Report - www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd

Report Overview

Submitted URL
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
IP
91.241.94.8
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a
Submitted
2024-05-10 15:39:48
Access
public
Website Title
timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Final URL
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	457 B	1.8 kB	142.250.74.106
www.google.no	25607	2001-02-26	2016-04-05	2024-05-09	601 B	578 B	172.217.21.163
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-09	3.1 kB	1.3 kB	216.239.34.36
www.timpromos.com.br	140429	2015-04-27	2016-06-28	2024-04-17	14 kB	110 kB	91.241.94.8
analytics-br-tim.securewebfraud.io	unknown	2018-05-11	2022-06-26	2024-03-03	462 B	330 B	91.220.208.18
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	1.3 kB	291 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 15:39:23	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2024-05-10 15:39:23	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2024-05-10 15:39:23	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
2024-05-10 15:39:23	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2024-05-10 15:39:23	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2024-05-10 15:39:23	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	unknown	47 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:25:25 Last Seen2024-05-20 20:10:27 Times Seen4937 Hash 2512414f817df8312569d55032748f81 13467df6e962aa77bb36867ff1412e1ba9f8feb1 e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de Loading...

	unknown	37 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-20 22:22:48 Times Seen238896 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	131 kB	2024-05-10	2024-05-10
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 17:39:49 Last Seen2024-05-10 17:39:50 Times Seen1 Hash aa318596b5066108887e8e3d4bba920c 6945c150368130b4527ebe64a19f1a8d137540de e5b9599636e7a48448d9a6c2b0a32e986e8a776f4e56a8fae798fc1e2682f6b2 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	75 B	2023-03-07	2024-05-19
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-05-19 00:57:16 Times Seen666 Hash 219540904c0178c788f7876c475cf695 34be8b20e8abc01ba107bb54f70c2319511043b7 328ca9901193cec5051c6c7fe1404faf85e4ce1cfed2d9bb7bc429a8573d90ca Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 22:23:27 Times Seen350922 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c	285 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:39:50 Last Seen2024-05-10 17:39:50 Times Seen2 Hash 122c7b7b0d44e689d511a9406d442560 d6c32d150e804686d4b55634a356ef4c735b3b9e cc484473de45417fae4f5f502095ce63d4555dc14804eab39acb2da7eb63cd4e Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	548 B	2023-03-07	2024-05-18
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-05-18 21:30:29 Times Seen50 Hash 58e40a18675f7394bc136d3ee190af4a 4f2839b8e560d8ad16436b7b0bbdeb5f6e01c975 fdc254dea572b181abec2e65506bc614620f5cbe6726542d318937355cc783f4 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7	265 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:39:50 Last Seen2024-05-10 17:39:50 Times Seen2 Hash 08f9b4786bc933965ea59e976a34aed2 bae984f3f4edd3ad69111b36644a0e7375ad750a 3069e204bb5266c594ee0b6f4c1d4e6dd388f634cb9225b7ed73ac0b9bd6cfb4 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	245 B	2023-03-07	2024-05-18
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-05-18 21:30:29 Times Seen47 Hash 15466418eff1d341f2f721aa49144685 c8e4fa6f45c0d7412f496749b85decad5a28544a a504092f39c1f308752b0a039e92fbdbe9185febcad9889a29594ae5bdbff3dc Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	1.3 kB	2023-03-07	2024-05-19
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-05-19 00:57:16 Times Seen659 Hash 32107fcc1984fa62bea9d7dbbf932c08 ea6c30a9630a580a1656fb7360431afaf7bd9416 984649f7580993dc5ffefe351760e74f630f271d6593c7dde254f044a5fd4380 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	960 B	2023-10-26	2024-05-18
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-26 14:26:17 Last Seen2024-05-18 21:30:29 Times Seen82 Hash f62e683862cc04acf5d1d65ee9aad719 64b0ffe29f2a527db1a03bda443d3e3018bced88 3bb8a5c4a2cf21d3936c9e3af1978c30363e26be1ff4e024cca572c5c42220cc Loading...

	www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c	285 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:39:50 Last Seen2024-05-10 17:39:50 Times Seen2 Hash badf2ee24ac6729c486bc2f0778e9ecd 7c7ff4a06b3bf0524d6527213f5e6a9d867237bc 77f022450842465f754b9ccfa227886364304cd280934acfb835279aab3a9b71 Loading...

	unknown	79 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-20 22:22:48 Times Seen126819 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	56 B	2023-03-07	2024-05-18
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:38 Last Seen2024-05-18 21:30:30 Times Seen331 Hash e633aa08ae12366911d8e26c62df0ac7 a16f61cc6d9dbd371d1111eaff9b8e9ab3532ad7 4d9920d1b0a027e9d1e7994912dede5626a56cef010170b15fb45edc85f882ed Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249	2.8 kB	2023-11-26	2024-05-18
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Software And Telecommunications Systems S.m.s.a Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-26 13:55:16 Last Seen2024-05-18 21:30:30 Times Seen46 Hash 47306d1d21e67d9a0fba1d0c401ffed1 3a81c074d1a04571e95636b11a66424b61157ff6 b47e9bc8cf1c7713ac45fe84d764a29bac25d39f513f292b41d1db7f8919a2ad Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 22:23:27 Times Seen351437 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

HTTP Transactions (17)

URL IP Response Size

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

91.241.94.8

200 OK

0 B

URL User Request GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 302 Moved Temporarily
Location: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Connection: Keep-Alive
Content-Length: 0
Set-Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; Path=/; Domain=.www.timpromos.com.br

91.241.94.8

200 OK

46 kB

URL User Request GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

File type
HTML document, ASCII text, with very long lines (61289)
Size
46 kB (45463 bytes)
Hash
d84bec10452f4701b71c86ec5dcf3272
168977f5c3faff9d1f74d7e4e61a75eaf548c379
ec79377822378f148b227eb273f19ad467247ee8fb6b7ae28a0e0de53f1b6733

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249 HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 15:39:23 GMT
Cache-Control: no-cache, private
Strict-Transport-Security: max-age=0; includeSubDomains
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
X-Varnish: 599935787
Age: 0
Via: 1.1 brtim1-varnish-5d85b7f48-6dnqh (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: MISS
Access-Control-Allow-Origin: *
Set-Cookie: ng_session=eyJpdiI6IkovUGIzUnJjNDV5dG9QNVErdnY3eFE9PSIsInZhbHVlIjoiU2ZudEVPR3dRb1ZiN0ptaEJOdE0vcnpzdTN1SnFWZnVhUEVsTEw4REkvVjI2MDkvbjB0TGFhaXVkUlRwSVlRZ1o0WjNtZE5TTUtQVlNkOGRWbUxyUm1FczB4a2FXc3NOZGJEMDk0M0FYb0ZHdXpRRGFwK1RHY3NIeWR5UHBOanIiLCJtYWMiOiI1MjE5Y2FjZmFiMWY5NTMwNmNmMzIyYjJhZDg3N2NmYTM4OGU1ZDllODNiZjkxYTNhMzMzMzllMmU4ZGVhYzQ1IiwidGFnIjoiIn0%3D; expires=Fri, 10 May 2024 21:39:23 GMT; Max-Age=21600; path=/; httponly; samesite=lax
ctxid=eyJpdiI6IkZLeEJFdGxXaUdDNUJORVhXSDJ4ZXc9PSIsInZhbHVlIjoiU0k0QnRrTG9iUDNGZkZMUFRVaVVyS2pPeDhLUU1WM0JlTFk3R0ZQWEc0ZlN6cnhoWU8zY0ZrYzlCNzN4VG44R2IxaHMwSTJTZklqZGdGS0xtTEpMRlVIc29Qd0ZjMngrOTNxS0hmY2JhVWM9IiwibWFjIjoiYTcwODhmYmI4NGYzNmRjYjk5MjNiMWY4OTBjNTA5OTVmM2RlYTA5MGU4YzIzMjgzYWNlNzY3MjEwZTJmMTU5YiIsInRhZyI6IiJ9; expires=Mon, 08 May 2034 15:39:23 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
rd=deleted; expires=Thu, 11 May 2023 15:39:22 GMT; Max-Age=0; path=/; httponly; samesite=lax
userSessionID=eyJpdiI6ImU3YW5qUUtsYXVXTVFyUlo2MmRTdnc9PSIsInZhbHVlIjoibW1GYWY0dTZoV3hsRTBjT2tYdGhLejV2WGtsVzNySHc2TkNiZjE3TlJReStFSDR4QitvUEJIeUJjdk1pN2FHUkJ5NUtXODJVTVYzSDlJSFEyZzVCdEJIY2hzSGtBeEZIbWt2dXNRRXV4dFk9IiwibWFjIjoiYjg3NmE4ZDliMzY1MWFkZWJlNjgyMzViZTMzN2IzZjJiY2U3ODZiYTZmYzkyM2NjOGQ0ZGZiZjU1OWEwZDY0MSIsInRhZyI6IiJ9; expires=Fri, 10 May 2024 16:09:23 GMT; Max-Age=1800; path=/; httponly; samesite=lax
userPermID=eyJpdiI6IlpJVFdBRjc4T0R2aUJhaVZtZ0hYOVE9PSIsInZhbHVlIjoiWXkxYWt2SUtVd1llUEUva2hnSmtqRGExRzVLcUFFLzlKRDBRWGtGaFQrNXdIT0NwUCtYdEQvajJTN3VhckxQZUc2OFNtMTlWS25qRERRdHNEVGQ0Y3AyVW9sOXo0VTBna3FiNTBqR0tNcGs9IiwibWFjIjoiNDRhMmI5ZmQ5MTA2YmE1MDgyYzU1OWVlMzk2OGVlMzVmN2I5ZmQ3OTg1M2YwOGE3NGViNGZhYTk1YTMwOTc4YiIsInRhZyI6IiJ9; expires=Mon, 08 May 2034 15:39:23 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; Path=/; Domain=.www.timpromos.com.br
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52

91.241.94.8

200 OK

3.1 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

File type
ASCII text, with CRLF, LF line terminators
Size
3.1 kB (3052 bytes)
Hash
5c68dc7f869919ea52fff1ca7b59900d
54f044e2490c433b166e822f0c794d32ddafc638
02403d4dc531f5ed01df67faa19ec3c8b96a290b8b916668684e6357ad7365a0

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52 HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; ng_session=eyJpdiI6IkovUGIzUnJjNDV5dG9QNVErdnY3eFE9PSIsInZhbHVlIjoiU2ZudEVPR3dRb1ZiN0ptaEJOdE0vcnpzdTN1SnFWZnVhUEVsTEw4REkvVjI2MDkvbjB0TGFhaXVkUlRwSVlRZ1o0WjNtZE5TTUtQVlNkOGRWbUxyUm1FczB4a2FXc3NOZGJEMDk0M0FYb0ZHdXpRRGFwK1RHY3NIeWR5UHBOanIiLCJtYWMiOiI1MjE5Y2FjZmFiMWY5NTMwNmNmMzIyYjJhZDg3N2NmYTM4OGU1ZDllODNiZjkxYTNhMzMzMzllMmU4ZGVhYzQ1IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkZLeEJFdGxXaUdDNUJORVhXSDJ4ZXc9PSIsInZhbHVlIjoiU0k0QnRrTG9iUDNGZkZMUFRVaVVyS2pPeDhLUU1WM0JlTFk3R0ZQWEc0ZlN6cnhoWU8zY0ZrYzlCNzN4VG44R2IxaHMwSTJTZklqZGdGS0xtTEpMRlVIc29Qd0ZjMngrOTNxS0hmY2JhVWM9IiwibWFjIjoiYTcwODhmYmI4NGYzNmRjYjk5MjNiMWY4OTBjNTA5OTVmM2RlYTA5MGU4YzIzMjgzYWNlNzY3MjEwZTJmMTU5YiIsInRhZyI6IiJ9; userSessionID=eyJpdiI6ImU3YW5qUUtsYXVXTVFyUlo2MmRTdnc9PSIsInZhbHVlIjoibW1GYWY0dTZoV3hsRTBjT2tYdGhLejV2WGtsVzNySHc2TkNiZjE3TlJReStFSDR4QitvUEJIeUJjdk1pN2FHUkJ5NUtXODJVTVYzSDlJSFEyZzVCdEJIY2hzSGtBeEZIbWt2dXNRRXV4dFk9IiwibWFjIjoiYjg3NmE4ZDliMzY1MWFkZWJlNjgyMzViZTMzN2IzZjJiY2U3ODZiYTZmYzkyM2NjOGQ0ZGZiZjU1OWEwZDY0MSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IlpJVFdBRjc4T0R2aUJhaVZtZ0hYOVE9PSIsInZhbHVlIjoiWXkxYWt2SUtVd1llUEUva2hnSmtqRGExRzVLcUFFLzlKRDBRWGtGaFQrNXdIT0NwUCtYdEQvajJTN3VhckxQZUc2OFNtMTlWS25qRERRdHNEVGQ0Y3AyVW9sOXo0VTBna3FiNTBqR0tNcGs9IiwibWFjIjoiNDRhMmI5ZmQ5MTA2YmE1MDgyYzU1OWVlMzk2OGVlMzVmN2I5ZmQ3OTg1M2YwOGE3NGViNGZhYTk1YTMwOTc4YiIsInRhZyI6IiJ9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 15:38:37 GMT
Last-Modified: Tue, 11 Jul 2023 09:00:37 GMT
ETag: "56be-600325524041f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3052
Content-Type: text/css
X-Varnish: 605691995 607398725
Age: 46
Via: 1.1 brtim1-varnish-5d85b7f48-lwm6b (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: HIT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png

91.241.94.8

200 OK

9.7 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

File type
PNG image data, 111 x 70, 8-bit/color RGBA, non-interlaced
Size
9.7 kB (9748 bytes)
Hash
6da9ebdc999edd3ba3c5e2cde0b01d61
54078e9fa6d1e26ce41028f5057bcc80f031f41e
141c0d48f06736237ded509d4df01a20418e34e54fc5ae4351090ed9dc1570a8

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; ng_session=eyJpdiI6IkovUGIzUnJjNDV5dG9QNVErdnY3eFE9PSIsInZhbHVlIjoiU2ZudEVPR3dRb1ZiN0ptaEJOdE0vcnpzdTN1SnFWZnVhUEVsTEw4REkvVjI2MDkvbjB0TGFhaXVkUlRwSVlRZ1o0WjNtZE5TTUtQVlNkOGRWbUxyUm1FczB4a2FXc3NOZGJEMDk0M0FYb0ZHdXpRRGFwK1RHY3NIeWR5UHBOanIiLCJtYWMiOiI1MjE5Y2FjZmFiMWY5NTMwNmNmMzIyYjJhZDg3N2NmYTM4OGU1ZDllODNiZjkxYTNhMzMzMzllMmU4ZGVhYzQ1IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkZLeEJFdGxXaUdDNUJORVhXSDJ4ZXc9PSIsInZhbHVlIjoiU0k0QnRrTG9iUDNGZkZMUFRVaVVyS2pPeDhLUU1WM0JlTFk3R0ZQWEc0ZlN6cnhoWU8zY0ZrYzlCNzN4VG44R2IxaHMwSTJTZklqZGdGS0xtTEpMRlVIc29Qd0ZjMngrOTNxS0hmY2JhVWM9IiwibWFjIjoiYTcwODhmYmI4NGYzNmRjYjk5MjNiMWY4OTBjNTA5OTVmM2RlYTA5MGU4YzIzMjgzYWNlNzY3MjEwZTJmMTU5YiIsInRhZyI6IiJ9; userSessionID=eyJpdiI6ImU3YW5qUUtsYXVXTVFyUlo2MmRTdnc9PSIsInZhbHVlIjoibW1GYWY0dTZoV3hsRTBjT2tYdGhLejV2WGtsVzNySHc2TkNiZjE3TlJReStFSDR4QitvUEJIeUJjdk1pN2FHUkJ5NUtXODJVTVYzSDlJSFEyZzVCdEJIY2hzSGtBeEZIbWt2dXNRRXV4dFk9IiwibWFjIjoiYjg3NmE4ZDliMzY1MWFkZWJlNjgyMzViZTMzN2IzZjJiY2U3ODZiYTZmYzkyM2NjOGQ0ZGZiZjU1OWEwZDY0MSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IlpJVFdBRjc4T0R2aUJhaVZtZ0hYOVE9PSIsInZhbHVlIjoiWXkxYWt2SUtVd1llUEUva2hnSmtqRGExRzVLcUFFLzlKRDBRWGtGaFQrNXdIT0NwUCtYdEQvajJTN3VhckxQZUc2OFNtMTlWS25qRERRdHNEVGQ0Y3AyVW9sOXo0VTBna3FiNTBqR0tNcGs9IiwibWFjIjoiNDRhMmI5ZmQ5MTA2YmE1MDgyYzU1OWVlMzk2OGVlMzVmN2I5ZmQ3OTg1M2YwOGE3NGViNGZhYTk1YTMwOTc4YiIsInRhZyI6IiJ9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 15:22:09 GMT
Last-Modified: Wed, 31 Aug 2022 12:35:17 GMT
ETag: "2614-5e788bab358b1"
Content-Length: 9748
Cache-Control: max-age=5184000
Expires: Sun, 09 Jun 2024 15:22:09 GMT
Content-Type: image/png
X-Varnish: 608013946 474925684
Age: 2593034
Via: 1.1 brtim1-varnish-5d85b7f48-lwm6b (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: HIT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn

91.241.94.8

200

51 B

URL GET HTTP/1.1
www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

File type
GIF image data, version 89a, 1 x 1
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; ng_session=eyJpdiI6IkovUGIzUnJjNDV5dG9QNVErdnY3eFE9PSIsInZhbHVlIjoiU2ZudEVPR3dRb1ZiN0ptaEJOdE0vcnpzdTN1SnFWZnVhUEVsTEw4REkvVjI2MDkvbjB0TGFhaXVkUlRwSVlRZ1o0WjNtZE5TTUtQVlNkOGRWbUxyUm1FczB4a2FXc3NOZGJEMDk0M0FYb0ZHdXpRRGFwK1RHY3NIeWR5UHBOanIiLCJtYWMiOiI1MjE5Y2FjZmFiMWY5NTMwNmNmMzIyYjJhZDg3N2NmYTM4OGU1ZDllODNiZjkxYTNhMzMzMzllMmU4ZGVhYzQ1IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkZLeEJFdGxXaUdDNUJORVhXSDJ4ZXc9PSIsInZhbHVlIjoiU0k0QnRrTG9iUDNGZkZMUFRVaVVyS2pPeDhLUU1WM0JlTFk3R0ZQWEc0ZlN6cnhoWU8zY0ZrYzlCNzN4VG44R2IxaHMwSTJTZklqZGdGS0xtTEpMRlVIc29Qd0ZjMngrOTNxS0hmY2JhVWM9IiwibWFjIjoiYTcwODhmYmI4NGYzNmRjYjk5MjNiMWY4OTBjNTA5OTVmM2RlYTA5MGU4YzIzMjgzYWNlNzY3MjEwZTJmMTU5YiIsInRhZyI6IiJ9; userSessionID=eyJpdiI6ImU3YW5qUUtsYXVXTVFyUlo2MmRTdnc9PSIsInZhbHVlIjoibW1GYWY0dTZoV3hsRTBjT2tYdGhLejV2WGtsVzNySHc2TkNiZjE3TlJReStFSDR4QitvUEJIeUJjdk1pN2FHUkJ5NUtXODJVTVYzSDlJSFEyZzVCdEJIY2hzSGtBeEZIbWt2dXNRRXV4dFk9IiwibWFjIjoiYjg3NmE4ZDliMzY1MWFkZWJlNjgyMzViZTMzN2IzZjJiY2U3ODZiYTZmYzkyM2NjOGQ0ZGZiZjU1OWEwZDY0MSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IlpJVFdBRjc4T0R2aUJhaVZtZ0hYOVE9PSIsInZhbHVlIjoiWXkxYWt2SUtVd1llUEUva2hnSmtqRGExRzVLcUFFLzlKRDBRWGtGaFQrNXdIT0NwUCtYdEQvajJTN3VhckxQZUc2OFNtMTlWS25qRERRdHNEVGQ0Y3AyVW9sOXo0VTBna3FiNTBqR0tNcGs9IiwibWFjIjoiNDRhMmI5ZmQ5MTA2YmE1MDgyYzU1OWVlMzk2OGVlMzVmN2I5ZmQ3OTg1M2YwOGE3NGViNGZhYTk1YTMwOTc4YiIsInRhZyI6IiJ9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 10 May 2024 15:39:24 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png

91.241.94.8

200 OK

213 B

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

File type
PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced
Size
213 B (213 bytes)
Hash
d249b874e72ea9acce9f630517b48c4e
78a06a4b69bbd59d7fa9c70723640c775caf37cc
1861c75e1a0c132e357bccf763069d785f5954fe959d784abb1773f93b87bd28

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; ng_session=eyJpdiI6IkovUGIzUnJjNDV5dG9QNVErdnY3eFE9PSIsInZhbHVlIjoiU2ZudEVPR3dRb1ZiN0ptaEJOdE0vcnpzdTN1SnFWZnVhUEVsTEw4REkvVjI2MDkvbjB0TGFhaXVkUlRwSVlRZ1o0WjNtZE5TTUtQVlNkOGRWbUxyUm1FczB4a2FXc3NOZGJEMDk0M0FYb0ZHdXpRRGFwK1RHY3NIeWR5UHBOanIiLCJtYWMiOiI1MjE5Y2FjZmFiMWY5NTMwNmNmMzIyYjJhZDg3N2NmYTM4OGU1ZDllODNiZjkxYTNhMzMzMzllMmU4ZGVhYzQ1IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkZLeEJFdGxXaUdDNUJORVhXSDJ4ZXc9PSIsInZhbHVlIjoiU0k0QnRrTG9iUDNGZkZMUFRVaVVyS2pPeDhLUU1WM0JlTFk3R0ZQWEc0ZlN6cnhoWU8zY0ZrYzlCNzN4VG44R2IxaHMwSTJTZklqZGdGS0xtTEpMRlVIc29Qd0ZjMngrOTNxS0hmY2JhVWM9IiwibWFjIjoiYTcwODhmYmI4NGYzNmRjYjk5MjNiMWY4OTBjNTA5OTVmM2RlYTA5MGU4YzIzMjgzYWNlNzY3MjEwZTJmMTU5YiIsInRhZyI6IiJ9; userSessionID=eyJpdiI6ImU3YW5qUUtsYXVXTVFyUlo2MmRTdnc9PSIsInZhbHVlIjoibW1GYWY0dTZoV3hsRTBjT2tYdGhLejV2WGtsVzNySHc2TkNiZjE3TlJReStFSDR4QitvUEJIeUJjdk1pN2FHUkJ5NUtXODJVTVYzSDlJSFEyZzVCdEJIY2hzSGtBeEZIbWt2dXNRRXV4dFk9IiwibWFjIjoiYjg3NmE4ZDliMzY1MWFkZWJlNjgyMzViZTMzN2IzZjJiY2U3ODZiYTZmYzkyM2NjOGQ0ZGZiZjU1OWEwZDY0MSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IlpJVFdBRjc4T0R2aUJhaVZtZ0hYOVE9PSIsInZhbHVlIjoiWXkxYWt2SUtVd1llUEUva2hnSmtqRGExRzVLcUFFLzlKRDBRWGtGaFQrNXdIT0NwUCtYdEQvajJTN3VhckxQZUc2OFNtMTlWS25qRERRdHNEVGQ0Y3AyVW9sOXo0VTBna3FiNTBqR0tNcGs9IiwibWFjIjoiNDRhMmI5ZmQ5MTA2YmE1MDgyYzU1OWVlMzk2OGVlMzVmN2I5ZmQ3OTg1M2YwOGE3NGViNGZhYTk1YTMwOTc4YiIsInRhZyI6IiJ9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 15:20:14 GMT
Last-Modified: Tue, 11 Jul 2023 09:00:32 GMT
ETag: "d5-6003254e5e153"
Content-Length: 213
Cache-Control: max-age=5184000
Expires: Sun, 09 Jun 2024 15:20:14 GMT
Content-Type: image/png
X-Varnish: 605549475 473120112
Age: 2593149
Via: 1.1 brtim1-varnish-5d85b7f48-lwm6b (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: HIT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn

91.220.208.18

200

51 B

URL GET HTTP/1.1
analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn
IP
91.220.208.18:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

File type
GIF image data, version 89a, 1 x 1
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /web/v1/content/view/Confirmation/br_tim/AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn HTTP/1.1
Host: analytics-br-tim.securewebfraud.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 10 May 2024 15:39:23 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=2, max=1000
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg

91.241.94.8

200 OK

46 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 320x480, components 3
Size
46 kB (46164 bytes)
Hash
1624b5dc8b5e63caf616de322bea25b1
627bea45379aab59eda65ba135b9b2f55929d109
e06c79c5477b4060b11e096da1e520d4ff8863525184bfa60a414b5a0490d63d

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52
Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; ng_session=eyJpdiI6IkovUGIzUnJjNDV5dG9QNVErdnY3eFE9PSIsInZhbHVlIjoiU2ZudEVPR3dRb1ZiN0ptaEJOdE0vcnpzdTN1SnFWZnVhUEVsTEw4REkvVjI2MDkvbjB0TGFhaXVkUlRwSVlRZ1o0WjNtZE5TTUtQVlNkOGRWbUxyUm1FczB4a2FXc3NOZGJEMDk0M0FYb0ZHdXpRRGFwK1RHY3NIeWR5UHBOanIiLCJtYWMiOiI1MjE5Y2FjZmFiMWY5NTMwNmNmMzIyYjJhZDg3N2NmYTM4OGU1ZDllODNiZjkxYTNhMzMzMzllMmU4ZGVhYzQ1IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkZLeEJFdGxXaUdDNUJORVhXSDJ4ZXc9PSIsInZhbHVlIjoiU0k0QnRrTG9iUDNGZkZMUFRVaVVyS2pPeDhLUU1WM0JlTFk3R0ZQWEc0ZlN6cnhoWU8zY0ZrYzlCNzN4VG44R2IxaHMwSTJTZklqZGdGS0xtTEpMRlVIc29Qd0ZjMngrOTNxS0hmY2JhVWM9IiwibWFjIjoiYTcwODhmYmI4NGYzNmRjYjk5MjNiMWY4OTBjNTA5OTVmM2RlYTA5MGU4YzIzMjgzYWNlNzY3MjEwZTJmMTU5YiIsInRhZyI6IiJ9; userSessionID=eyJpdiI6ImU3YW5qUUtsYXVXTVFyUlo2MmRTdnc9PSIsInZhbHVlIjoibW1GYWY0dTZoV3hsRTBjT2tYdGhLejV2WGtsVzNySHc2TkNiZjE3TlJReStFSDR4QitvUEJIeUJjdk1pN2FHUkJ5NUtXODJVTVYzSDlJSFEyZzVCdEJIY2hzSGtBeEZIbWt2dXNRRXV4dFk9IiwibWFjIjoiYjg3NmE4ZDliMzY1MWFkZWJlNjgyMzViZTMzN2IzZjJiY2U3ODZiYTZmYzkyM2NjOGQ0ZGZiZjU1OWEwZDY0MSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IlpJVFdBRjc4T0R2aUJhaVZtZ0hYOVE9PSIsInZhbHVlIjoiWXkxYWt2SUtVd1llUEUva2hnSmtqRGExRzVLcUFFLzlKRDBRWGtGaFQrNXdIT0NwUCtYdEQvajJTN3VhckxQZUc2OFNtMTlWS25qRERRdHNEVGQ0Y3AyVW9sOXo0VTBna3FiNTBqR0tNcGs9IiwibWFjIjoiNDRhMmI5ZmQ5MTA2YmE1MDgyYzU1OWVlMzk2OGVlMzVmN2I5ZmQ3OTg1M2YwOGE3NGViNGZhYTk1YTMwOTc4YiIsInRhZyI6IiJ9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 16:36:41 GMT
Last-Modified: Wed, 31 Aug 2022 12:35:17 GMT
ETag: "b454-5e788bab452b1"
Content-Length: 46164
Cache-Control: max-age=5184000
Expires: Sun, 09 Jun 2024 16:36:41 GMT
Content-Type: image/jpeg
X-Varnish: 608013948 473125085
Age: 2588562
Via: 1.1 brtim1-varnish-5d85b7f48-lwm6b (Varnish/7.4)
Accept-Ranges: bytes
X-Cache: HIT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive

www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7

142.250.74.168

200 OK

94 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (2202)
Size
94 kB (94057 bytes)
Hash
08f9b4786bc933965ea59e976a34aed2
bae984f3f4edd3ad69111b36644a0e7375ad750a
3069e204bb5266c594ee0b6f4c1d4e6dd388f634cb9225b7ed73ac0b9bd6cfb4

HTTP Headers

GET /gtm.js?id=GTM-MBV8MJ7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 15:39:24 GMT
expires: Fri, 10 May 2024 15:39:24 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94057
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.timpromos.com.br/security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn

91.241.94.8

200

0 B

URL GET HTTP/1.1
www.timpromos.com.br/security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn
IP
91.241.94.8:80
ASN
#49582 Upstream Software And Telecommunications Systems S.m.s.a

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3klMe-xYsD7LboLFXdU1SByw6aG_7srq-grMDTIEUBKRzxIdybz5Iuy43vV9gXxn HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Cookie: TS01c950bd=01b02e3e893b435504b707d4cec8afd6441add0e186c050953c4941eadff528105399049858e3250c2aa86e44b2fcc29a3d8c99970; ng_session=eyJpdiI6IkovUGIzUnJjNDV5dG9QNVErdnY3eFE9PSIsInZhbHVlIjoiU2ZudEVPR3dRb1ZiN0ptaEJOdE0vcnpzdTN1SnFWZnVhUEVsTEw4REkvVjI2MDkvbjB0TGFhaXVkUlRwSVlRZ1o0WjNtZE5TTUtQVlNkOGRWbUxyUm1FczB4a2FXc3NOZGJEMDk0M0FYb0ZHdXpRRGFwK1RHY3NIeWR5UHBOanIiLCJtYWMiOiI1MjE5Y2FjZmFiMWY5NTMwNmNmMzIyYjJhZDg3N2NmYTM4OGU1ZDllODNiZjkxYTNhMzMzMzllMmU4ZGVhYzQ1IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkZLeEJFdGxXaUdDNUJORVhXSDJ4ZXc9PSIsInZhbHVlIjoiU0k0QnRrTG9iUDNGZkZMUFRVaVVyS2pPeDhLUU1WM0JlTFk3R0ZQWEc0ZlN6cnhoWU8zY0ZrYzlCNzN4VG44R2IxaHMwSTJTZklqZGdGS0xtTEpMRlVIc29Qd0ZjMngrOTNxS0hmY2JhVWM9IiwibWFjIjoiYTcwODhmYmI4NGYzNmRjYjk5MjNiMWY4OTBjNTA5OTVmM2RlYTA5MGU4YzIzMjgzYWNlNzY3MjEwZTJmMTU5YiIsInRhZyI6IiJ9; userSessionID=eyJpdiI6ImU3YW5qUUtsYXVXTVFyUlo2MmRTdnc9PSIsInZhbHVlIjoibW1GYWY0dTZoV3hsRTBjT2tYdGhLejV2WGtsVzNySHc2TkNiZjE3TlJReStFSDR4QitvUEJIeUJjdk1pN2FHUkJ5NUtXODJVTVYzSDlJSFEyZzVCdEJIY2hzSGtBeEZIbWt2dXNRRXV4dFk9IiwibWFjIjoiYjg3NmE4ZDliMzY1MWFkZWJlNjgyMzViZTMzN2IzZjJiY2U3ODZiYTZmYzkyM2NjOGQ0ZGZiZjU1OWEwZDY0MSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IlpJVFdBRjc4T0R2aUJhaVZtZ0hYOVE9PSIsInZhbHVlIjoiWXkxYWt2SUtVd1llUEUva2hnSmtqRGExRzVLcUFFLzlKRDBRWGtGaFQrNXdIT0NwUCtYdEQvajJTN3VhckxQZUc2OFNtMTlWS25qRERRdHNEVGQ0Y3AyVW9sOXo0VTBna3FiNTBqR0tNcGs9IiwibWFjIjoiNDRhMmI5ZmQ5MTA2YmE1MDgyYzU1OWVlMzk2OGVlMzVmN2I5ZmQ3OTg1M2YwOGE3NGViNGZhYTk1YTMwOTc4YiIsInRhZyI6IiJ9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 10 May 2024 15:39:24 GMT
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Keep-Alive: timeout=5, max=998
Connection: Keep-Alive
Access-Control-Allow-Origin: *

fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1168 bytes)
Hash
388afc0166f1d619f6249cb1f874e733
b7a855179381c039dcecb5d6c4ed50cde19e4d99
0fe764ea8585e0eec146ea67b57a7aab7e2a222c92bbc4821fb4a706e17e9184

HTTP Headers

GET /css2?family=Roboto:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 15:39:24 GMT
date: Fri, 10 May 2024 15:39:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c

142.250.74.168

200 OK

98 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
98 kB (97566 bytes)
Hash
122c7b7b0d44e689d511a9406d442560
d6c32d150e804686d4b55634a356ef4c735b3b9e
cc484473de45417fae4f5f502095ce63d4555dc14804eab39acb2da7eb63cd4e

HTTP Headers

GET /gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 15:39:24 GMT
expires: Fri, 10 May 2024 15:39:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c

142.250.74.168

200 OK

98 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
98 kB (97592 bytes)
Hash
badf2ee24ac6729c486bc2f0778e9ecd
7c7ff4a06b3bf0524d6527213f5e6a9d867237bc
77f022450842465f754b9ccfa227886364304cd280934acfb835279aab3a9b71

HTTP Headers

GET /gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 15:39:24 GMT
expires: Fri, 10 May 2024 15:39:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=527873880.1715355565&gtm=45je4580v9100206336z8856739148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1703678859

172.217.21.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=527873880.1715355565&gtm=45je4580v9100206336z8856739148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1703678859
IP
172.217.21.163:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=527873880.1715355565&gtm=45je4580v9100206336z8856739148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1703678859 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 May 2024 15:39:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336z8856739148za200&_p=1715355564336&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715355565&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=2468

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336z8856739148za200&_p=1715355564336&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715355565&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=2468
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336z8856739148za200&_p=1715355564336&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715355565&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=2468 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Fri, 10 May 2024 15:39:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336z8856739148za200&_p=1715355564336&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&sid=1715355565&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=page_view&tfd=2491

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336z8856739148za200&_p=1715355564336&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&sid=1715355565&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=page_view&tfd=2491
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336z8856739148za200&_p=1715355564336&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=2&sid=1715355565&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=page_view&tfd=2491 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Fri, 10 May 2024 15:39:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336za200&_p=1715355564336&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1715355565&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=7492

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336za200&_p=1715355564336&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1715355565&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=7492
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=663e3f8c67251f000130764c&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je4580v9100206336za200&_p=1715355564336&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=527873880.1715355565&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1715355565&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D663e3f8c67251f000130764c%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=7492 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Fri, 10 May 2024 15:39:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by