urlscan.io logo urlscan.io
SecurityTrails logo

timofertas.com Open in urlscan Pro
172.67.129.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://timofertas.com/
Effective URL: https://timofertas.com/
Submission: On September 27 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 39 HTTP transactions. The main IP is 172.67.129.62, located in United States and belongs to CLOUDFLARENET, US. The main domain is timofertas.com.
TLS certificate: Issued by WE1 on September 8th 2024. Valid for: 3 months.
This is the only time timofertas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 172.67.129.62 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
3 142.250.186.72 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
39 7
28    172.67.129.62 (United States)

ASN13335 (CLOUDFLARENET, US)
timofertas.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
3    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
28 timofertas.com
timofertas.com
464 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
470 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3391
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4111
1 google.de
www.google.de — Cisco Umbrella Rank: 9833
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
553 B
39 6
Domain Requested by
28 timofertas.com timofertas.com
5 www.googletagmanager.com timofertas.com
www.googletagmanager.com
2 region1.google-analytics.com www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
1 www.google.de timofertas.com
1 stats.g.doubleclick.net www.googletagmanager.com
39 6

This site contains links to these domains. Also see Links.

Domain
vapor-tim-storage.s3.amazonaws.com
tim.com.br
www.tim.com.br
Subject Issuer Validity Valid
timofertas.com
WE1		 2024-09-08 -
2024-12-07		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.de
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://timofertas.com/
Frame ID: 44D5488F2E3F93218899E30AB3353364
Requests: 37 HTTP requests in this frame

Frame: https://timofertas.com/chat-ofertas
Frame ID: 7E10930B1C59F35B6D25AB3B7E942EFD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TIM Controle

Page URL History Show full URLs

  1. http://timofertas.com/ HTTP 307
    https://timofertas.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

935 kB
Transfer

2229 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://timofertas.com/ HTTP 307
    https://timofertas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
timofertas.com/
Redirect Chain
  • http://timofertas.com/
  • https://timofertas.com/
24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
368156d648201cc17887bbbc6fa9d8e06bbb3e2a7af22f6943f7dfb6de8388c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c9c51622bf9d406-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 27 Sep 2024 14:52:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hc6tzySNRKzU06L04xx2RvvQNUXWVc%2F7kOBSGopb%2Bl9zpkGafAd5cidhMRofRstsGqfgVMuu%2FQS9Jsm3IBvAt%2FQN8ygnrh27RVhqVHk%2FCxHsq3WI%2FLLNPEacLM6taDYVQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-powered-by
Next.js

Redirect headers

Location
https://timofertas.com/
Non-Authoritative-Reason
HttpsUpgrades
speculation
timofertas.com/cdn-cgi/ 		128 B
547 B 		Other
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://timofertas.com
Referer
https://timofertas.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtON7%2BWqSljPeIiH81m8x%2BEnc2OIyBz0wbo37rPVTy0lI%2F4Xot%2FAB3ZTg2HqQq1ZRF82D8QwL3%2Fb%2BffmFMiJ%2FerxaIkPr8EX7zDbiJenzsNz46Va8k%2BMsBYikMok%2FL1NPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5166ec11d406-FRA
access-control-allow-origin
https://timofertas.com
content-length
128
date
Fri, 27 Sep 2024 14:52:31 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
2b06bb1869026d2d.css
timofertas.com/_next/static/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/css/2b06bb1869026d2d.css
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb92d699fec1377afabffab42bb7cb1c6b0428d66cc2d13bb8002e364dfbd00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5899-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIXNuOg5EXetoU%2FHPWAILhPNtzigHHJH2GSLLgMQQll6UvVtNmvb8B%2BbjHn1P1TW%2Fb4QbxDCZx7dflZCcWVymprDrXCsclQSgDon6Xd1rlwudc0E%2BxEOJcNdo2NcNoHE2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5166fc45d406-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 14:52:31 GMT
content-type
text/css; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
46d2f1b70d0e73f2.css
timofertas.com/_next/static/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/css/46d2f1b70d0e73f2.css
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c8ffdad74698833ddef736c49c9d5061736c712b62f770555e944808845182

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"18fe-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZln55cCsrf9IDwerQI7oAkTVrgVAyULn8oRI8ULeBx3bhviR8wSjp67vxTZwGCE7hOg2%2Ff2%2FPswpZDgj8jFK9veC4uKdGvw9j6ihb144w3K2vYFoWLRyYeuDbLEX3DMDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5166fc4ed406-FRA
date
Fri, 27 Sep 2024 14:52:31 GMT
content-type
text/css; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
webpack-38cee4c0e358b1a3.js
timofertas.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/chunks/webpack-38cee4c0e358b1a3.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6a4-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vB93kGaN4fegwY%2BOJ6DqJ%2BB4URGg8Uaze%2F6fgXysf8P6mNQPrrTIN22RRSvC0AIQX087kPgPRcNwpG%2F74ZT2yHMUtvj3suKJL12Y8OPMM2PExPCVlI92tPEL5mkdzGjCOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c51697c18d406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
framework-3b5a00d5d7e8d93b.js
timofertas.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/chunks/framework-3b5a00d5d7e8d93b.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b16d4d6f2b70a8e1dfa5855ed23713c2520884fc2731e02cd7560e20fdf4f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"22702-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zP%2BERv%2BtJ%2FVE0mdv9N66cGrp%2FKvCxSdY%2FQUy9emSXpKg4f9iIrJOZbxmO2%2B%2B9Jbg3ZO%2FhARA6s%2BgKRfJTC0HWsECnez5gGj025lP5KTGVFHKoql4Qk8M5I3vn1tBo8mJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c51697c1cd406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
main-98e9b98642fcffbf.js
timofertas.com/_next/static/chunks/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/chunks/main-98e9b98642fcffbf.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dceb542b34b5aaab773fc57d788d689198daf8c993dc299797320bd48193e96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1443a-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3rBbIpgiHBoY3%2F5WJlPelnsTCpVRlkQaHYTmP64x9PjGLRbpEEo%2FHDOpdUwxxwfsVK96emWu9Dqn8WFZ1AB2ypSbXcwdpQC6EavGEG4JzPwaBQP7Xp06J%2Fl73ATCXVBNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c51697c1ed406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
_app-c55f09c4f37bd577.js
timofertas.com/_next/static/chunks/pages/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/chunks/pages/_app-c55f09c4f37bd577.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6cc06df2661f0917d41d94f54d8509551fd713155c27ea5960c4632949debf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"30309-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FefakjiVnV%2FFq437H7UyfsACPjDSUODXnSRm3m6Cxh2LG1XiCde%2FfLtMJIPaGCJ%2FJqk955dsGhHupnw2WxcKzV2SgPDw3lMlN32yDrMVS8k362F5XUDdvY9%2BxOpVp%2BdS%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c51697c20d406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
511-db8924ab3e15c3e4.js
timofertas.com/_next/static/chunks/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/chunks/511-db8924ab3e15c3e4.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85806fbc1ddea3091158fc82076d508e1702eca4eca85d8d090522ca7bce52bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"130ba-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tC8RfAZGdyFvNNjnMIqzRGojIaACKkdwL0T9FVAs1mEvhWIlpoXrIcUOokRkzenEGJhRHkHUQ67aUHfQh9bRzYgWxwAFxR7gU%2BSSqZzIuI2XPWjGssxZsljEQUmu1ANYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b19b0d406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
index-30fc1351fbb676e5.js
timofertas.com/_next/static/chunks/pages/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/chunks/pages/index-30fc1351fbb676e5.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89d95ff5df7b82fb99c3c2e1888c8f838c8d40f6ad91717c085bfafe24d65351

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1fd3-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMlYn6A3uUVQPyeywzizT5iE8ZqcU8KAAbArz4wLO%2BcAIVES32NL5puB5XHB47%2B%2BD3mUbRneVcdJwj1oCxRtRXAfNadZ5%2FDKeTT5cJj8mosZ4CU2%2F9VH03afmpZ8b22fZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b19b3d406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
_buildManifest.js
timofertas.com/_next/static/S4fns9bd9qcrZO3qvkDBm/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/S4fns9bd9qcrZO3qvkDBm/_buildManifest.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc4221710a48d99c7efe0ab97fb338819e8674787461069b6ba4368249ebb8db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"430-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjHr0DAPiyKF%2F6kZ%2BQCsYy3CqmoDOIpqWY7kdXf1Q1UIaqnhQ8I5zAi71znJDVcQ6Hb7w2urMfqzXdav5a5nO37VqAQZ7NvWJCWcO34r%2Bb7j7CJzwH%2BTgOJ8vP83pjWl6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b19b6d406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
_ssgManifest.js
timofertas.com/_next/static/S4fns9bd9qcrZO3qvkDBm/ 		77 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/S4fns9bd9qcrZO3qvkDBm/_ssgManifest.js
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"4d-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NrMHh85MjY%2Buz7fFAhMmTXFfS6PpD54L4Uy5qO1%2Bz3WzLBzW9AETr4TWH8IcNSKWaQmHvZhrZ%2FOfiXsAIOaPNl1CGOFlx5oRwrfNIklkzJLT%2FAmgICQJMXMSMCGd7NDJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b19b8d406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		240 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-59TXSNLT
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d687ddfb2516e7c5f7c75087f29977659a0322b878c688cd5142e8fa2e393f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 27 Sep 2024 14:52:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82594
x-xss-protection
0
server
Google Tag Manager
chat-ofertas
timofertas.com/ Frame 7E10 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/chat-ofertas
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb56c8184705c331b8c3db135a1b64bd2efebb529d0541fc307a579a0d31d16

Request headers

Referer
https://timofertas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c9c51699c61d406-FRA
content-encoding
br
content-type
text/html
date
Fri, 27 Sep 2024 14:52:31 GMT
last-modified
Wed, 18 Sep 2024 16:45:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcVxcbOViYEGxeCjWohYLZUJcLDNnu2y%2FBIrxQ2reAqY05MW88e%2FN8DGqwlUWJu7ppWSOID1wuVxBai%2FMHHu0lL4CVOZDBp%2FxEe0s8vBjRY17IFYCx38X89SeIEeOCS4lA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
timofertas.com/cdn-cgi/ Frame 7E10 		128 B
539 B 		Other
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/cdn-cgi/speculation
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://timofertas.com
Referer
https://timofertas.com/chat-ofertas

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4w9TkNQIhjniWNotUwEi7D6sFivQd%2Fmj%2B8smAiiIsDVJFGfqOWMhNavK3P22qq3PgKKAr%2Bwb4ow9nWcyJ1gTZ34PxwFnBdAVsvx3v8hoCMieMCbdjXJZXziHfeWVU6NOVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b098ad406-FRA
access-control-allow-origin
https://timofertas.com
content-length
128
date
Fri, 27 Sep 2024 14:52:31 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59TXSNLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
388e8bd6e88fb7955bb8f63bcdc3dbb5b359063ca1a1653ff9471c6bab2c8984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 14:52:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102766
x-xss-protection
0
server
Google Tag Manager
tim-sans-web-bold.471f4bc5.woff
timofertas.com/_next/static/media/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/media/tim-sans-web-bold.471f4bc5.woff
Requested by
Host: timofertas.com
URL: https://timofertas.com/_next/static/css/2b06bb1869026d2d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98fb67452157cc11af4ca058938f0b5017113eff4b911a942e27e8d05f2fb2b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://timofertas.com
Referer
https://timofertas.com/_next/static/css/2b06bb1869026d2d.css

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
W/"d1d4-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buQaqotzRRwgs7P%2FX%2BNaF76k16pCZI6CPPjORlV%2BYjQC67VXfljunu6LJRGYpvBqZcgcgdfM3o%2BNoTL%2FDemlR%2F9rhP6UTgThNgIeeNQkoY7hMu7rCdtHnUttqwP1lziOTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b8b08d406-FRA
accept-ranges
bytes
content-length
53716
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
font/woff
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
tim-sans-web-regular.1f672397.woff
timofertas.com/_next/static/media/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/media/tim-sans-web-regular.1f672397.woff
Requested by
Host: timofertas.com
URL: https://timofertas.com/_next/static/css/2b06bb1869026d2d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e422828bcdfcdf2cfd160a4058fceeb8ce80cc19549026271eab0981afca8064

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://timofertas.com
Referer
https://timofertas.com/_next/static/css/2b06bb1869026d2d.css

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
W/"cea4-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJAzYgz%2BidlJf4y1C9Y4buzDUYZr1KuY%2BdcOYMYXb17tRFYJBfwwMWqFZ10%2Fu5l%2FU94MYzPxMuSdyag9rr1uGGuKxVDrq70BUxYYxY9ZbxqMEZKfwKbPSZOlkCK3SPVwhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b8b0bd406-FRA
accept-ranges
bytes
content-length
52900
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
font/woff
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
tim_secundary.svg
timofertas.com/assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/assets/tim_secundary.svg
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ae373752d25ceb866ccb69cc4e5624881eb1083ffecb1226263693dc1250c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"ecc-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qq%2BsTWQoUgwm9tYP6mvr6OC5JjqeUOwmmETI0XFLWIIv0%2FzOuB59BaPOtlV9XWDaER76AqC4rXeiWmcnzLGvsQc3iuV9NIZ%2FCwJtvfX%2FznydBu8N7fYPIo4GzUTH1uV6%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b8af4d406-FRA
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
image
timofertas.com/_next/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/_next/image?url=%2Fassets%2Fbanner-girl.png&w=750&q=75
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51d0f633408e2b33f79d350cfe28849e91bf722d73517cddabc6ffa9a3075fad
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
cache-control
public, max-age=60, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
UdD2M0COKzP3nTUM-iiEnpG-ci1zUXzdq8b-qaMHX60=
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBM9sbUBQjLSp%2BPZGQLfcYEdPZVR0w9eS5wVpymMjSyAUckv4DxJ2NM%2Fy1zi6iiady20MtSoda8TKCo6MzPJmmvBOlPAjcaQ9Nk6K5ISR2gZDYQlIZUGOC7Wm%2F2TPVoqZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c516b8af6d406-FRA
alt-svc
h3=":443"; ma=86400
content-length
103252
x-nextjs-cache
STALE
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
image/webp
vary
Accept
server
cloudflare
content-disposition
inline; filename="banner-girl.webp"
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0SZQLHM90J&gtm=45je49p0v885982427z89180293570za200zb9180293570&_p=1727448751591&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=55111778.1727448752&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1727448752&sct=1&seg=0&dl=https%3A%2F%2Ftimofertas.com%2F&dt=TIM%20Controle&en=page_view&_fv=1&_nsi=1&_ss=2&ep.page_hostname=timofertas.com&ep.parceiro_checkout=oston&tfd=1732
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://timofertas.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0SZQLHM90J&cid=55111778.1727448752&gtm=45je49p0v885982427z89180293570za200zb9180293570&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://timofertas.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0SZQLHM90J&cid=55111778.1727448752&gtm=45je49p0v885982427z89180293570za200zb9180293570&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=104613859
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Sep 2024 14:52:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9KDNZXLXQY
Requested by
Host: timofertas.com
URL: https://timofertas.com/_next/static/chunks/main-98e9b98642fcffbf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7cba5c1fdc1a32a6274f4d3a153313cf76a1fd77289964b098efebd4feb5963f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 14:52:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104611
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9KDNZXLXQY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59TXSNLT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9bdef54ed50d057c857cf0748614b8ac8d45f4938aba5968b21c198373e54795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 14:52:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104514
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		234 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-475710043
Requested by
Host: timofertas.com
URL: https://timofertas.com/_next/static/chunks/main-98e9b98642fcffbf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
44d5dfccc5e486857211e79e768a6acf3195989be5e4c15c945eebfe24afa348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 14:52:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85910
x-xss-protection
0
server
Google Tag Manager
web
timofertas.com/tim-go/plans/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/tim-go/plans/web
Requested by
Host: timofertas.com
URL: https://timofertas.com/_next/static/chunks/pages/_app-c55f09c4f37bd577.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18039438ed31089d50065c6447c59965ea85b049d6c1be24e5614dc3fb28a6ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://timofertas.com/

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPw2Mzuim6oVM2pH7T2xgrPzxYtVl0QwpHwj5Lf0Upv5360Vi%2FHL%2Btot0U7fxDJgkmFso0AHUlHb9Ev5IJKlpQsl0ojJUs%2FyBx8LASfaiPlhyYWS%2BjPPau%2BQkOnF8rPTWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5171df55d406-FRA
apigw-requestid
exP7whbJoAMEbfg=
date
Fri, 27 Sep 2024 14:52:33 GMT
content-type
application/json
server
cloudflare
interactions
timofertas.com/tim-go/ 		483 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/tim-go/interactions
Requested by
Host: timofertas.com
URL: https://timofertas.com/_next/static/chunks/pages/_app-c55f09c4f37bd577.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274e0feb7317378aeab71be5edee613f0323408422841a3612e8091a1f3a2b32

Request headers

Referer
https://timofertas.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNmC5xAMR%2FRvCh1Ny1M3KQXHJEad95Jo8medmQeKAOze6O5vT0o3EejXvlexB1PggZAdKqz3LF4vE%2Fa3p6ZnJ0XN78PLho1QoLceIXoJLC73NQV0DqCTdYwPj2Ac9qbGKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c51720ff3d406-FRA
date
Fri, 27 Sep 2024 14:52:33 GMT
content-type
text/html; charset=utf-8
server
cloudflare
tim-sans-web-medium.456f1168.woff
timofertas.com/_next/static/media/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/_next/static/media/tim-sans-web-medium.456f1168.woff
Requested by
Host: timofertas.com
URL: https://timofertas.com/_next/static/css/2b06bb1869026d2d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3d1c91d3f870ff8b6ed12f29c83f895dc19dc6d6cc48c4ef88e6cb44bdfbf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://timofertas.com
Referer
https://timofertas.com/_next/static/css/2b06bb1869026d2d.css

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
W/"d854-191d721c7e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dm4xfcSPpGaGkzHsBNeAn%2FQ2ljfR3WJpZKKIiYHDxLt44Fkz1U2I4t9m2FtLi4Mi%2FWeS0mRaEtzevqA3dGwTMiO7ma78TuXLEvIHAvrb1UvhtQ4hUvlRTsR41qX8gwwG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c51727948d406-FRA
accept-ranges
bytes
content-length
55380
date
Fri, 27 Sep 2024 14:52:34 GMT
content-type
font/woff
last-modified
Mon, 09 Sep 2024 14:13:21 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9KDNZXLXQY&gtm=45je49p0v886925156za200zb9180293570&_p=1727448751591&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=55111778.1727448752&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1727448753&sct=1&seg=0&dl=https%3A%2F%2Ftimofertas.com%2F&dt=TIM%20Controle&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2776
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KDNZXLXQY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://timofertas.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:33 GMT
content-type
text/plain
server
Golfe2
whatsapp.svg
timofertas.com/assets/apps/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/assets/apps/whatsapp.svg
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1559a367199c9b763e5dfe95e3d3b83446089eb8c254ae7b7733c3a4fca838fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"4c0-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BjV7hTGQVLajN4xLMTjG9TgbW1dp4GyG7Z0GefVw2r%2FLQqV4QD9yfjFmKFVvZ5e97DmE7qcTrJnMMLjKRcVoQqfizTv9nfnccdmlz8WJFlevrmOxtFRLlquZpO8F4MVRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5177a960d406-FRA
date
Fri, 27 Sep 2024 14:52:35 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
messenger.svg
timofertas.com/assets/apps/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/assets/apps/messenger.svg
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c25a7a1a19f3a8c250111fdd6a60dcc0774c28f164e603bc4b68f979410eae5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"509-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2FnANgHLuFMtzpBktXmXMO4c%2FSqBUpFHUV%2Fq9MWrpDbudEftWgFUn9j016U2oRqH0Gl5BGN%2FhCEcG5Mv%2BRuJK%2F1cFNQXh0kXQEZQsmFbLOFrf6hdylC2bvhjEs5yDBn2CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5177a96bd406-FRA
date
Fri, 27 Sep 2024 14:52:34 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
facebook.svg
timofertas.com/assets/apps/ 		889 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/assets/apps/facebook.svg
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9721d21907a1e7af1378a65b43bb02ed880b9f765c76bc6097bbf3b50c5285da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"379-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FXy%2FwRnGYYzi5Q8i%2Bi4uGQoOW0kZF64bYuMydJFoTgv74TphmOLDb8fC6RjGs1I8U7CEvedNZApAGg7uQAHXiCHWzVM%2FEym3RfeEHeSNAziKN6mOk6icJL%2BN80dSwgJlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5177a96fd406-FRA
date
Fri, 27 Sep 2024 14:52:34 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
instagram.svg
timofertas.com/assets/apps/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/assets/apps/instagram.svg
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6efbf3f93433c91557aecb6e7df5363ef554c4df84b52c92b1f57042d8cb8d67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5df-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYMQiPUGgoJOH7EOfSsSI8mhN2zgEUcMyVRdI8uNFmopUaChbDiTL6i%2BiD8tD4p%2B5n%2F0IkGvxVxqmPaF3KlElbG8f6ejBkUY%2B%2BAn0AjYdZfAH%2BBk%2BiokeFRYI5df8rfIww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5177a973d406-FRA
date
Fri, 27 Sep 2024 14:52:34 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
twitter-white.svg
timofertas.com/assets/apps/ 		1 KB
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/assets/apps/twitter-white.svg
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc2b9b458f30a3894940c568e82f1c6eebcb8d858efd084066c8b97005927a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"443-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4kuspx%2BIdLyvTkNks42TIHbOIMVTEYQVpn7Kw9VA3%2FqBJvsF%2BeLiy7D0bY0ec50nw2mApUgAXWMHBxipSm1ZoR46VtHk9nnx94%2BvFmWB1MBeCfAlLdm1IXhtLAlo5W1N2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5177a976d406-FRA
date
Fri, 27 Sep 2024 14:52:34 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
twitter.svg
timofertas.com/assets/apps/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timofertas.com/assets/apps/twitter.svg
Requested by
Host: timofertas.com
URL: https://timofertas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1137c9f2a3194a81e7b274576553cb6833ef74626caa1f51349598d6481f1eed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"46e-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQiI6hS9tsLRqYsxQE2blPy%2BhUEdutGwZGX1Kd68ckbpSKHDHWxwzDHRjZxU9lDVWZeyGbM5Daht3I8Oay8cqS%2BXZx%2BpbygWowyWtL4aQP3NevNUBmoWEz%2FxEwCYnp9cgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5177a978d406-FRA
date
Fri, 27 Sep 2024 14:52:35 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
timofertas.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://timofertas.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af2bc2e086c58d9baddbf87c4a18615359a6a27cebccfb73d0daea9522fb295

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"e05-191d72083b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTZhAmSjZAbZqsodBRCUGsyaowbBjip0tbfHtWgKFgBCy9l41%2BkVIs9EpsfePsgQeTVcGUveoYvECnT57L3AeyoAGDQYgmT1dHLV1DKwtUwLC5t2AodgsBNGOIOFwcFvdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9c5179a8f8d406-FRA
date
Fri, 27 Sep 2024 14:52:34 GMT
content-type
image/x-icon
last-modified
Mon, 09 Sep 2024 14:11:58 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0SZQLHM90J&gtm=45je49p0v885982427z89180293570za200zb9180293570&_p=1727448751591&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=55111778.1727448752&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAC&_s=2&sid=1727448752&sct=1&seg=1&dl=https%3A%2F%2Ftimofertas.com%2F&dt=TIM%20Controle&en=page_view&ep.page_hostname=timofertas.com&ep.parceiro_checkout=oston&_et=696&tfd=7511
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://timofertas.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:37 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9KDNZXLXQY&gtm=45je49p0v886925156za200zb9180293570&_p=1727448751591&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=55111778.1727448752&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1727448753&sct=1&seg=0&dl=https%3A%2F%2Ftimofertas.com%2F&dt=TIM%20Controle&en=click&_et=3&tfd=7781
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KDNZXLXQY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://timofertas.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://timofertas.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 14:52:38 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| _ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| gtag function| onYouTubeIframeAPIReady

5 Cookies

Domain/Path Name / Value
.timofertas.com/ Name: _ga
Value: GA1.1.55111778.1727448752
.timofertas.com/ Name: _ga_0SZQLHM90J
Value: GS1.1.1727448752.1.1.1727448752.60.0.0
timofertas.com/ Name: IAMOston
Value: 57b7b4ac-7062-4c25-96b9-4be87e706110
timofertas.com/ Name: __ost.version
Value: a
.timofertas.com/ Name: _ga_9KDNZXLXQY
Value: GS1.1.1727448753.1.0.1727448753.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://timofertas.com/tim-go/interactions
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
timofertas.com
www.google.de
www.googletagmanager.com
142.250.186.67
142.250.186.72
172.67.129.62
2001:4860:4802:34::36
216.239.32.36
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9a
0c25a7a1a19f3a8c250111fdd6a60dcc0774c28f164e603bc4b68f979410eae5
0fb92d699fec1377afabffab42bb7cb1c6b0428d66cc2d13bb8002e364dfbd00
1137c9f2a3194a81e7b274576553cb6833ef74626caa1f51349598d6481f1eed
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1559a367199c9b763e5dfe95e3d3b83446089eb8c254ae7b7733c3a4fca838fe
18039438ed31089d50065c6447c59965ea85b049d6c1be24e5614dc3fb28a6ba
1c3d1c91d3f870ff8b6ed12f29c83f895dc19dc6d6cc48c4ef88e6cb44bdfbf7
274e0feb7317378aeab71be5edee613f0323408422841a3612e8091a1f3a2b32
368156d648201cc17887bbbc6fa9d8e06bbb3e2a7af22f6943f7dfb6de8388c7
388e8bd6e88fb7955bb8f63bcdc3dbb5b359063ca1a1653ff9471c6bab2c8984
44d5dfccc5e486857211e79e768a6acf3195989be5e4c15c945eebfe24afa348
51d0f633408e2b33f79d350cfe28849e91bf722d73517cddabc6ffa9a3075fad
5dc2b9b458f30a3894940c568e82f1c6eebcb8d858efd084066c8b97005927a7
6af2bc2e086c58d9baddbf87c4a18615359a6a27cebccfb73d0daea9522fb295
6efbf3f93433c91557aecb6e7df5363ef554c4df84b52c92b1f57042d8cb8d67
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
75ae373752d25ceb866ccb69cc4e5624881eb1083ffecb1226263693dc1250c7
7cba5c1fdc1a32a6274f4d3a153313cf76a1fd77289964b098efebd4feb5963f
85806fbc1ddea3091158fc82076d508e1702eca4eca85d8d090522ca7bce52bf
89d95ff5df7b82fb99c3c2e1888c8f838c8d40f6ad91717c085bfafe24d65351
8b6cc06df2661f0917d41d94f54d8509551fd713155c27ea5960c4632949debf
8dceb542b34b5aaab773fc57d788d689198daf8c993dc299797320bd48193e96
8fb56c8184705c331b8c3db135a1b64bd2efebb529d0541fc307a579a0d31d16
9721d21907a1e7af1378a65b43bb02ed880b9f765c76bc6097bbf3b50c5285da
98fb67452157cc11af4ca058938f0b5017113eff4b911a942e27e8d05f2fb2b1
9bdef54ed50d057c857cf0748614b8ac8d45f4938aba5968b21c198373e54795
c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a
cc4221710a48d99c7efe0ab97fb338819e8674787461069b6ba4368249ebb8db
d687ddfb2516e7c5f7c75087f29977659a0322b878c688cd5142e8fa2e393f2c
d6b16d4d6f2b70a8e1dfa5855ed23713c2520884fc2731e02cd7560e20fdf4f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422828bcdfcdf2cfd160a4058fceeb8ce80cc19549026271eab0981afca8064
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6c8ffdad74698833ddef736c49c9d5061736c712b62f770555e944808845182