Report - track.trendbymarketgap.shop/e7cfce57-d89a-42cc-aa31-96408dd0c8f8

Report Overview

Visited public
2023-12-08 16:16:00
Tags
URL
track.trendbymarketgap.shop/e7cfce57-d89a-42cc-aa31-96408dd0c8f8
Finishing URL
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
IP / ASN
18.193.209.105
#16509 AMAZON-02
Title
timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
track.trendbymarketgap.shop	unknown	2023-05-29	2023-09-27 11:13:45	2023-12-01 20:15:10	530 B	863 B	18.193.209.105
lightdigital.g2afse.com	270032	2019-02-26	2022-03-26 14:13:16	2023-12-04 08:22:03	547 B	679 B	34.91.145.202
www.timpromos.com.br	140429	2015-04-27	2016-06-28 13:11:23	2023-12-03 05:53:07	13 kB	109 kB	91.241.94.8
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-08 05:47:56	1.4 kB	253 kB	142.250.74.168
analytics-br-tim.securewebfraud.io	unknown	2018-05-11	2022-06-26 04:48:09	2023-12-06 20:14:44	474 B	330 B	91.220.208.18
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-08 07:38:21	597 B	578 B	142.250.74.163
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-08 05:12:42	3.0 kB	1.3 kB	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-08 16:15:49	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2023-12-08 16:15:49	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2023-12-08 16:15:49	low	91.241.94.8	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	134 kB	2024-08-20	2024-08-20
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:21 Last Seen2024-08-20 16:21 Times Seen1 Hash 415ab22e6bab068a938a710d51f6dc16 d689c978dcc3b8270fca0e61ddecf12b17993872 380b0b5032d07b0678a606976e99284cbcb2fed0d22fd107eb8c009acb6e8053 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	75 B	2023-03-07	2025-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42 Last Seen2025-04-26 07:19 Times Seen579 Hash 219540904c0178c788f7876c475cf695 34be8b20e8abc01ba107bb54f70c2319511043b7 328ca9901193cec5051c6c7fe1404faf85e4ce1cfed2d9bb7bc429a8573d90ca Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	548 B	2023-03-07	2025-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42 Last Seen2025-04-26 07:19 Times Seen100 Hash 58e40a18675f7394bc136d3ee190af4a 4f2839b8e560d8ad16436b7b0bbdeb5f6e01c975 fdc254dea572b181abec2e65506bc614620f5cbe6726542d318937355cc783f4 Loading...

	www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c	ScriptElement	258 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 17:16 Last Seen2023-12-08 17:16 Times Seen1 Hash 073223658d4dfe2493c373941678db84 ae8f65563bf013023be79401f451c677d0edafaf 9a4a9c4d9d6872c35ee1f22c1e1b2de5d202a66ddc2d85b78fd866ff4abfc603 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-09 10:57 Times Seen263340 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	245 B	2023-03-07	2024-08-20
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42 Last Seen2024-08-20 17:52 Times Seen81 Hash 15466418eff1d341f2f721aa49144685 c8e4fa6f45c0d7412f496749b85decad5a28544a a504092f39c1f308752b0a039e92fbdbe9185febcad9889a29594ae5bdbff3dc Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 10:56 Times Seen340619 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	Function	79 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-09 09:18 Times Seen112368 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	1.3 kB	2023-03-07	2025-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42 Last Seen2025-04-26 07:19 Times Seen563 Hash 32107fcc1984fa62bea9d7dbbf932c08 ea6c30a9630a580a1656fb7360431afaf7bd9416 984649f7580993dc5ffefe351760e74f630f271d6593c7dde254f044a5fd4380 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	960 B	2023-10-26	2024-08-21
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-26 14:26 Last Seen2024-08-21 03:18 Times Seen150 Hash f62e683862cc04acf5d1d65ee9aad719 64b0ffe29f2a527db1a03bda443d3e3018bced88 3bb8a5c4a2cf21d3936c9e3af1978c30363e26be1ff4e024cca572c5c42220cc Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7	ScriptElement	206 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 17:16 Last Seen2023-12-08 17:16 Times Seen1 Hash 3c0efa7e3375e140fcb5c81a54049d6b ca69cf18f4934f6da4e4c8b65b1cdca4405c6c8f 88b11c4bb606ea67e99a4664d8f322074657fb0a2e9a3aeebcee9172828aa256 Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 10:56 Times Seen341420 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	56 B	2023-03-07	2025-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42 Last Seen2025-04-26 07:19 Times Seen256 Hash e633aa08ae12366911d8e26c62df0ac7 a16f61cc6d9dbd371d1111eaff9b8e9ab3532ad7 4d9920d1b0a027e9d1e7994912dede5626a56cef010170b15fb45edc85f882ed Loading...

	unknown	Function	47 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:25 Last Seen2025-05-09 06:30 Times Seen5874 Hash 2512414f817df8312569d55032748f81 13467df6e962aa77bb36867ff1412e1ba9f8feb1 e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de Loading...

	www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249	ScriptElement	2.8 kB	2023-11-26	2025-04-26
Pretty URL www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 IP 91.241.94.8 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-26 13:55 Last Seen2025-04-26 07:19 Times Seen99 Hash 47306d1d21e67d9a0fba1d0c401ffed1 3a81c074d1a04571e95636b11a66424b61157ff6 b47e9bc8cf1c7713ac45fe84d764a29bac25d39f513f292b41d1db7f8919a2ad Loading...

	www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c	ScriptElement	258 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 17:16 Last Seen2023-12-08 17:16 Times Seen1 Hash ec4120e0507f094b4d2968a5a75dbde5 7d9867fd276f77e7fc6d28181f5e6b3680e54d27 efe741e9581be195e9ddda23425c56d384c2277e26f1443182a293471af4d410 Loading...

HTTP Transactions (17)

URL IP Response Size

track.trendbymarketgap.shop/e7cfce57-d89a-42cc-aa31-96408dd0c8f8

18.193.209.105

302 Found

0 B

URL User Request GET HTTP/2
track.trendbymarketgap.shop/e7cfce57-d89a-42cc-aa31-96408dd0c8f8
IP
18.193.209.105:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjecttrack.trendbymarketgap.shop
Fingerprint38:53:EB:70:3B:1B:D2:6A:6A:FF:2E:B4:EF:66:5E:D2:3F:1F:2E:5E
ValidityTue, 28 Nov 2023 06:48:19 GMT - Mon, 26 Feb 2024 06:48:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e7cfce57-d89a-42cc-aa31-96408dd0c8f8 HTTP/1.1
Host: track.trendbymarketgap.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 08 Dec 2023 16:15:41 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://lightdigital.g2afse.com/click?pid=249&offer_id=6885&sub1=wf7h2c8itg5gj8jtiun37iai
pragma: no-cache
set-cookie: e7cfce57-d89a-42cc-aa31-96408dd0c8f8-v4=7FLxf2m75ZwsTHJACZmYWbP4aDX4O7ZpKPp-QQmQu8g; Max-Age=86400; Expires=Sat, 09-Dec-2023 16:15:41 GMT; Domain=track.trendbymarketgap.shop; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=2lPgnX0HcBwq6vHD5qg7BbM7YB8L5q193vLPLIY%2FnyHhtfbn1YmHYPWNG6PZ%2FDjRhuTT0XkwupqKHQzEtTgSn%2BTE5S7Ac5JpNmrYizux%2FG7U1qf0VpvnBTmaHGbPkZPZFm7%2FljtDjzE5JVrgkYYT2w%3D%3D; Max-Age=31536000; Expires=Sat, 07-Dec-2024 16:15:41 GMT; Domain=track.trendbymarketgap.shop; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

lightdigital.g2afse.com/click?pid=249&offer_id=6885&sub1=wf7h2c8itg5gj8jtiun37iai

34.91.145.202

302 Found

0 B

URL User Request GET HTTP/2
lightdigital.g2afse.com/click?pid=249&offer_id=6885&sub1=wf7h2c8itg5gj8jtiun37iai
IP
34.91.145.202:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerDigiCert Inc
Subject*.g2afse.com
Fingerprint3A:C2:12:6C:59:0C:A9:12:C1:47:C8:05:B6:0F:75:69:7A:76:D6:85
ValidityMon, 28 Aug 2023 00:00:00 GMT - Wed, 04 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=249&offer_id=6885&sub1=wf7h2c8itg5gj8jtiun37iai HTTP/1.1
Host: lightdigital.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 08 Dec 2023 16:15:41 GMT
content-length: 0
location: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6573412dc5c3ad0001257fba; expires=Sat, 07 Dec 2024 16:15:41 GMT; secure; SameSite=None
afoffers={"6885":1702052141}; expires=Sat, 07 Dec 2024 16:15:41 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

91.241.94.8

200 OK

46 kB

URL User Request GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
IP
91.241.94.8:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (61395)
Size
46 kB (45510 bytes)
Hash
c50b0a7d5d94b6e37c9e53bcbd45e8b4
80b2e857139acd4666f6c5d1931aa27b1710ac32
e1fb5ab68a9b16a92406645051600809ee51d20b4cbf4ff453ce50699f789b26

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249 HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:15:42 GMT
Cache-Control: no-cache, private
Strict-Transport-Security: max-age=0; includeSubDomains
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
X-Varnish: 65124843
Age: 0
Via: 1.1 varnish (Varnish/6.0)
X-Cache: MISS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Set-Cookie: ng_session=eyJpdiI6IktlNlJWaTJTQzFxdVBhNTU4SVFyTmc9PSIsInZhbHVlIjoiT0VJUStSNFVxY1VBLzZycFl2MVdDNkEvZXJyOHJoUGIxaWViNmtzb0wvVThnTWcyL3JLQ1pRb1RjVUtFaVZJdEZ4dTZSakc2ZmhjZHZuazZpOXh6aVpvKzJqb3Y5Z1M1TzFVUzQzSWpjdEJnUUFiYzFvbnRvSWpjeW1NYXgvMWkiLCJtYWMiOiJiNDRjZGFjNGM5ZDliNTQ4YmRkOWQ2Mzk1YmNkNGE0NmJkMGEyYjk1N2E4YTYxN2VjMjAwZjQ3NWFiZWNlYzBjIiwidGFnIjoiIn0%3D; expires=Fri, 08 Dec 2023 22:15:42 GMT; Max-Age=21600; path=/; httponly; samesite=lax
ctxid=eyJpdiI6IlovUnIwS2hyMTRuUS9zTVhLcVJ3M0E9PSIsInZhbHVlIjoiMmJIck9oYUozWEppWElxNWRycTFKN2wrcll5WHYyeHZVbUI0VG9jU203eTdrY2ZNenkzbDVIZC9IRmg0QnFpSTJEcS9qZ1cvOTRCTVVFNHFMbUVtUG1jaWFSb1hiNy9jR3BrRURjYWUwOVk9IiwibWFjIjoiYTYyNjRmNjU4MzJjNGM4OGNiNGJjNjgyMWE1OWVjMjViYzdjYWFiZWU3YTZjMzM1ZTE4OTM4YmU5MTZmOTk1OCIsInRhZyI6IiJ9; expires=Mon, 05 Dec 2033 16:15:42 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
rd=deleted; expires=Thu, 08 Dec 2022 16:15:41 GMT; Max-Age=0; path=/; httponly; samesite=lax
userSessionID=eyJpdiI6IlFZTEM1L1ErVklNcFVVSU1GdXlTOEE9PSIsInZhbHVlIjoiRHhSNlZGeHAwNDhhZjBrcVBMMUZqdS9SRDl3b203bzFncXdiVVlqbVAzWmRYNWxJU0dZZzJTL3BlSHQ4V3JRcWZYL2Rub25RMVlUQzFiNEltekJDWUxaRi91Y2pvTW1VWDZqNmJyZ2Z6Y289IiwibWFjIjoiYTNiNWNhN2RjNWI4ZWJkNWNlMDdmNDZjZDNmNzU1NTNkMGQ0ZTAyZGIxMGViMTExNTFhOTg4OWRiNjYyYzlkZCIsInRhZyI6IiJ9; expires=Fri, 08 Dec 2023 16:45:42 GMT; Max-Age=1800; path=/; httponly; samesite=lax
userPermID=eyJpdiI6InRsL2JvMFd4NFJ0ejJaNXY0c0MxYkE9PSIsInZhbHVlIjoiOWtkQlhuOVl2ZFVHMUsycW5lV0pQbGxMNlJ1OUtMZHhtVE1pTlpvTnpHUDVhbVJseXhXdHZ1eFQ4NG9jKzhESDNyRW43QUZnblVmUVB3REF6MWl5UWFpVFI4czNqalRKdXVkSGduSWRodDA9IiwibWFjIjoiMTZjMDQyODc5NDNhYjhmZDc1YmM3NTNkNTFlMWFjY2RjNGFlOWNlZTk5NmMxZjc5OWY2N2NkNTgzNDBkODM4MyIsInRhZyI6IiJ9; expires=Mon, 05 Dec 2033 16:15:42 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
TS01c950bd=01b02e3e892073c5acafe3484717da8b38a4a0efc3090b3da6dc5e1622c6a7259e1b78b00b73c258c25157b3bf3be20b9bbaeb133b; Path=/; Domain=.www.timpromos.com.br
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52

91.241.94.8

200 OK

3.1 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52
IP
91.241.94.8:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

File type
ASCII text, with CRLF, LF line terminators
Size
3.1 kB (3052 bytes)
Hash
5c68dc7f869919ea52fff1ca7b59900d
54f044e2490c433b166e822f0c794d32ddafc638
02403d4dc531f5ed01df67faa19ec3c8b96a290b8b916668684e6357ad7365a0

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52 HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Cookie: ng_session=eyJpdiI6IktlNlJWaTJTQzFxdVBhNTU4SVFyTmc9PSIsInZhbHVlIjoiT0VJUStSNFVxY1VBLzZycFl2MVdDNkEvZXJyOHJoUGIxaWViNmtzb0wvVThnTWcyL3JLQ1pRb1RjVUtFaVZJdEZ4dTZSakc2ZmhjZHZuazZpOXh6aVpvKzJqb3Y5Z1M1TzFVUzQzSWpjdEJnUUFiYzFvbnRvSWpjeW1NYXgvMWkiLCJtYWMiOiJiNDRjZGFjNGM5ZDliNTQ4YmRkOWQ2Mzk1YmNkNGE0NmJkMGEyYjk1N2E4YTYxN2VjMjAwZjQ3NWFiZWNlYzBjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IlovUnIwS2hyMTRuUS9zTVhLcVJ3M0E9PSIsInZhbHVlIjoiMmJIck9oYUozWEppWElxNWRycTFKN2wrcll5WHYyeHZVbUI0VG9jU203eTdrY2ZNenkzbDVIZC9IRmg0QnFpSTJEcS9qZ1cvOTRCTVVFNHFMbUVtUG1jaWFSb1hiNy9jR3BrRURjYWUwOVk9IiwibWFjIjoiYTYyNjRmNjU4MzJjNGM4OGNiNGJjNjgyMWE1OWVjMjViYzdjYWFiZWU3YTZjMzM1ZTE4OTM4YmU5MTZmOTk1OCIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlFZTEM1L1ErVklNcFVVSU1GdXlTOEE9PSIsInZhbHVlIjoiRHhSNlZGeHAwNDhhZjBrcVBMMUZqdS9SRDl3b203bzFncXdiVVlqbVAzWmRYNWxJU0dZZzJTL3BlSHQ4V3JRcWZYL2Rub25RMVlUQzFiNEltekJDWUxaRi91Y2pvTW1VWDZqNmJyZ2Z6Y289IiwibWFjIjoiYTNiNWNhN2RjNWI4ZWJkNWNlMDdmNDZjZDNmNzU1NTNkMGQ0ZTAyZGIxMGViMTExNTFhOTg4OWRiNjYyYzlkZCIsInRhZyI6IiJ9; userPermID=eyJpdiI6InRsL2JvMFd4NFJ0ejJaNXY0c0MxYkE9PSIsInZhbHVlIjoiOWtkQlhuOVl2ZFVHMUsycW5lV0pQbGxMNlJ1OUtMZHhtVE1pTlpvTnpHUDVhbVJseXhXdHZ1eFQ4NG9jKzhESDNyRW43QUZnblVmUVB3REF6MWl5UWFpVFI4czNqalRKdXVkSGduSWRodDA9IiwibWFjIjoiMTZjMDQyODc5NDNhYjhmZDc1YmM3NTNkNTFlMWFjY2RjNGFlOWNlZTk5NmMxZjc5OWY2N2NkNTgzNDBkODM4MyIsInRhZyI6IiJ9; TS01c950bd=01b02e3e892073c5acafe3484717da8b38a4a0efc3090b3da6dc5e1622c6a7259e1b78b00b73c258c25157b3bf3be20b9bbaeb133b
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 16:15:42 GMT
Last-Modified: Tue, 11 Jul 2023 09:00:37 GMT
ETag: "56be-600325524041f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3052
Content-Type: text/css
X-Varnish: 65124849
Age: 0
Via: 1.1 varnish (Varnish/6.0)
X-Cache: MISS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png

91.241.94.8

200 OK

9.7 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png
IP
91.241.94.8:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

File type
PNG image data, 111 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
9.7 kB (9748 bytes)
Hash
6da9ebdc999edd3ba3c5e2cde0b01d61
54078e9fa6d1e26ce41028f5057bcc80f031f41e
141c0d48f06736237ded509d4df01a20418e34e54fc5ae4351090ed9dc1570a8

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/images/Bemobi/OTA-timgameskids1-logoHeader.png HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Cookie: ng_session=eyJpdiI6IktlNlJWaTJTQzFxdVBhNTU4SVFyTmc9PSIsInZhbHVlIjoiT0VJUStSNFVxY1VBLzZycFl2MVdDNkEvZXJyOHJoUGIxaWViNmtzb0wvVThnTWcyL3JLQ1pRb1RjVUtFaVZJdEZ4dTZSakc2ZmhjZHZuazZpOXh6aVpvKzJqb3Y5Z1M1TzFVUzQzSWpjdEJnUUFiYzFvbnRvSWpjeW1NYXgvMWkiLCJtYWMiOiJiNDRjZGFjNGM5ZDliNTQ4YmRkOWQ2Mzk1YmNkNGE0NmJkMGEyYjk1N2E4YTYxN2VjMjAwZjQ3NWFiZWNlYzBjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IlovUnIwS2hyMTRuUS9zTVhLcVJ3M0E9PSIsInZhbHVlIjoiMmJIck9oYUozWEppWElxNWRycTFKN2wrcll5WHYyeHZVbUI0VG9jU203eTdrY2ZNenkzbDVIZC9IRmg0QnFpSTJEcS9qZ1cvOTRCTVVFNHFMbUVtUG1jaWFSb1hiNy9jR3BrRURjYWUwOVk9IiwibWFjIjoiYTYyNjRmNjU4MzJjNGM4OGNiNGJjNjgyMWE1OWVjMjViYzdjYWFiZWU3YTZjMzM1ZTE4OTM4YmU5MTZmOTk1OCIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlFZTEM1L1ErVklNcFVVSU1GdXlTOEE9PSIsInZhbHVlIjoiRHhSNlZGeHAwNDhhZjBrcVBMMUZqdS9SRDl3b203bzFncXdiVVlqbVAzWmRYNWxJU0dZZzJTL3BlSHQ4V3JRcWZYL2Rub25RMVlUQzFiNEltekJDWUxaRi91Y2pvTW1VWDZqNmJyZ2Z6Y289IiwibWFjIjoiYTNiNWNhN2RjNWI4ZWJkNWNlMDdmNDZjZDNmNzU1NTNkMGQ0ZTAyZGIxMGViMTExNTFhOTg4OWRiNjYyYzlkZCIsInRhZyI6IiJ9; userPermID=eyJpdiI6InRsL2JvMFd4NFJ0ejJaNXY0c0MxYkE9PSIsInZhbHVlIjoiOWtkQlhuOVl2ZFVHMUsycW5lV0pQbGxMNlJ1OUtMZHhtVE1pTlpvTnpHUDVhbVJseXhXdHZ1eFQ4NG9jKzhESDNyRW43QUZnblVmUVB3REF6MWl5UWFpVFI4czNqalRKdXVkSGduSWRodDA9IiwibWFjIjoiMTZjMDQyODc5NDNhYjhmZDc1YmM3NTNkNTFlMWFjY2RjNGFlOWNlZTk5NmMxZjc5OWY2N2NkNTgzNDBkODM4MyIsInRhZyI6IiJ9; TS01c950bd=01b02e3e892073c5acafe3484717da8b38a4a0efc3090b3da6dc5e1622c6a7259e1b78b00b73c258c25157b3bf3be20b9bbaeb133b
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Oct 2023 09:57:37 GMT
Last-Modified: Wed, 31 Aug 2022 12:35:17 GMT
ETag: "2614-5e788bab358b1"
Cache-Control: max-age=5184000
Expires: Tue, 19 Dec 2023 09:57:37 GMT
Content-Length: 9748
Content-Type: image/png
X-Varnish: 65411128 1024862320
Age: 4256285
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png

91.241.94.8

200 OK

213 B

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png
IP
91.241.94.8:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

File type
PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size
213 B (213 bytes)
Hash
d249b874e72ea9acce9f630517b48c4e
78a06a4b69bbd59d7fa9c70723640c775caf37cc
1861c75e1a0c132e357bccf763069d785f5954fe959d784abb1773f93b87bd28

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/wr-images/close-wap.png HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Cookie: ng_session=eyJpdiI6IktlNlJWaTJTQzFxdVBhNTU4SVFyTmc9PSIsInZhbHVlIjoiT0VJUStSNFVxY1VBLzZycFl2MVdDNkEvZXJyOHJoUGIxaWViNmtzb0wvVThnTWcyL3JLQ1pRb1RjVUtFaVZJdEZ4dTZSakc2ZmhjZHZuazZpOXh6aVpvKzJqb3Y5Z1M1TzFVUzQzSWpjdEJnUUFiYzFvbnRvSWpjeW1NYXgvMWkiLCJtYWMiOiJiNDRjZGFjNGM5ZDliNTQ4YmRkOWQ2Mzk1YmNkNGE0NmJkMGEyYjk1N2E4YTYxN2VjMjAwZjQ3NWFiZWNlYzBjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IlovUnIwS2hyMTRuUS9zTVhLcVJ3M0E9PSIsInZhbHVlIjoiMmJIck9oYUozWEppWElxNWRycTFKN2wrcll5WHYyeHZVbUI0VG9jU203eTdrY2ZNenkzbDVIZC9IRmg0QnFpSTJEcS9qZ1cvOTRCTVVFNHFMbUVtUG1jaWFSb1hiNy9jR3BrRURjYWUwOVk9IiwibWFjIjoiYTYyNjRmNjU4MzJjNGM4OGNiNGJjNjgyMWE1OWVjMjViYzdjYWFiZWU3YTZjMzM1ZTE4OTM4YmU5MTZmOTk1OCIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlFZTEM1L1ErVklNcFVVSU1GdXlTOEE9PSIsInZhbHVlIjoiRHhSNlZGeHAwNDhhZjBrcVBMMUZqdS9SRDl3b203bzFncXdiVVlqbVAzWmRYNWxJU0dZZzJTL3BlSHQ4V3JRcWZYL2Rub25RMVlUQzFiNEltekJDWUxaRi91Y2pvTW1VWDZqNmJyZ2Z6Y289IiwibWFjIjoiYTNiNWNhN2RjNWI4ZWJkNWNlMDdmNDZjZDNmNzU1NTNkMGQ0ZTAyZGIxMGViMTExNTFhOTg4OWRiNjYyYzlkZCIsInRhZyI6IiJ9; userPermID=eyJpdiI6InRsL2JvMFd4NFJ0ejJaNXY0c0MxYkE9PSIsInZhbHVlIjoiOWtkQlhuOVl2ZFVHMUsycW5lV0pQbGxMNlJ1OUtMZHhtVE1pTlpvTnpHUDVhbVJseXhXdHZ1eFQ4NG9jKzhESDNyRW43QUZnblVmUVB3REF6MWl5UWFpVFI4czNqalRKdXVkSGduSWRodDA9IiwibWFjIjoiMTZjMDQyODc5NDNhYjhmZDc1YmM3NTNkNTFlMWFjY2RjNGFlOWNlZTk5NmMxZjc5OWY2N2NkNTgzNDBkODM4MyIsInRhZyI6IiJ9; TS01c950bd=01b02e3e892073c5acafe3484717da8b38a4a0efc3090b3da6dc5e1622c6a7259e1b78b00b73c258c25157b3bf3be20b9bbaeb133b
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Oct 2023 09:36:14 GMT
Last-Modified: Tue, 11 Jul 2023 09:00:32 GMT
ETag: "d5-6003254e5e153"
Content-Length: 213
Cache-Control: max-age=5184000
Expires: Tue, 19 Dec 2023 09:36:14 GMT
Content-Type: image/png
X-Varnish: 64646864 1023453163
Age: 4257568
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX

91.241.94.8

200

51 B

URL GET HTTP/1.1
www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX
IP
91.241.94.8:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

File type
GIF image data, version 89a, 1 x 1\012- data
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Cookie: ng_session=eyJpdiI6IktlNlJWaTJTQzFxdVBhNTU4SVFyTmc9PSIsInZhbHVlIjoiT0VJUStSNFVxY1VBLzZycFl2MVdDNkEvZXJyOHJoUGIxaWViNmtzb0wvVThnTWcyL3JLQ1pRb1RjVUtFaVZJdEZ4dTZSakc2ZmhjZHZuazZpOXh6aVpvKzJqb3Y5Z1M1TzFVUzQzSWpjdEJnUUFiYzFvbnRvSWpjeW1NYXgvMWkiLCJtYWMiOiJiNDRjZGFjNGM5ZDliNTQ4YmRkOWQ2Mzk1YmNkNGE0NmJkMGEyYjk1N2E4YTYxN2VjMjAwZjQ3NWFiZWNlYzBjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IlovUnIwS2hyMTRuUS9zTVhLcVJ3M0E9PSIsInZhbHVlIjoiMmJIck9oYUozWEppWElxNWRycTFKN2wrcll5WHYyeHZVbUI0VG9jU203eTdrY2ZNenkzbDVIZC9IRmg0QnFpSTJEcS9qZ1cvOTRCTVVFNHFMbUVtUG1jaWFSb1hiNy9jR3BrRURjYWUwOVk9IiwibWFjIjoiYTYyNjRmNjU4MzJjNGM4OGNiNGJjNjgyMWE1OWVjMjViYzdjYWFiZWU3YTZjMzM1ZTE4OTM4YmU5MTZmOTk1OCIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlFZTEM1L1ErVklNcFVVSU1GdXlTOEE9PSIsInZhbHVlIjoiRHhSNlZGeHAwNDhhZjBrcVBMMUZqdS9SRDl3b203bzFncXdiVVlqbVAzWmRYNWxJU0dZZzJTL3BlSHQ4V3JRcWZYL2Rub25RMVlUQzFiNEltekJDWUxaRi91Y2pvTW1VWDZqNmJyZ2Z6Y289IiwibWFjIjoiYTNiNWNhN2RjNWI4ZWJkNWNlMDdmNDZjZDNmNzU1NTNkMGQ0ZTAyZGIxMGViMTExNTFhOTg4OWRiNjYyYzlkZCIsInRhZyI6IiJ9; userPermID=eyJpdiI6InRsL2JvMFd4NFJ0ejJaNXY0c0MxYkE9PSIsInZhbHVlIjoiOWtkQlhuOVl2ZFVHMUsycW5lV0pQbGxMNlJ1OUtMZHhtVE1pTlpvTnpHUDVhbVJseXhXdHZ1eFQ4NG9jKzhESDNyRW43QUZnblVmUVB3REF6MWl5UWFpVFI4czNqalRKdXVkSGduSWRodDA9IiwibWFjIjoiMTZjMDQyODc5NDNhYjhmZDc1YmM3NTNkNTFlMWFjY2RjNGFlOWNlZTk5NmMxZjc5OWY2N2NkNTgzNDBkODM4MyIsInRhZyI6IiJ9; TS01c950bd=01b02e3e892073c5acafe3484717da8b38a4a0efc3090b3da6dc5e1622c6a7259e1b78b00b73c258c25157b3bf3be20b9bbaeb133b
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 08 Dec 2023 16:15:41 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive

www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MBV8MJ7
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
74 kB (73751 bytes)
Hash
3c0efa7e3375e140fcb5c81a54049d6b
ca69cf18f4934f6da4e4c8b65b1cdca4405c6c8f
88b11c4bb606ea67e99a4664d8f322074657fb0a2e9a3aeebcee9172828aa256

HTTP Headers

GET /gtm.js?id=GTM-MBV8MJ7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 16:15:42 GMT
expires: Fri, 08 Dec 2023 16:15:42 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg

91.241.94.8

200 OK

46 kB

URL GET HTTP/1.1
www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg
IP
91.241.94.8:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 320x480, components 3\012- data
Size
46 kB (46164 bytes)
Hash
1624b5dc8b5e63caf616de322bea25b1
627bea45379aab59eda65ba135b9b2f55929d109
e06c79c5477b4060b11e096da1e520d4ff8863525184bfa60a414b5a0490d63d

HTTP Headers

GET /OTA-BRTIM-BEMOBKIDS/assets/assets/images/Bemobi/OTA-timgameskids1-bg.jpg HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/assets/OTA-BRTIM-BEMOBKIDS-timgameskids1-pt-doi-web.css?ver=52
Cookie: ng_session=eyJpdiI6IktlNlJWaTJTQzFxdVBhNTU4SVFyTmc9PSIsInZhbHVlIjoiT0VJUStSNFVxY1VBLzZycFl2MVdDNkEvZXJyOHJoUGIxaWViNmtzb0wvVThnTWcyL3JLQ1pRb1RjVUtFaVZJdEZ4dTZSakc2ZmhjZHZuazZpOXh6aVpvKzJqb3Y5Z1M1TzFVUzQzSWpjdEJnUUFiYzFvbnRvSWpjeW1NYXgvMWkiLCJtYWMiOiJiNDRjZGFjNGM5ZDliNTQ4YmRkOWQ2Mzk1YmNkNGE0NmJkMGEyYjk1N2E4YTYxN2VjMjAwZjQ3NWFiZWNlYzBjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IlovUnIwS2hyMTRuUS9zTVhLcVJ3M0E9PSIsInZhbHVlIjoiMmJIck9oYUozWEppWElxNWRycTFKN2wrcll5WHYyeHZVbUI0VG9jU203eTdrY2ZNenkzbDVIZC9IRmg0QnFpSTJEcS9qZ1cvOTRCTVVFNHFMbUVtUG1jaWFSb1hiNy9jR3BrRURjYWUwOVk9IiwibWFjIjoiYTYyNjRmNjU4MzJjNGM4OGNiNGJjNjgyMWE1OWVjMjViYzdjYWFiZWU3YTZjMzM1ZTE4OTM4YmU5MTZmOTk1OCIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlFZTEM1L1ErVklNcFVVSU1GdXlTOEE9PSIsInZhbHVlIjoiRHhSNlZGeHAwNDhhZjBrcVBMMUZqdS9SRDl3b203bzFncXdiVVlqbVAzWmRYNWxJU0dZZzJTL3BlSHQ4V3JRcWZYL2Rub25RMVlUQzFiNEltekJDWUxaRi91Y2pvTW1VWDZqNmJyZ2Z6Y289IiwibWFjIjoiYTNiNWNhN2RjNWI4ZWJkNWNlMDdmNDZjZDNmNzU1NTNkMGQ0ZTAyZGIxMGViMTExNTFhOTg4OWRiNjYyYzlkZCIsInRhZyI6IiJ9; userPermID=eyJpdiI6InRsL2JvMFd4NFJ0ejJaNXY0c0MxYkE9PSIsInZhbHVlIjoiOWtkQlhuOVl2ZFVHMUsycW5lV0pQbGxMNlJ1OUtMZHhtVE1pTlpvTnpHUDVhbVJseXhXdHZ1eFQ4NG9jKzhESDNyRW43QUZnblVmUVB3REF6MWl5UWFpVFI4czNqalRKdXVkSGduSWRodDA9IiwibWFjIjoiMTZjMDQyODc5NDNhYjhmZDc1YmM3NTNkNTFlMWFjY2RjNGFlOWNlZTk5NmMxZjc5OWY2N2NkNTgzNDBkODM4MyIsInRhZyI6IiJ9; TS01c950bd=01b02e3e892073c5acafe3484717da8b38a4a0efc3090b3da6dc5e1622c6a7259e1b78b00b73c258c25157b3bf3be20b9bbaeb133b
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Oct 2023 18:36:12 GMT
Last-Modified: Wed, 31 Aug 2022 12:35:17 GMT
ETag: "b454-5e788bab452b1"
Content-Length: 46164
Cache-Control: max-age=5184000
Expires: Tue, 19 Dec 2023 18:36:12 GMT
Content-Type: image/jpeg
X-Varnish: 65187190 1025618275
Age: 4225169
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive

analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX

91.220.208.18

200

51 B

URL GET HTTP/1.1
analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX
IP
91.220.208.18:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

File type
GIF image data, version 89a, 1 x 1\012- data
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /web/v1/content/view/Confirmation/br_tim/AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX HTTP/1.1
Host: analytics-br-tim.securewebfraud.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 08 Dec 2023 16:15:42 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=2, max=1000
Connection: Keep-Alive

www.timpromos.com.br/security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX

91.241.94.8

200

0 B

URL GET HTTP/1.1
www.timpromos.com.br/security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX
IP
91.241.94.8:80
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3knYwthmeFlolX_4iBx7jAx7hc4LRtA8HdmqVllrCdtZlNvHtYGDWvecgh8yxVPX HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Cookie: ng_session=eyJpdiI6IktlNlJWaTJTQzFxdVBhNTU4SVFyTmc9PSIsInZhbHVlIjoiT0VJUStSNFVxY1VBLzZycFl2MVdDNkEvZXJyOHJoUGIxaWViNmtzb0wvVThnTWcyL3JLQ1pRb1RjVUtFaVZJdEZ4dTZSakc2ZmhjZHZuazZpOXh6aVpvKzJqb3Y5Z1M1TzFVUzQzSWpjdEJnUUFiYzFvbnRvSWpjeW1NYXgvMWkiLCJtYWMiOiJiNDRjZGFjNGM5ZDliNTQ4YmRkOWQ2Mzk1YmNkNGE0NmJkMGEyYjk1N2E4YTYxN2VjMjAwZjQ3NWFiZWNlYzBjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IlovUnIwS2hyMTRuUS9zTVhLcVJ3M0E9PSIsInZhbHVlIjoiMmJIck9oYUozWEppWElxNWRycTFKN2wrcll5WHYyeHZVbUI0VG9jU203eTdrY2ZNenkzbDVIZC9IRmg0QnFpSTJEcS9qZ1cvOTRCTVVFNHFMbUVtUG1jaWFSb1hiNy9jR3BrRURjYWUwOVk9IiwibWFjIjoiYTYyNjRmNjU4MzJjNGM4OGNiNGJjNjgyMWE1OWVjMjViYzdjYWFiZWU3YTZjMzM1ZTE4OTM4YmU5MTZmOTk1OCIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlFZTEM1L1ErVklNcFVVSU1GdXlTOEE9PSIsInZhbHVlIjoiRHhSNlZGeHAwNDhhZjBrcVBMMUZqdS9SRDl3b203bzFncXdiVVlqbVAzWmRYNWxJU0dZZzJTL3BlSHQ4V3JRcWZYL2Rub25RMVlUQzFiNEltekJDWUxaRi91Y2pvTW1VWDZqNmJyZ2Z6Y289IiwibWFjIjoiYTNiNWNhN2RjNWI4ZWJkNWNlMDdmNDZjZDNmNzU1NTNkMGQ0ZTAyZGIxMGViMTExNTFhOTg4OWRiNjYyYzlkZCIsInRhZyI6IiJ9; userPermID=eyJpdiI6InRsL2JvMFd4NFJ0ejJaNXY0c0MxYkE9PSIsInZhbHVlIjoiOWtkQlhuOVl2ZFVHMUsycW5lV0pQbGxMNlJ1OUtMZHhtVE1pTlpvTnpHUDVhbVJseXhXdHZ1eFQ4NG9jKzhESDNyRW43QUZnblVmUVB3REF6MWl5UWFpVFI4czNqalRKdXVkSGduSWRodDA9IiwibWFjIjoiMTZjMDQyODc5NDNhYjhmZDc1YmM3NTNkNTFlMWFjY2RjNGFlOWNlZTk5NmMxZjc5OWY2N2NkNTgzNDBkODM4MyIsInRhZyI6IiJ9; TS01c950bd=01b02e3e892073c5acafe3484717da8b38a4a0efc3090b3da6dc5e1622c6a7259e1b78b00b73c258c25157b3bf3be20b9bbaeb133b
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 08 Dec 2023 16:15:42 GMT
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Keep-Alive: timeout=5, max=998
Connection: Keep-Alive
Access-Control-Allow-Origin: *

www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
89 kB (88601 bytes)
Hash
073223658d4dfe2493c373941678db84
ae8f65563bf013023be79401f451c677d0edafaf
9a4a9c4d9d6872c35ee1f22c1e1b2de5d202a66ddc2d85b78fd866ff4abfc603

HTTP Headers

GET /gtag/destination?id=G-9LLK8PEDTW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 16:15:43 GMT
expires: Fri, 08 Dec 2023 16:15:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
89 kB (88593 bytes)
Hash
ec4120e0507f094b4d2968a5a75dbde5
7d9867fd276f77e7fc6d28181f5e6b3680e54d27
efe741e9581be195e9ddda23425c56d384c2277e26f1443182a293471af4d410

HTTP Headers

GET /gtag/js?id=G-9LLK8PEDTW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 16:15:43 GMT
expires: Fri, 08 Dec 2023 16:15:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=1408567384.1702052150&gtm=45je3bt0v9100206336z8856739148&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2058113177

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=1408567384.1702052150&gtm=45je3bt0v9100206336z8856739148&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2058113177
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9LLK8PEDTW&cid=1408567384.1702052150&gtm=45je3bt0v9100206336z8856739148&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2058113177 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:15:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336z8856739148&_p=1702052149543&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_s=2&sid=1702052150&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=page_view&tfd=2243

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336z8856739148&_p=1702052149543&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_s=2&sid=1702052150&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=page_view&tfd=2243
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336z8856739148&_p=1702052149543&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_s=2&sid=1702052150&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=page_view&tfd=2243 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Fri, 08 Dec 2023 16:15:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336z8856739148&_p=1702052149543&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_s=1&sid=1702052150&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=2215

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336z8856739148&_p=1702052149543&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_s=1&sid=1702052150&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=2215
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336z8856739148&_p=1702052149543&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_s=1&sid=1702052150&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=OTA_TGames%20Kids_Wifi_Users&_fv=1&_nsi=1&_ss=1&tfd=2215 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Fri, 08 Dec 2023 16:15:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336&_p=1702052149543&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_eu=AEA&_s=3&sid=1702052150&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=7244

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336&_p=1702052149543&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_eu=AEA&_s=3&sid=1702052150&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=7244
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
http://www.timpromos.com.br/OTA-BRTIM-BEMOBKIDS/timgameskids1-pt-doi-web?HEKeyword=OTA_TGAMESKIDS_LDG_1&utm_source=lightdigital&utm_medium=cpa&utm_content=timgameskids1&utm_campaign=OTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image&lgd_id=6573412dc5c3ad0001257fba&lgd_pub=249
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9LLK8PEDTW&gtm=45je3bt0v9100206336&_p=1702052149543&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1408567384.1702052150&ul=en-us&sr=1280x1024&_eu=AEA&_s=3&sid=1702052150&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FOTA-BRTIM-BEMOBKIDS%2Ftimgameskids1-pt-doi-web%3FHEKeyword%3DOTA_TGAMESKIDS_LDG_1%26utm_source%3Dlightdigital%26utm_medium%3Dcpa%26utm_content%3Dtimgameskids1%26utm_campaign%3DOTA_TGAMESKIDS_LDG_1-lightdigital-web-cpa-timgameskids1-image%26lgd_id%3D6573412dc5c3ad0001257fba%26lgd_pub%3D249&dt=&en=scroll&epn.percent_scrolled=90&tfd=7244 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
DNT: 1
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: http://www.timpromos.com.br
date: Fri, 08 Dec 2023 16:15:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN