POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
 23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17064
Expires: Sun, 26 Mar 2023 03:07:30 GMT
Date: Sat, 25 Mar 2023 22:23:06 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17373
Expires: Sun, 26 Mar 2023 03:12:39 GMT
Date: Sat, 25 Mar 2023 22:23:06 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4711
Expires: Sat, 25 Mar 2023 23:41:37 GMT
Date: Sat, 25 Mar 2023 22:23:06 GMT
Connection: keep-alive
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 21:27:45 GMT
age: 3321
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: jfadarT9/t/m3YjURJD6B4l3M4pzcYdRmYWO++sZ+X6sX32ggOOFsyBRy7peW6H3BDLRFP9CAUI7VqGXCTeFfA==
x-amz-request-id: F050W5HD82HRS4CG
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 22:00:57 GMT
age: 1329
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /c/n/200841/1913 HTTP/1.1
Host: m.bolomobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
66.175.217.160
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Sat, 25 Mar 2023 22:23:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: uk=4ddbdab7b5d940b4b6042b80348d0f2e; Domain=bolomobi.com; Expires=Fri, 13-Apr-2091 01:37:13 GMT; Path=/; HttpOnly
Location: http://trk.adtera.com/path/lp.php?trvid=11255&trvx=e9855ab2&click_id=ec02ce235bc84d7b882a1eb07ac258dd&aff_id=1913_
Cache-Control: no-transform
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Sat, 25 Mar 2023 22:23:06 GMT
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /path/lp.php?trvid=11255&trvx=e9855ab2&click_id=ec02ce235bc84d7b882a1eb07ac258dd&aff_id=1913_ HTTP/1.1
Host: trk.adtera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
34.207.16.223
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Date: Sat, 25 Mar 2023 22:23:06 GMT
Server: Apache/2.4.27 (Amazon) PHP/5.6.32
X-Powered-By: PHP/5.6.32
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: THRIVE_SESS=g8oelqmk04p4kudqln9vpceqc4; expires=Sun, 26-Mar-2023 22:23:06 GMT; Max-Age=86400; path=/; domain=.trk.adtera.com
ClickId=m8tj2n9789ik; expires=Mon, 24-Apr-2023 22:23:06 GMT; Max-Age=2592000; path=/; domain=.adtera.com
OfferPage=https%3A%2F%2Foffdeck.jumpmobile.com.br%2Fprouser%2Ftaplingo%2Ftim%2Fcheckout%2F%3FcampaignId%3DJump%26clickId%3Dm8tj2n9789ik; expires=Mon, 24-Apr-2023 22:23:06 GMT; Max-Age=2592000; path=/; domain=.adtera.com
OfferID=1479; expires=Mon, 24-Apr-2023 22:23:06 GMT; Max-Age=2592000; path=/; domain=.adtera.com
location: https://offdeck.jumpmobile.com.br/prouser/taplingo/tim/checkout/?campaignId=Jump&clickId=m8tj2n9789ik
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 22:17:24 GMT
age: 342
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8648
Expires: Sun, 26 Mar 2023 00:47:15 GMT
Date: Sat, 25 Mar 2023 22:23:07 GMT
Connection: keep-alive
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zFS2GikSE9BskkG0A5pNBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
54.149.121.162
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wLlGpyUdGFVQjI/cxuuW/hQrN4o=
|
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
54.230.80.227
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143767
Date: Sat, 25 Mar 2023 22:23:08 GMT
Etag: "641f02e3-1d7"
Expires: Mon, 27 Mar 2023 14:19:15 GMT
Last-Modified: Sat, 25 Mar 2023 14:19:15 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R5uOjmUsMBP_2YdL4bCEfGbiub7zztuq0gmhjkfF7171TSjARsCWTg==
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8839
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:23:08 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8839
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:23:08 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8839
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:23:08 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8839
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:23:08 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8839
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:23:08 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9486
x-amzn-requestid: b0324b5e-303e-485a-ae57-c001378aa401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW2eRHjaoAMF74w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6ac1-27f002da252bd7ee19802f3d;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:42:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: V-lhHgr1lyxVF9XaxHQ6abgEwVC_llAl8opmQ8qKJ7Ee76HWSP1ZoA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:08:53 GMT
age: 855
etag: "a53e0919923151e009e12010c60acb5a9175d37e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9124
x-amzn-requestid: 30a39bb7-d3cc-473a-a5f9-4921367832c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUESiIAMFVEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-6c9bb97512fc3c8a3ecedc43;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _4VxID1v_auG0Vuzp87FJoPbgJovhYYYa1fpzQZze51I6HwFKbja6w==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:20 GMT
age: 2748
etag: "58cefa986d580ee408fbca288e3e45ba86fb97ac"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 59204
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9e781aa-3802-4cf5-a484-251a54be7c3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 7156
x-amzn-requestid: 4c7fa12f-7a53-4960-bcf2-e88ccda4ea12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uTGq2IAMFY9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f698e-381360a95cc2762d499e2839;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 9CXL22uAnmLM15tpB3yS-cgRugdZre0cgBqhnsDrdxDp-xvFzy7A4g==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:18 GMT
etag: "32f01282a1c9e7db058c85e92a1228d498988ac2"
age: 2750
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd27448b3-5d7d-4249-939a-22a55ff03bfc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5916
x-amzn-requestid: 86502622-4d93-4767-a7ab-b963bfc9900b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUHgjoAMFmug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-069ef5781ce60e9821010204;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: r9nGZ_sMvuN7uuq8utQofWNeZtbpZfPWOzrNkaBYrmWCV5KUtGzK4w==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
age: 2761
etag: "99d9cd4a1d423d776284f2d638763ebe33e247ad"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 7882
x-amzn-requestid: cdb6c312-e4b1-41e4-a13e-723f8628961d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW3M0G_3oAMFpWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6beb-37ff37b35f2de72b6faf0bf9;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:47:23 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 36IijBFVCfKpOEcor_pSyo94rbX4Ym1SD_XbGZIoY16BLfcALXcS1w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:08:53 GMT
etag: "7819408faa7e232c57bf448d78cf00e7f98469f6"
age: 855
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /prouser/taplingo/tim/checkout/?campaignId=Jump&clickId=m8tj2n9789ik HTTP/1.1
Host: offdeck.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
 18.228.72.89
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sat, 25 Mar 2023 22:23:08 GMT
content-length: 0
location: http://checkout.jumpmobile.com.br/c/usercheck?s=DCEA6BD99A0946D88950541A95E0729A
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.2.34
X-Firefox-Spdy: h2
|
GET /c/usercheck?s=DCEA6BD99A0946D88950541A95E0729A HTTP/1.1
Host: checkout.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
15.197.162.153
HTTP/1.1 307 Temporary Redirect
Date: Sat, 25 Mar 2023 22:23:09 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.timpromos.com.br/PTS/redirect?appid=14559&serviceProvider=prouser&requestId=DCEA6BD99A0946D88950541A95E0729A&campaign=58&clickID=m8tj2n9789ik&trafficSource=TECHFLOW&publisher=TECHFLOW
Set-Cookie: sessionId=DCEA6BD99A0946D88950541A95E0729A;Version=1
Server: Jetty(9.3.15.v20161220)
|
GET /PTS/redirect?appid=14559&serviceProvider=prouser&requestId=DCEA6BD99A0946D88950541A95E0729A&campaign=58&clickID=m8tj2n9789ik&trafficSource=TECHFLOW&publisher=TECHFLOW HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
 91.241.94.8
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Sat, 25 Mar 2023 22:23:09 GMT
Cache-Control: no-cache, private
Vary: Accept-Encoding
Content-Encoding: gzip
X-Varnish: 429711018
Age: 0
Via: 1.1 varnish (Varnish/6.0)
X-Cache: MISS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Set-Cookie: ng_session=eyJpdiI6IkdxRjcrZmxSTytFU1BKTVR4QTFlMlE9PSIsInZhbHVlIjoicHcxUWhNVjIrOGRBN3dycFNIK1NJL0lwQkpJancvMUF5djZaRFJWaWkrLzM1SXlhN1ZaK2ZuaW02Mit2OHpmSGRTS2VDOHZMVTl6TnBSSUZiMUlRS1ZVTnJuQ3lZdnJRQU9sRFB4Um5VOGgxbStneGdrOVNjV1ExejFQcnRtUWUiLCJtYWMiOiJlMTFlOTg1NmJhOTRiYWI5ZTZlYTExOWUyZTliZmNiMTE2YjI2NjQ1OTViNzc5ZTQzNWI2ZWUxOWIxNWE1MWFhIiwidGFnIjoiIn0%3D; expires=Sun, 26-Mar-2023 04:23:09 GMT; Max-Age=21600; path=/; httponly; samesite=lax
ctxid=eyJpdiI6IkxGZXZYM3hHTThBalV1U0NNTFFZOGc9PSIsInZhbHVlIjoiRG5xRGo1VldZUkFUaVdjdDNoYmw0UHNGOVNId3kvS20wdFdNcjBKRGI0bnZiWXNlSFBmaEJlcU9od1Z4czFCOUJEQnNocHgzUGNZN3FRZHJkZThPUllLM21tVjBYME5kaTIxNjFVd3FZNjA9IiwibWFjIjoiNDZkYTA0MmIwNTZmMjZhYjUxYjdkNjgzMDA2NTNiODU5ZmRlOGYyM2I1YjJiMjQwYTA0MmIyNGFlNGZjOWNjNSIsInRhZyI6IiJ9; expires=Tue, 22-Mar-2033 22:23:09 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
rd=deleted; expires=Fri, 25-Mar-2022 22:23:08 GMT; Max-Age=0; path=/; httponly; samesite=lax
userSessionID=eyJpdiI6IjNaeWtLQVNncFZjT0ozb3BjUW96RlE9PSIsInZhbHVlIjoidElXQ29LbStTdDJ3blV2ZHIwTlR5aVlnN1RNOXN4VnllOUZ4d1pmMHJZUE1jS2xUK1RzZFk4TXBobnJhbXg2MlBHc3ZQWk5NcTNGaFFpekswYzAvaHpsVmxLNTI2TFpJOTFqUG5Zc3dmOGM9IiwibWFjIjoiZmY2ZjM5YTQyMjgwOWY4N2ZiMWYyN2ZlNWQ3ZTZjODJiN2MzY2YwODhhYzdlZmJiYTFlYTY5Y2FhZDFmMzVkMSIsInRhZyI6IiJ9; expires=Sat, 25-Mar-2023 22:53:09 GMT; Max-Age=1800; path=/; httponly; samesite=lax
userPermID=eyJpdiI6IndRM1pFcis2OW5UU3VVcHJWUldJNGc9PSIsInZhbHVlIjoiK1pwRGVUMStyQ0l0Sy9wcStPYVBSSkg1cW1penBCU216VHRhaXFQWVhYTUkzS1g3cmE4K1EwMTVrRTExbEVVRGEzbTFrS3dsQlM3eGUwNlBTMjF4a3p0WUJvb0twMDU5WXlWRy9yclVwMm89IiwibWFjIjoiODgwZjFlNWE3NGY0ZWQyOGE5ZjA1ZjAwNzg5YTQ3YmM1YzViNjg1MGIzYzEwNDMyM2Y5MjYzYTFjMDlmZjZmNiIsInRhZyI6IiJ9; expires=Tue, 22-Mar-2033 22:23:09 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
TS01c950bd=01b02e3e899171341e3090e1707e52abb6016f644552329c64eef201eecc324d317493b0882cdbbc78c39678d52ba4a7f54748ac54; Path=/; Domain=.www.timpromos.com.br
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
|
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
54.230.80.227
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143765
Date: Sat, 25 Mar 2023 22:23:10 GMT
Etag: "641f02e3-1d7"
Expires: Mon, 27 Mar 2023 14:19:15 GMT
Last-Modified: Sat, 25 Mar 2023 14:19:15 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PuxCvpttzLkwWejG6pjfXa1jMldxCCwBDsl9taVabp8vl7MERYSuYA==
|
GET /prouser/taplingo/tim/css/ HTTP/1.1
Host: offdeck.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
18.228.72.89
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
date: Sat, 25 Mar 2023 22:23:10 GMT
content-length: 3426
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.2.34
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
GET /security-platform-web/web/v1/content/view/Confirmation/br_tim/AQ4z3km9DAs96CHdBtuzQ-fZ7fLA5pSTkbTCWMTx5w1iY65I4NkTeWIX3Y2ywqn7nC0b HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.timpromos.com.br/PTS/redirect?appid=14559&serviceProvider=prouser&requestId=DCEA6BD99A0946D88950541A95E0729A&campaign=58&clickID=m8tj2n9789ik&trafficSource=TECHFLOW&publisher=TECHFLOW
Cookie: ng_session=eyJpdiI6IkdxRjcrZmxSTytFU1BKTVR4QTFlMlE9PSIsInZhbHVlIjoicHcxUWhNVjIrOGRBN3dycFNIK1NJL0lwQkpJancvMUF5djZaRFJWaWkrLzM1SXlhN1ZaK2ZuaW02Mit2OHpmSGRTS2VDOHZMVTl6TnBSSUZiMUlRS1ZVTnJuQ3lZdnJRQU9sRFB4Um5VOGgxbStneGdrOVNjV1ExejFQcnRtUWUiLCJtYWMiOiJlMTFlOTg1NmJhOTRiYWI5ZTZlYTExOWUyZTliZmNiMTE2YjI2NjQ1OTViNzc5ZTQzNWI2ZWUxOWIxNWE1MWFhIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkxGZXZYM3hHTThBalV1U0NNTFFZOGc9PSIsInZhbHVlIjoiRG5xRGo1VldZUkFUaVdjdDNoYmw0UHNGOVNId3kvS20wdFdNcjBKRGI0bnZiWXNlSFBmaEJlcU9od1Z4czFCOUJEQnNocHgzUGNZN3FRZHJkZThPUllLM21tVjBYME5kaTIxNjFVd3FZNjA9IiwibWFjIjoiNDZkYTA0MmIwNTZmMjZhYjUxYjdkNjgzMDA2NTNiODU5ZmRlOGYyM2I1YjJiMjQwYTA0MmIyNGFlNGZjOWNjNSIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IjNaeWtLQVNncFZjT0ozb3BjUW96RlE9PSIsInZhbHVlIjoidElXQ29LbStTdDJ3blV2ZHIwTlR5aVlnN1RNOXN4VnllOUZ4d1pmMHJZUE1jS2xUK1RzZFk4TXBobnJhbXg2MlBHc3ZQWk5NcTNGaFFpekswYzAvaHpsVmxLNTI2TFpJOTFqUG5Zc3dmOGM9IiwibWFjIjoiZmY2ZjM5YTQyMjgwOWY4N2ZiMWYyN2ZlNWQ3ZTZjODJiN2MzY2YwODhhYzdlZmJiYTFlYTY5Y2FhZDFmMzVkMSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IndRM1pFcis2OW5UU3VVcHJWUldJNGc9PSIsInZhbHVlIjoiK1pwRGVUMStyQ0l0Sy9wcStPYVBSSkg1cW1penBCU216VHRhaXFQWVhYTUkzS1g3cmE4K1EwMTVrRTExbEVVRGEzbTFrS3dsQlM3eGUwNlBTMjF4a3p0WUJvb0twMDU5WXlWRy9yclVwMm89IiwibWFjIjoiODgwZjFlNWE3NGY0ZWQyOGE5ZjA1ZjAwNzg5YTQ3YmM1YzViNjg1MGIzYzEwNDMyM2Y5MjYzYTFjMDlmZjZmNiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e899171341e3090e1707e52abb6016f644552329c64eef201eecc324d317493b0882cdbbc78c39678d52ba4a7f54748ac54
|
91.241.94.8
HTTP/1.1 200
Content-Type: image/gif
Date: Sat, 25 Mar 2023 22:23:11 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Length: 51
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive
Access-Control-Allow-Origin: *
|
GET /web/v1/content/view/Confirmation/br_tim/AQ4z3km9DAs96CHdBtuzQ-fZ7fLA5pSTkbTCWMTx5w1iY65I4NkTeWIX3Y2ywqn7nC0b HTTP/1.1
Host: analytics-br-tim.securewebfraud.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.timpromos.com.br/
|
91.220.208.18
HTTP/1.1 200
Content-Type: image/gif
Date: Sat, 25 Mar 2023 22:23:10 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Length: 51
Keep-Alive: timeout=2, max=1000
Connection: Keep-Alive
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /gtm.js?id=GTM-K3HVTMM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Mar 2023 22:23:11 GMT
expires: Sat, 25 Mar 2023 22:23:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 25 Mar 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /security-platform-web/api/v1/beacon/retrieve?secureSessionId=AQ4z3km9DAs96CHdBtuzQ-fZ7fLA5pSTkbTCWMTx5w1iY65I4NkTeWIX3Y2ywqn7nC0b HTTP/1.1
Host: www.timpromos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.timpromos.com.br/PTS/redirect?appid=14559&serviceProvider=prouser&requestId=DCEA6BD99A0946D88950541A95E0729A&campaign=58&clickID=m8tj2n9789ik&trafficSource=TECHFLOW&publisher=TECHFLOW
Cookie: ng_session=eyJpdiI6IkdxRjcrZmxSTytFU1BKTVR4QTFlMlE9PSIsInZhbHVlIjoicHcxUWhNVjIrOGRBN3dycFNIK1NJL0lwQkpJancvMUF5djZaRFJWaWkrLzM1SXlhN1ZaK2ZuaW02Mit2OHpmSGRTS2VDOHZMVTl6TnBSSUZiMUlRS1ZVTnJuQ3lZdnJRQU9sRFB4Um5VOGgxbStneGdrOVNjV1ExejFQcnRtUWUiLCJtYWMiOiJlMTFlOTg1NmJhOTRiYWI5ZTZlYTExOWUyZTliZmNiMTE2YjI2NjQ1OTViNzc5ZTQzNWI2ZWUxOWIxNWE1MWFhIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6IkxGZXZYM3hHTThBalV1U0NNTFFZOGc9PSIsInZhbHVlIjoiRG5xRGo1VldZUkFUaVdjdDNoYmw0UHNGOVNId3kvS20wdFdNcjBKRGI0bnZiWXNlSFBmaEJlcU9od1Z4czFCOUJEQnNocHgzUGNZN3FRZHJkZThPUllLM21tVjBYME5kaTIxNjFVd3FZNjA9IiwibWFjIjoiNDZkYTA0MmIwNTZmMjZhYjUxYjdkNjgzMDA2NTNiODU5ZmRlOGYyM2I1YjJiMjQwYTA0MmIyNGFlNGZjOWNjNSIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IjNaeWtLQVNncFZjT0ozb3BjUW96RlE9PSIsInZhbHVlIjoidElXQ29LbStTdDJ3blV2ZHIwTlR5aVlnN1RNOXN4VnllOUZ4d1pmMHJZUE1jS2xUK1RzZFk4TXBobnJhbXg2MlBHc3ZQWk5NcTNGaFFpekswYzAvaHpsVmxLNTI2TFpJOTFqUG5Zc3dmOGM9IiwibWFjIjoiZmY2ZjM5YTQyMjgwOWY4N2ZiMWYyN2ZlNWQ3ZTZjODJiN2MzY2YwODhhYzdlZmJiYTFlYTY5Y2FhZDFmMzVkMSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IndRM1pFcis2OW5UU3VVcHJWUldJNGc9PSIsInZhbHVlIjoiK1pwRGVUMStyQ0l0Sy9wcStPYVBSSkg1cW1penBCU216VHRhaXFQWVhYTUkzS1g3cmE4K1EwMTVrRTExbEVVRGEzbTFrS3dsQlM3eGUwNlBTMjF4a3p0WUJvb0twMDU5WXlWRy9yclVwMm89IiwibWFjIjoiODgwZjFlNWE3NGY0ZWQyOGE5ZjA1ZjAwNzg5YTQ3YmM1YzViNjg1MGIzYzEwNDMyM2Y5MjYzYTFjMDlmZjZmNiIsInRhZyI6IiJ9; TS01c950bd=01b02e3e899171341e3090e1707e52abb6016f644552329c64eef201eecc324d317493b0882cdbbc78c39678d52ba4a7f54748ac54
|
91.241.94.8
HTTP/1.1 200
Content-Type: text/plain;charset=UTF-8
Date: Sat, 25 Mar 2023 22:23:12 GMT
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 0
Keep-Alive: timeout=5, max=998
Connection: Keep-Alive
Access-Control-Allow-Origin: *
|
GET /prouser/taplingo/tim/images/bg.png HTTP/1.1
Host: offdeck.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://offdeck.jumpmobile.com.br/prouser/taplingo/tim/css/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
18.228.72.89
HTTP/2 200 OK
content-type: image/png
date: Sat, 25 Mar 2023 22:23:11 GMT
content-length: 6332
server: Apache/2.4.38 (Debian)
last-modified: Sat, 19 Mar 2022 00:28:49 GMT
etag: "18bc-5da8758cfb240"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /prouser/taplingo/tim/header/ HTTP/1.1
Host: offdeck.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
|
18.228.72.89
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 25 Mar 2023 22:23:11 GMT
content-length: 234
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.2.34
access-control-allow-origin: *
x-frame-options: allow-from http://auth3.tim.com.br/
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
GET /prouser/taplingo/tim/footer/ HTTP/1.1
Host: offdeck.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
|
18.228.72.89
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 25 Mar 2023 22:23:11 GMT
content-length: 357
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.2.34
access-control-allow-origin: *
x-frame-options: allow-from http://auth3.tim.com.br/
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.78
HTTP/2 200 OK
content-type: text/javascript
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 25 Mar 2023 22:05:11 GMT
expires: Sun, 26 Mar 2023 00:05:11 GMT
cache-control: public, max-age=7200
age: 1081
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-145115646-58&cid=1287232541.1679783006&jid=1885557579&gjid=1634567508&_gid=422121786.1679783006&_u=YCDAgEABAAAAAEAAI~&z=116736269 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.timpromos.com.br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
173.194.221.155
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: http://www.timpromos.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Mar 2023 22:23:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-145115646-58&cid=1287232541.1679783006&jid=1885557579&_u=YCDAgEABAAAAAEAAI~&z=1797941387 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.164
HTTP/2 200 OK
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 22:23:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-145115646-58&cid=1287232541.1679783006&jid=1885557579&_u=YCDAgEABAAAAAEAAI~&z=1797941387 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
142.250.74.163
HTTP/2 200 OK
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 22:23:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:23:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /prouser/taplingo/tim/images/header.png HTTP/1.1
Host: offdeck.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://offdeck.jumpmobile.com.br/prouser/taplingo/tim/header/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
18.228.72.89
HTTP/2 200 OK
content-type: image/png
date: Sat, 25 Mar 2023 22:23:12 GMT
content-length: 43907
server: Apache/2.4.38 (Debian)
last-modified: Sat, 19 Mar 2022 00:28:49 GMT
etag: "ab83-5da8758cfb240"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /prouser/taplingo/tim/images/footer.png HTTP/1.1
Host: offdeck.jumpmobile.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://offdeck.jumpmobile.com.br/prouser/taplingo/tim/footer/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
18.228.72.89
HTTP/2 200 OK
content-type: image/png
date: Sat, 25 Mar 2023 22:23:12 GMT
content-length: 9159
server: Apache/2.4.38 (Debian)
last-modified: Sat, 19 Mar 2022 00:28:49 GMT
etag: "23c7-5da8758cfb240"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
POST /g/collect?v=2&tid=G-Z2QSK4XKQP>m=45je33m0&_p=554855047&cid=1287232541.1679783006&ul=en-us&sr=1280x1024&_s=1&sid=1679783006&sct=1&seg=0&dl=http%3A%2F%2Fwww.timpromos.com.br%2FPTS%2Fredirect%3Fappid%3D14559%26serviceProvider%3Dprouser%26requestId%3DDCEA6BD99A0946D88950541A95E0729A%26campaign%3D58%26clickID%3Dm8tj2n9789ik%26trafficSource%3DTECHFLOW%26publisher%3DTECHFLOW&dt=&en=OTA_Taplingo_Wifi_Users&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
|
216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
access-control-allow-origin: http://www.timpromos.com.br
date: Sat, 25 Mar 2023 22:23:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /g/collect?v=2&tid=G-Z2QSK4XKQP>m=45je33m0&_p=554855047&cid=1287232541.1679783006&ul=en-us&sr=1280x1024&_s=2&sid=1679783006&sct=1&seg=1&dl=http%3A%2F%2Fwww.timpromos.com.br%2FPTS%2Fredirect%3Fappid%3D14559%26serviceProvider%3Dprouser%26requestId%3DDCEA6BD99A0946D88950541A95E0729A%26campaign%3D58%26clickID%3Dm8tj2n9789ik%26trafficSource%3DTECHFLOW%26publisher%3DTECHFLOW&dt=&en=page_view&_et=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.timpromos.com.br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
|
216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
access-control-allow-origin: http://www.timpromos.com.br
date: Sat, 25 Mar 2023 22:23:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /OTP/css/TIM-Login-styles-sheet.css HTTP/1.1
Host: auth3.tim.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.timpromos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
45.60.65.22
HTTP/2 200 OK
content-type: text/css
date: Sat, 25 Mar 2023 22:23:11 GMT
server: Apache
last-modified: Thu, 04 May 2017 03:57:51 GMT
etag: "1742c1-539a-54eaac6d7edc0"
accept-ranges: bytes
set-cookie: tim_cookie=rd51o00000000000000000000ffff0aa91fdeo20101; expires=Sat, 25-Mar-2023 23:23:11 GMT; path=/; Httponly; Secure
visid_incap_2787765=AoMmX5KFQNOqFyicFxGDQEd0H2QAAAAAQUIPAAAAAACr8W7LStRwDnKvtKf/Un/w; expires=Sat, 23 Mar 2024 22:50:08 GMT; HttpOnly; path=/; Domain=.tim.com.br
incap_ses_276_2787765=on1kPtmSUhOKizv4Lo3UA050H2QAAAAA4I1cynWWa+lmxXA7xWVgBQ==; path=/; Domain=.tim.com.br
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 7-17319091-17319095 NNYN CT(259 784 0) RT(1679782989090 18) q(0 0 10 0) r(13 13) U24
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
172.104.145.88