5d85b7f48-6dnqh (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: HIT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive

www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7

142.250.74.168

200 OK

90 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (2212)
Size
90 kB (90331 bytes)
Hash
9ceafc4dace4e9c524c8a67463874b1b
3482932d3986a1585db6e409f3a298725cbe3321
ac95259cca2c5cf790e1326bbad7e374e533e1a247a3c63f95709a1ae2304446

HTTP Headers

GET /gtm.js?id=GTM-MBV8MJ7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 22:57:35 GMT
expires: Thu, 25 Apr 2024 22:57:35 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 21:56:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW

91.220.208.18

200

51 B

URL GET HTTP/1.1
analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW
IP
91.220.208.18:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

File type
GIF image data, version 89a, 1 x 1
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /web/v1/content/view/Confirmation/br_tim/AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW HTTP/1.1
Host: analytics-br-tim.securewebfraud.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Thu, 25 Apr 2024 22:57:35 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=2, max=1000
Connection: Keep-Alive

www.timpromos.com.br/security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW

91.241.94.8

200

0 B

URL GET HTTP/1.1
www.timpromos.com.br/security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3kmZmIwwC67ygAoDEyWNP5-4FLAB51R7SBwmvhO6HvOk7hGD8YKsEHgIseVfQjhW HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Cookie: ng_session=eyJpdiI6IkI3emMxZGliTzVWeGw3YzFwd2tXUXc9PSIsInZhbHVlIjoiSmxGVHIvb1ZObjd6em9OSStZem5rMzJ6OE9iQ0IyTU1vWkxKQzNYcXpWMGtXR3N4OVFHY09uT2svWTUrNXJuQTV1RlE0NzVwV05XNFppSGRRVDkrWE01SWR5SDdDOWJ2YVVxcDc2dnNFT2V1OFRBTnlidWZBN3VMR2h1dUlGbHgiLCJtYWMiOiJlNWEzYmNmYzU3MWQ1ZjhhMmZmZmQ5ZjdmYzQxMzkyNmVkMmFmN2QzZDZjNWZkMjAwNjYwMjA5NDI0NWNhZjdkIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6ImQ4NWFKOEhpbWdzQnlDUEpzT2xic1E9PSIsInZhbHVlIjoib0k4RGJqWnZ5cVg4SWNLNExTWk1hb2NYbWc3d0VjM2l4U0VTdkRlUTZyQllyR09NdUg5K3QwczJlekprYjRmTXFNWUdSY2JPaGM3YzFIMWQxQXZkd2ZCRTJ0RXBsOWZqRWJFc3JFeFA0NUE9IiwibWFjIjoiNTBkYjQyNjNhNzI5MzBhZjI4Yjc3NjQyZTE1NjFlOWFiMGY1YTc2MzNiNWMyNTg0YWI1OTNiNzUxNTc5ZDE0NyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik85VUxUblpUL0l5WHFzMjRqSFdrd2c9PSIsInZhbHVlIjoiTktJTkVOTlpBYXN5cWRCZnJpOU12QjB5ek15ZjM0YVRlN0lsNGhPN1kvLzRhNnZCNHBsdEg2ZGVuMm1RTXl0WXhFMmkwOUJ3WkxjeWp1ZWx0cjhPMldLRUQ1WC9xTGllNG1kUDZIWWVqY2s9IiwibWFjIjoiYTUyOTExZmU2NzcwOGUzZGRlYzJjMmY3M2ZiMzY5YzI5NDk3N2IyMDc4YTA5YTA2MjBiNWY3MGRmNWFlNTk1NiIsInRhZyI6IiJ9; userPermID=eyJpdiI6IjdGZmVSVmJ6V0xqUTVpdEtiV2VOUHc9PSIsInZhbHVlIjoiYTRkTVVncjVZbjM4SVdMSWNndStHQXNpZXd2UlJEWG93VVlndG1vbmJaTXF0ajg4RndEay9ZUEtVWXQxd2RpclFFVzAxS1dMR2pKcE1pclFjNy9iQ1YwN21yc2toSU5sN0IyZFlBcHg5Vm89IiwibWFjIjoiNThmOWZmN2U1NDU4N2EwNzJhNmExNGIyMGRiZGI4NTY3ZDAxNjZjNzE5NGUyMjY3NGVmZTVjM2Y5NTFhMDczMiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e8968cfeed7fe752b5e7274af71d28ffb3130f3a70c6a363ba783ac61551c2e7decb710e5f32c6bff948ca7ef584f8cab89
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Thu, 25 Apr 2024 22:57:35 GMT
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Keep-Alive: timeout=5, max=998
Connection: Keep-Alive
Access-Control-Allow-Origin: *

www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c

142.250.74.168

200 OK

96 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
96 kB (95918 bytes)
Hash
1d210c9cf14f390c4b3c7bad144aabd8
1c62d3df7da5906c7658e95ee0738ee1a0148270
a126549725f65d4300b6e86359f9cdac110c5e08ab59c89e33682984200c4caa

HTTP Headers

GET /gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 22:57:36 GMT
expires: Thu, 25 Apr 2024 22:57:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c

142.250.74.168

200 OK

96 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
96 kB (95974 bytes)
Hash
f688cc521801cf3eee25d0ebc0c8c1e5
1492586d446d239efb15770eb4a08aad1c0bc30e
ea1cc79d2752f98a424cfda1ba1b02a547452714ae6824fcd41d29a4a73bea93

HTTP Headers

GET /gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 22:57:36 GMT
expires: Thu, 25 Apr 2024 22:57:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95974
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=959341389.1714085856&gtm=45je44o0v9100206336z8856739148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=387126580

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=959341389.1714085856&gtm=45je44o0v9100206336z8856739148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=387126580
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D
ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=959341389.1714085856&gtm=45je44o0v9100206336z8856739148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=387126580 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 22:57:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336z8856739148za200&_p=1714085855616&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714085856&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=1742

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336z8856739148za200&_p=1714085855616&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714085856&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=1742
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336z8856739148za200&_p=1714085855616&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714085856&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=1742 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Thu, 25 Apr 2024 22:57:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336z8856739148za200&_p=1714085855616&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1714085856&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=page_view&tfd=1769

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336z8856739148za200&_p=1714085855616&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1714085856&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=page_view&tfd=1769
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336z8856739148za200&_p=1714085855616&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1714085856&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=page_view&tfd=1769 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Thu, 25 Apr 2024 22:57:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336za200&_p=1714085855616&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1714085856&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=6770

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336za200&_p=1714085855616&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1714085856&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=6770
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je44o0v9100206336za200&_p=1714085855616&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=959341389.1714085856&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1714085856&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D662adfde457987000159d84e%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=6770 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Thu, 25 Apr 2024 22:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

142.250.74.106

200 OK

4.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=662adfde457987000159d84e&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (4786), with no line terminators
Size
4.7 kB (4660 bytes)
Hash
2b48c5974579d95fbac9441356a0f0a1
fc74b8d08c416ff32e8e3b7a74fa269fee4dfd9e
039357c344f207706b3f7e4509f6557f875da570d44eb8ad3eb6564a9c454aa0

HTTP Headers

GET /css2?family=Roboto:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 22:57:35 GMT
date: Thu, 25 Apr 2024 22:57:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by