urlscan.io logo urlscan.io
SecurityTrails logo

checkout.timlive.tim.com.br Open in urlscan Pro
54.94.187.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://checkout.timlive.tim.com.br/
Effective URL: https://checkout.timlive.tim.com.br/
Submission: On December 11 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 7 countries across 20 domains to perform 61 HTTP transactions. The main IP is 54.94.187.157, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is checkout.timlive.tim.com.br.
TLS certificate: Issued by Amazon on April 11th 2022. Valid for: a year.
This is the only time checkout.timlive.tim.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.207.4.156 16509 (AMAZON-02)
12 54.94.187.157 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
1 18.66.97.10 16509 (AMAZON-02)
2 54.246.204.4 16509 (AMAZON-02)
4 23.11.206.10 20940 (AKAMAI-ASN1)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 52.222.236.63 16509 (AMAZON-02)
1 18.66.147.29 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 212.82.100.181 34010 (YAHOO-IRD)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.14 16509 (AMAZON-02)
1 18.66.112.93 16509 (AMAZON-02)
4 2a05:d018:94a... 16509 (AMAZON-02)
2 99.80.34.195 16509 (AMAZON-02)
61 25
1    54.207.4.156 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-4-156.sa-east-1.compute.amazonaws.com
checkout.timlive.tim.com.br
12    54.94.187.157 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
checkout.timlive.tim.com.br
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2490:3600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com
2    54.246.204.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-204-4.eu-west-1.compute.amazonaws.com
smct.co
4    23.11.206.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-11-206-10.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.147.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net
vars.hotjar.com
2    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
5    2606:4700:10::6816:3aad (United States)

ASN13335 (CLOUDFLARENET, US)
js.smct.io
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    13.32.99.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-14.fra60.r.cloudfront.net
ls.smct.co
1    18.66.112.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-93.fra56.r.cloudfront.net
d2d7do8qaecbru.cloudfront.net
4    2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cognito-identity.eu-west-1.amazonaws.com
2    99.80.34.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-34-195.eu-west-1.compute.amazonaws.com
firehose.eu-west-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
13 tim.com.br
checkout.timlive.tim.com.br
1 MB
6 amazonaws.com
cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 11576
firehose.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 13258
3 KB
5 smct.io
js.smct.io — Cisco Umbrella Rank: 36922
86 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 789
97 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
198 KB
3 smct.co
smct.co — Cisco Umbrella Rank: 23735
ls.smct.co — Cisco Umbrella Rank: 85256
19 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 652
script.hotjar.com — Cisco Umbrella Rank: 797
vars.hotjar.com — Cisco Umbrella Rank: 929
88 KB
3 gstatic.com
fonts.gstatic.com
47 KB
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1199
878 B
2 google.de
www.google.de — Cisco Umbrella Rank: 7952
608 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 6986
www.google.com — Cisco Umbrella Rank: 2
847 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
203 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
506 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 449
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
152 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
429 KB
1 cloudfront.net
d2d7do8qaecbru.cloudfront.net
818 B
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 3551
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
61 20
Domain Requested by
13 checkout.timlive.tim.com.br 1 redirects checkout.timlive.tim.com.br
5 js.smct.io smct.co
js.smct.io
4 cognito-identity.eu-west-1.amazonaws.com js.smct.io
4 analytics.tiktok.com checkout.timlive.tim.com.br
analytics.tiktok.com
4 connect.facebook.net checkout.timlive.tim.com.br
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
2 firehose.eu-west-1.amazonaws.com js.smct.io
2 sp.analytics.yahoo.com checkout.timlive.tim.com.br
2 www.google.de checkout.timlive.tim.com.br
2 www.facebook.com checkout.timlive.tim.com.br
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 s.yimg.com checkout.timlive.tim.com.br
s.yimg.com
2 smct.co checkout.timlive.tim.com.br
js.smct.io
2 www.google-analytics.com www.googletagmanager.com
checkout.timlive.tim.com.br
2 www.googletagmanager.com checkout.timlive.tim.com.br
www.googletagmanager.com
2 cdn.jsdelivr.net checkout.timlive.tim.com.br
cdn.jsdelivr.net
1 d2d7do8qaecbru.cloudfront.net js.smct.io
1 ls.smct.co js.smct.io
1 www.google.com checkout.timlive.tim.com.br
1 region1.analytics.google.com www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 fonts.googleapis.com checkout.timlive.tim.com.br
61 25

This site contains links to these domains. Also see Links.

Domain
www.timlive.tim.com.br
Subject Issuer Validity Valid
timlive.tim.com.br
Amazon		 2022-04-11 -
2023-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-20 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.dwin1.com
Amazon		 2022-11-03 -
2023-12-01		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
smct.co
Amazon		 2022-04-17 -
2023-05-16		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-28 -
2023-01-18		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2023-02-01		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.intent.ly
Amazon		 2022-06-26 -
2023-07-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
cognito-identity.eu-west-1.amazonaws.com
Amazon		 2022-06-07 -
2023-07-06		 a year crt.sh
firehose.eu-west-1.amazonaws.com
Amazon		 2022-06-08 -
2023-05-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://checkout.timlive.tim.com.br/
Frame ID: 0EC5EC0AD336B340A3CD198EC5988A67
Requests: 55 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 26345E99A8205BF7E17A0780BE5E8136
Requests: 1 HTTP requests in this frame

Frame: https://ls.smct.co/lse1.3.html
Frame ID: FF6972BBE60B2396C2AA7D98F761E740
Requests: 1 HTTP requests in this frame

Frame: https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Frame ID: FF50F18115DDDF773531A877AB9116B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checkout - TIM Live

Page URL History Show full URLs

  1. http://checkout.timlive.tim.com.br/ HTTP 301
    https://checkout.timlive.tim.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

61
Requests

100 %
HTTPS

58 %
IPv6

20
Domains

25
Subdomains

25
IPs

7
Countries

2642 kB
Transfer

4651 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://checkout.timlive.tim.com.br/ HTTP 301
    https://checkout.timlive.tim.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
checkout.timlive.tim.com.br/
Redirect Chain
  • http://checkout.timlive.tim.com.br/
  • https://checkout.timlive.tim.com.br/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
3caf4dc47d0c30596d9f5713ab9a5a34f83297d56d9da5d8824732a400a34fd5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
1428
content-type
text/html
date
Sun, 11 Dec 2022 21:58:43 GMT
etag
"638897eb-594"
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Sun, 11 Dec 2022 21:58:43 GMT
Location
https://checkout.timlive.tim.com.br:443/
Server
awselb/2.0
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Dec 2022 21:58:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 20:46:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Dec 2022 21:58:44 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		321 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f8c6f48ea217d6c394c68e1a68f2958169d972c7b435f4d71361e57c26e411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
919
x-jsd-version
7.0.96
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA, cache-itm18849-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"505a4-INFSF/VcDY3YGq5QRH3rBHuiXOA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZQdPFKULqWSFIB0LlPg1ThDI3FTzSTjQTILG%2FWPD4kEjA8mabNctVomHAH7qiAiC6WZ0HFbohjX32QCYu1U86MgxXlbqFuidzEvmI0ZwO0jSyx5jq01olp75lzUWP%2FPQ0MiYBhpIycKwb677Ic%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77817bbd7ddcbb85-FRA
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae29aca4941d6dde6ec82482df58cbe6bb011ebf57cf516abd9bbba5e95f7c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://checkout.timlive.tim.com.br/
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 21:58:44 GMT
content-md5
9yHTQ6FGxXFWZ1SIzjA35A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
3HJ2TuemJpzfFSZCWV4oGY6+QIBe7TN9xmca20yv6GWrLdB+VBHnG2/Mbc7172A31siX9mqLJf9J1zdedaNAxA==
x-fb-trip-id
686109401
x-fb-content-md5
27ef9bbe51137dd796409ef7ce03d8f9
cross-origin-opener-policy
same-origin-allow-popups
etag
"37a9e8a52186c6c01641e96e28c9e3b5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 22:15:34 GMT
app.e94b7b90.css
checkout.timlive.tim.com.br/css/ 		101 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout.timlive.tim.com.br/css/app.e94b7b90.css
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
19aa3cf2e78b26f550aac28fbf86dcdd08fe4459cad8e42eeef1e2174200f11d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:44 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-19237"
content-length
102967
content-type
text/css
chunk-vendors.9b0e4999.css
checkout.timlive.tim.com.br/css/ 		365 KB
365 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout.timlive.tim.com.br/css/chunk-vendors.9b0e4999.css
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
719622cbf5bbbe0b5246ba5b11e93f7066da83a10541e898192ce8515b29522a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:44 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-5b259"
content-length
373337
content-type
text/css
app.058d4240.js
checkout.timlive.tim.com.br/js/ 		198 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.timlive.tim.com.br/js/app.058d4240.js
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
65f4c48ba988561ab14157af320663bd728b12b8a2cc60d95efb8436774c52a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:44 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-317bf"
content-length
202687
content-type
application/javascript
chunk-vendors.05097fd5.js
checkout.timlive.tim.com.br/js/ 		707 KB
708 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.timlive.tim.com.br/js/chunk-vendors.05097fd5.js
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
21a47f52c52ba74b3334b1d2093a90098c1ffe8361ea1e69427ede43c2082411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:44 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-b0a8c"
content-length
723596
content-type
application/javascript
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2a32506cfd3b4e4bc46c8905b57a1cd2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
503c69a5f1470e791eb389efcc02a9792b0e3201f5e7646cad3d6d2b60e20c79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://checkout.timlive.tim.com.br/
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 21:58:44 GMT
content-md5
mAd3+JYwpJxic4qDc8eD+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86999
x-fb-rlafr
0
x-fb-debug
Vdqav1pAc/RDNadEnyD3ddfMxg3+pPEB9A7XOOOzg9gCeb8WhZRfLR3lntWEjRur3unGQKeCdggAsGuQ2SNvHQ==
x-fb-trip-id
686109401
x-fb-content-md5
5320d1d3991e9b1af6c7d06c7f0f6ab6
cross-origin-opener-policy
same-origin-allow-popups
etag
"bcc2d75ac1eb9c9ea34fb1cd90e3dafe"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 11 Dec 2023 18:11:23 GMT
gtm.js
www.googletagmanager.com/ 		244 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NRVVWLB
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/js/chunk-vendors.05097fd5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a678d1918cb89ea975a3d3f8e339a7a95af7639e2c940259d5f93d1114f1c0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77187
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Dec 2022 21:58:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
267390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 19:42:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
537233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:44:52 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 		376 KB
377 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.0.96
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
401
x-jsd-version
7.0.96
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
385360
x-served-by
cache-fra19169-FRA, cache-cdg20739-CDG
x-jsd-version-type
version
server
cloudflare
etag
W/"5e150-B+H0GsmracemE1oJDPZWmLaNcQM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77HXZDS8u%2B0uVajWC3efUUImIyVJsTeuawE0DznL57GlKQVCJBizG08SrtfNeNFIMwk5Q07QO6IYKsU0TP0a5G5uNZJ%2FibXcIQMLqwZXKe6agGkIVF3p%2B6%2FXYFxDTPYNCSYnEvwbZlKfE0LQf44%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77817bc81dcabb59-FRA
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
295145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 11:59:40 GMT
logo_tim.svg
checkout.timlive.tim.com.br/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkout.timlive.tim.com.br/assets/logo_tim.svg
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
6ed4ae511bd56081cd526c08d43c0603b4982eb5c6fef0aac79fb578400be8d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:45 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-fe6"
content-length
4070
content-type
image/svg+xml
icon-arrow-forward.7bcfdf24.svg
checkout.timlive.tim.com.br/img/ 		347 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkout.timlive.tim.com.br/img/icon-arrow-forward.7bcfdf24.svg
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ced2745486869cf76816f96b54006fe3efc60fdf6c49d2e482eae4878ef57ec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:45 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-15b"
content-length
347
content-type
image/svg+xml
ssl.png
checkout.timlive.tim.com.br/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkout.timlive.tim.com.br/assets/ssl.png
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
89c8c179fdcf590c4a2280cdec2268e03aacdd55c63c0ccb018077b66da2dbda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:45 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-2ebc"
content-length
11964
content-type
image/png
aws-web-services.png
checkout.timlive.tim.com.br/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkout.timlive.tim.com.br/assets/aws-web-services.png
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
3c036a5c40fd66483fe24b26d5510d47752286e582168b168dac8f288867a820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:45 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-1cc6"
content-length
7366
content-type
image/png
logo-tim-azul.svg
checkout.timlive.tim.com.br/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkout.timlive.tim.com.br/assets/logo-tim-azul.svg
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
f19d3089f890caa27dcd93a5dca0458baf5a214c10f81d4a5a52221cd5755216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:45 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-787"
content-length
1927
content-type
image/svg+xml
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRVVWLB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 21:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2046
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 11 Dec 2022 23:24:40 GMT
32317.js
www.dwin1.com/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/32317.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRVVWLB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f3285e650e035bb565be3dd2db986119652c55d795a0a6882930006b43abef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
tpmOVOZN4OG5e8WeuFWiHI0eteuPmdi1
content-encoding
gzip
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
date
Sun, 11 Dec 2022 21:51:01 GMT
x-amz-cf-pop
FRA56-P6
age
465
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Dec 2022 11:23:23 GMT
server
AmazonS3
etag
W/"d597cb23163c19da643a7bdede9d408d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
cN6rZnk2rIbRymSzkQpm_aCTrCzTunLljx9fhOAbSDWtdLZrTENh2w==
hotjar-1328257.js
static.hotjar.com/c/ 		232 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1328257.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRVVWLB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
ebb21dd1fc9e0fa45212e9108b4bae9092fa204e66efa03bf458460a150d5260
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
53
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/32faf9cad9977da65a10420b615c2e91
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
dRl3ddcvmK6TKm6dw6_-wQGgb2uw6Y76fBTWQnPwKG1ph3Gqj9jbow==
/
smct.co/tm/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smct.co/tm/?t=timlive.tim.com.br
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.204.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-204-4.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b6721e53bcb4febb066bc9f35775576fbca8074e5ad417cf2fc456828f55e7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 11 Dec 2022 21:58:46 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=900
Connection
keep-alive
Content-Length
3687
Expires
Sun, 11 Dec 2022 22:13:46 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9C233JC77U7KEORDOH0&lib=ttq
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ef7ae464625044ea387301a74576ab068c2b1e9997fcbc04c2099815db4ebd11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
a9affdff.7914ee66
date
Sun, 11 Dec 2022 21:58:46 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-11-206-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time
123,23.11.206.6
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=37, inner; dur=3
content-length
1082
pragma
no-cache
server
nginx
x-tt-logid
202212112158465C7590956D0D814DC812
x-cache-remote
TCP_MISS from a23-220-104-20.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
37,23.220.104.20
x-tt-trace-host
018debac48b254c96e084d365932782b4d1c4bed7403c7ed93d4e9fe227289ffbaac73d3743b5ff4496d0fd30927503af5a01d158b1800410c55dd1ad51f04e5c8f43c4526061f8a8361075f0eb261e9b8ab368f65c566d5d6918de236033467c5
expires
Sun, 11 Dec 2022 21:58:46 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 11 Dec 2022 21:58:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27317
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
HHm+VZh+/k52yd0K1kwmyDrehQb8qL52SamBouWKJZX9pxm/7lfmYkUBl+P7x0kNOcAmMGEb38oRQDf0zQ1UuA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:07 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
00DQ9C6MZSQ2B1EV
age
40
x-amz-server-side-encryption
AES256
x-amz-id-2
FSPfRg9ZmH+Nxv2iGeuUhU8vwJE7P2lsOEajr1ooEshnweJp1NznJTTb3SH5LTTDuhjRv1yATh8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		221 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRVVWLB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76a98a541dae6ad185492a129f69e0bd34c9f0e73884f912556ba165d661d13b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77495
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 11 Dec 2022 21:58:46 GMT
475649646925755
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/475649646925755?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1cee6cccb8807d095430b926725d06cd8f27d3a6bc3775f37e96b53023b380a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 11 Dec 2022 21:58:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KFqa6XbJE9K8SaryAqV/2NKXR2uwbGKVVh2/0cLfV4xVernrDHwbjgio+AgQ05j5AfMg7jO/Dd94rsqDac7YwQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
TIMSansWeb-Medium.562f8f8b.woff2
checkout.timlive.tim.com.br/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout.timlive.tim.com.br/fonts/TIMSansWeb-Medium.562f8f8b.woff2
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/css/app.e94b7b90.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
5891e62800c4390940b4fb8c7bce51a76a10100cce30c7332e79348a1d13d2cb

Request headers

Referer
https://checkout.timlive.tim.com.br/css/app.e94b7b90.css
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:46 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-a554"
content-length
42324
content-type
font/woff2
TIMSansWeb-Bold.56de4834.woff2
checkout.timlive.tim.com.br/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout.timlive.tim.com.br/fonts/TIMSansWeb-Bold.56de4834.woff2
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/css/app.e94b7b90.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.187.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-187-157.sa-east-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e5cf600f3eb35157e811757e4113b20cae15499aee24156a3510e607e139d47b

Request headers

Referer
https://checkout.timlive.tim.com.br/css/app.e94b7b90.css
Origin
https://checkout.timlive.tim.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:46 GMT
last-modified
Thu, 01 Dec 2022 12:02:51 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"638897eb-a38c"
content-length
41868
content-type
font/woff2
modules.bc0a4c72d88d266f15af.js
script.hotjar.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1328257.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
372220
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68590
last-modified
Wed, 07 Dec 2022 14:34:24 GMT
etag
"2375e31c5dc0ca09d740bee5c1486c2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
si3pbjdlNnRmKqxQRjIyO6SIuTFE17acc7Lo5sqZjkPiiXGcwKEe1Q==
10186859.json
s.yimg.com/wi/config/ 		46 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10186859.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
a23fcf51ed44e08bb5900bdfb20c09d637adedd4ad71c3fcfbc72a297fb988bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:47 GMT
x-amz-version-id
Y9AT.IeGaevLWEszeQUFrk8ufyDrSLxA
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
3GMQZ9YYX8XBYXT4
age
0
x-amz-server-side-encryption
AES256
content-length
46
x-amz-id-2
KUI+GOAbzkV2jRoiH3fbSvkMZFXviM+mpQZtpFKvbS2HvbM923T6ZOMsAbXxroxdIDvVM4/efAQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 14 Sep 2022 20:58:23 GMT
server
ATS
etag
"45ba5ea3adee33a1296846dfd7f88d3b"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 2634 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1328257.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-29.fra60.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://checkout.timlive.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1586920
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-id
P6qdR0KzrZvvK_qm61Cx2H2bDsz33zuUf4Izc2SD0XnBq-6q8kvG6A==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19358192-1&cid=1061087118.1670795926&jid=112791734&gjid=1013187429&_gid=1447406041.1670795926&_u=YGBAiEABBAAAAEAAI~&z=5182581
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.timlive.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Dec 2022 21:58:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout.timlive.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=139660994&t=pageview&_s=1&dl=https%3A%2F%2Fcheckout.timlive.tim.com.br%2F&ul=en-us&de=UTF-8&dt=Checkout%20-%20TIM%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=112791734&gjid=1013187429&cid=1061087118.1670795926&tid=UA-19358192-1&_gid=1447406041.1670795926&gtm=2wgbu0NRVVWLB&cd26=WOOZA&z=1717761474
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69375
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=475649646925755&ev=PageView&dl=https%3A%2F%2Fcheckout.timlive.tim.com.br%2F&rl=&if=false&ts=1670795926172&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670795926171.31387384&it=1670795925974&coo=false&rqm=GET
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 11 Dec 2022 21:58:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0SZQLHM90J&gtm=2oebu0&_p=139660994&_gaz=1&cid=1061087118.1670795926&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670795926&sct=1&seg=0&dl=https%3A%2F%2Fcheckout.timlive.tim.com.br%2F&dt=Checkout%20-%20TIM%20Live&en=page_view&_fv=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 21:58:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout.timlive.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0SZQLHM90J&cid=1061087118.1670795926&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 21:58:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout.timlive.tim.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0SZQLHM90J&cid=1061087118.1670795926&gtm=2oebu0&aip=1&z=1324941201
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 21:58:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2011%20Dec%202022%2021%3A58%3A46%20GMT&n=0&b=Checkout%20-%20TIM%20Live&.yp=10186859&f=https%3A%2F%2Fcheckout.timlive.tim.com.br%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 21:58:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sun, 11 Dec 2022 21:58:46 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Checkout%20-%20TIM%20Live&.yp=10186859&f=https%3A%2F%2Fcheckout.timlive.tim.com.br%2F&enc=UTF-8&yv=1.13.0&et=custom&ea=TIM-Residencial_Pageview&tagmgr=gtm
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 21:58:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sun, 11 Dec 2022 21:58:46 GMT
csp.js
js.smct.io/csp/ 		0
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/csp/csp.js
Requested by
Host: smct.co
URL: https://smct.co/tm/?t=timlive.tim.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:46 GMT
x-amz-version-id
null
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
42233
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 23 Oct 2019 09:31:23 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
77817bcb19539948-FRA
x-amz-cf-id
xniOmitVbaBtgl-ySEZJjVZPVSlLAfSZHh2H4SgjT66gwclM_JpUew==
expires
Tue, 10 Jan 2023 21:58:46 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19358192-1&cid=1061087118.1670795926&jid=112791734&_u=YGBAiEABBAAAAEAAI~&z=492964418
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 21:58:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19358192-1&cid=1061087118.1670795926&jid=112791734&_u=YGBAiEABBAAAAEAAI~&z=492964418
Requested by
Host: checkout.timlive.tim.com.br
URL: https://checkout.timlive.tim.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 21:58:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag-v5.82.js
js.smct.io/t/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/t/tag-v5.82.js
Requested by
Host: smct.co
URL: https://smct.co/tm/?t=timlive.tim.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0aa8794eae4d207f8bffd02baf1c4e2f1551f252caaf6c86e06395d309183c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:46 GMT
via
1.1 81f818adbacff6b703252be1c8922598.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
9bZhMk5yhvRYRoAMPL5RHw6KWzQRGuO6
cf-cache-status
HIT
x-amz-cf-pop
SFO5-P1
age
1088915
cf-polished
origSize=64743
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Dec 2021 15:33:27 GMT
server
cloudflare
etag
W/"6d929373de70394705721f34eac432f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
77817bcb7bf0bb77-FRA
x-amz-cf-id
A676HkMI71IFKZXLGPp0mB1iOYV8y9SPkvTERv_eRUUzDPnokEgNig==
main.MTRjZDliOGFlMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		224 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9C233JC77U7KEORDOH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fc715754a044353a83fb71d4aef986b53be4033614936deb8f001eb4fa7d13de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
7914ef23
date
Sun, 11 Dec 2022 21:58:46 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20221201150725E507FB4BDF2897A8F752
vary
Accept-Encoding
x-cache
TCP_HIT from a23-11-206-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01954fa7fc4c4874ca9340fbbc8714fab9d94065934c193b9c6dbec284e2ca8f8ff51a12d1e1a523d17f782f39a2bb8ae4e54f6396902aabf3a70a0477d47d668894e7d543558a39e4ebdf5b86e10a955a
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
64704
identify_87671.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_87671.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
7914ef7d
date
Sun, 11 Dec 2022 21:58:46 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2022102513233020C275E8C1FA67700B5E
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-11-206-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0173631bb197fc90bd07563af4e3ce938162821bccb90a8ec261f6ae4cc068e709822da8cadae340b9a7273e12a5bf18e8f1f817baa10e226046c43d7a48f08218ed6c493930f43cee98dccaa455c31001
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
30918
pixel
analytics.tiktok.com/api/v2/ 		0
688 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjZDliOGFlMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://checkout.timlive.tim.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
78a51ba8.7914efb9
date
Sun, 11 Dec 2022 21:58:46 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-11-206-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time
166,23.11.206.6
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=80, inner; dur=78
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221211215846F075D87CBE75F72D3D47
x-cache-remote
TCP_MISS from a23-220-104-26.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
80,23.220.104.26
x-tt-trace-host
018debac48b254c96e084d365932782b4d1c4bed7403c7ed93d4e9fe227289ffba3017af141e4232a8157e444659a0e1be3b286308d11f971fee5f1f1bb72f2cb62280c4d2206c0da55835d2be9e647be401eca85b485a0e7df79e791102a75a63
expires
Sun, 11 Dec 2022 21:58:46 GMT
lse1.3.html
ls.smct.co/ Frame FF69 		2 KB
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.smct.co/lse1.3.html
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
017217e952a763a6a3ac2688bb3c1c17db0a42721148434b9060158bd08716d6

Request headers

Referer
https://checkout.timlive.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63237
content-encoding
gzip
content-type
text/html
date
Sun, 11 Dec 2022 04:24:49 GMT
etag
W/"209c7964d2f1416735fde2c6d1a50b77"
last-modified
Thu, 13 Aug 2020 15:19:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-id
4j9xrpeRlHAwN80YIBM-69WzsqYisTGt7YDGdHtyc5Gvl7Yl9VGaSg==
x-amz-cf-pop
FRA60-P3
x-amz-version-id
null
x-cache
Hit from cloudfront
events-1.6.0.min.js
js.smct.io/e/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/e/events-1.6.0.min.js
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:46 GMT
x-amz-version-id
86Alo3RvPHIXLLAe0m5WQhsYLYOyKnIX
via
1.1 5e3db235184770510999a272e515dfbc.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
SFO5-P1
age
1088952
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 Mar 2021 13:16:37 GMT
server
cloudflare
etag
W/"a1075fa3d276bd62722dbc87d77a8e62"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
77817bcc4dd7bb77-FRA
x-amz-cf-id
-ITQ8VSpQSeyC4ySz7JXtt_QONoI1CGOZoVkoZKZe37nlIXED_osSg==
lse1.1.html
d2d7do8qaecbru.cloudfront.net/live/ Frame FF50 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f

Request headers

Referer
https://checkout.timlive.tim.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 11 Dec 2022 21:58:47 GMT
etag
W/"1de5ff62ceb05bb85f2813d8103b063a"
last-modified
Wed, 06 Nov 2019 12:06:42 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id
aR3UaNxC3kf3MTxlxixIm5OTUDcbeWJZ9PZLs-QMON58lppgwhTuKw==
x-amz-cf-pop
FRA56-P5
x-amz-version-id
3RRTSIWom4dpK6VxcP0BNx5_6oQ0Pvyu
x-cache
RefreshHit from cloudfront
/
cognito-identity.eu-west-1.amazonaws.com/ 		63 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
92eecdfce763cd25e612e33353fc686173084e59320bcb61f237e3ec821ae416
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://checkout.timlive.tim.com.br/
X-AMZ-TARGET
AWSCognitoIdentityService.GetId
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Sun, 11 Dec 2022 21:58:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
30886751-bc74-401d-b9cc-7275ec8ecbe0
content-length
63
content-type
application/x-amz-json-1.1
/
cognito-identity.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://checkout.timlive.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sun, 11 Dec 2022 21:58:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
6629f036-b76e-4468-8a41-53869db499e8
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=475649646925755&ev=Microdata&dl=https%3A%2F%2Fcheckout.timlive.tim.com.br%2F&rl=&if=false&ts=1670795926681&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Checkout%20-%20TIM%20Live%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.2.1670795926171.31387384&it=1670795925974&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 11 Dec 2022 21:58:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
cognito-identity.eu-west-1.amazonaws.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
751e01fb7a5879ed21ddb0cbea5d115d3790a936edc1b9c73d270a3af7650ef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://checkout.timlive.tim.com.br/
X-AMZ-TARGET
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Sun, 11 Dec 2022 21:58:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
8365d62c-8717-488c-ae0d-9eb4f2d6af2c
content-length
1776
content-type
application/x-amz-json-1.1
/
cognito-identity.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://checkout.timlive.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sun, 11 Dec 2022 21:58:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
8b666ed6-f9d5-41e6-a28e-04caddc0a3da
smcJQ-v3.4.1.js
js.smct.io/jq/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/jq/smcJQ-v3.4.1.js
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9420936496b0a7f806aa1cab5e50987d67bd6e7567d8247c9f830d49d761ff39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:47 GMT
via
1.1 d12bde5a2ea0d10baee074491310084a.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
null
cf-cache-status
HIT
x-amz-cf-pop
SFO5-P1
age
1088796
cf-polished
origSize=88927
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 25 Mar 2020 10:00:55 GMT
server
cloudflare
etag
W/"151a5fe9437f4aad77efbc017cce9218"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=2678400
cf-ray
77817bd02e6fbb77-FRA
x-amz-cf-id
r9AEw_UFfiqJHMLeU_pgjlAdiEvHHLxgg8Pmmqx1BgwNQZH7GtAlQQ==
overlays-v5.82.js
js.smct.io/o/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smct.io/o/overlays-v5.82.js
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a4bd40f86075445b666128fa2d797170da1cab91f2865c5682e1f7e6a3008d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 21:58:47 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
xTY0bHCvcpR8xIc.nl_GmwH71cBnZ5Xb
cf-cache-status
HIT
age
309471
x-amz-cf-pop
FRA56-P5
cf-polished
origSize=75546
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Dec 2021 15:33:48 GMT
server
cloudflare
etag
W/"820206d7577ff3e966b1fd12c6cf431a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
77817bd0af99bb77-FRA
x-amz-cf-id
0mjWpTmqNgW98sOXyc2CyylenXA3pD1-JUkoQqtHasyDqiw8MAUDqw==
1
smct.co/ov5/load/4297/74283/ 		54 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://smct.co/ov5/load/4297/74283/1
Requested by
Host: js.smct.io
URL: https://js.smct.io/o/overlays-v5.82.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.204.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-204-4.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
504bc993c08aef2fc0e123b929bfdfd4c33c1d45a9b1c8e3a077a1152d9e8982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.timlive.tim.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
cache
Date
Sun, 11 Dec 2022 21:58:47 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
smc-lt
Cache-Control
max-age=900
Connection
keep-alive
smc-lt
0.013978,C:0
Content-Length
13737
Expires
Sun, 11 Dec 2022 22:13:47 GMT
/
firehose.eu-west-1.amazonaws.com/ 		299 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firehose.eu-west-1.amazonaws.com/
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.34.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
692a38ef71f1827e12642086c0a596ef11c0bc400df3867eb5ae3dac4dead417

Request headers

accept-language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=ASIAX2DUJRE46LE7ASZZ/20221211/eu-west-1/firehose/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-target, Signature=1fc6e02f270335ebc843929efb4cb195bda7a0111bead88353665abc6fa7203b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type
application/x-amz-json-1.1
x-amz-security-token
IQoJb3JpZ2luX2VjEG4aCWV1LXdlc3QtMSJIMEYCIQD/MYP+A1BYX67PnOyq9jEKQ4+ElqlGFI53mQNvDtFmcwIhAJOeq0TIspXBxPeU37Nrc2nfaeLqknkv0dx2S4i1pO1WKpsGCJf//////////wEQAxoMNTM3MTE0ODA2NTg1Igy/VQkcSzsP27YJfUwq7wVEhUGW7AfdeQfa9ZyDCYD2TeILUyvxI1GW7aTafG/i0fcjymMEBLq8lF/g1Pi0csNYmgcB0kSsGWwCwTEHELtrcgZUJ83cCEh0n5A6m9nfGFU5salt6SFEO2xHLDf65rfzu1rKTLCC2oFFS0TDl11XTdt9VyniYw+Hf67w9D4rjKI7Jae/7gHjKgxqrpp5FhrP2ZNpXDlJmw3+ebHINeNOdkAyr0UQKan0sQV2Zp2HMybWbwXN8Z8gBoCnDwq7eO6z6bQ/SoO9I5ftbDJbvZ5COzap6VEgKBojlR+oIR9rmljts+zrSXkgGBtLdpdVDuHTXEWCUAZee4xVGeBgELD6R6L7uj8vhpnGZehKiJCaaLBr47DkKcIhB1IBCYAZPwh4UVz6CtSPW6NUMQEmiSe81lv3Pb47yXF2tx0u+/N5NLgVpxtPDdw6nYiibN9+HICMZADucZ4GdZnRhKTHt2aLnVgJjlS6udgoqeaGFwcD7qqRIvDSD2uakPrLghOWoX/8iYgvgjHzl6qy6CLCj+nYQlTkRw0FrbDUWIo5N5uVEDt1+65eGtEBQ32BSiCdkt5ewJU8BMJpT1qZhtipbvqCLrDL1U0J4frXjUpjA6oA/ANv4OyTB0XsgLOjGqQq4WJs2Juuo/xdXZA9NeVzOA81Mm1W9WuVuEaJMbUbvTQdw9JdZzq7VWKJbNWq3QJxMsQgm3oAm+Mv6pwKVbmvXNPxLhveBtv7lAwR99x/10TUwIJ7iXgaPYpoo2DWAe1z9BPWy02nL7F281yZOi5nV0FesVhklOX7RHXao+2NUB7QOxi1AZN3U3dJOz7fY3a0vJxkypsOtKro6czRgophB97EOwYk6qPhAdrOyKYFpvtN+siN5s7kJXdiqoDL4WL2khf0lhSaqdTcIk83gX/mLiRnEKB1XEWtGBhzzAdEevrpfSJWBBdQbEL4Z4mwJHvAvPRWtgdQupEl/q4O0lQqNE5L/J3CxZCcD2x3/mwVFRsRMJal2ZwGOoYCn0hco8fcCReXcgxC93Zql/ISrom6K5I2hxS1MIjnV3OZyoTafgSw/MCOrA69rebUJjG16O76wg061eRT7j7hvRYXvTojFexrZrWpwuVQ5dJavhG287H3ry7GQOVNWnLocaylUhQF4wekBg3XZITSESmaAb7GmKO9j2G/EOYeu5cv1HGuVfbE6IosKrV9f+49XG5oDtwF9O1JiWxehYUaTw+Dzk16UdeBWET2yPfAyQhjZ37RMGn21Mh8Mfu0XW40zOw4xlwMnV9woESEy5ZT2rW3UiDxHQB1P0BjKkR8LYJT4m7OS5w3Z1P5Wn851DES8sHGPqWcg0R0EJu9eI120hIGG4SScQ==
Referer
https://checkout.timlive.tim.com.br/
x-amz-target
Firehose_20150804.PutRecordBatch
x-amz-date
20221211T215846Z

Response headers

Date
Sun, 11 Dec 2022 21:58:47 GMT
Content-Encoding
gzip
x-amzn-RequestId
fc3b689b-f609-37be-a02b-3c4c490ded6f
Content-Type
application/x-amz-json-1.1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length
279
x-amz-id-2
rO07osMGT9OqPy0d8rbheImRxAYLXHFfqu7itVEScCSzwIIaEZawh6bjOr+00TrqPR6BD27wvTPeGzUYr/EzDVEOCl2w/1l/
/
firehose.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firehose.eu-west-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.34.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Request-Method
POST
Origin
https://checkout.timlive.tim.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Encoding
gzip
Content-Length
20
Date
Sun, 11 Dec 2022 21:58:47 GMT
x-amzn-RequestId
f4b65ab4-5b71-9f07-a8a6-0e63e47545d6

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontentvisibilityautostatechange function| fbAsyncInit object| FB object| __buffer object| webpackJsonp object| core object| __core-js_shared__ object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings number| $smcInstall string| cookieName undefined| cookieValue number| expirationTime string| date number| dateTimeNow string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| keyValuePairs string| retorno object| d number| dias string| expires object| dotq object| AWIN function| AwinCustomEvent object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| YAHOO object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| $smctResources object| $smctData object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| $jscomp object| $smcT5 function| setImmediate function| clearImmediate function| $smcJQ object| $smcO5

27 Cookies

Domain/Path Name / Value
.checkout.timlive.tim.com.br/ Name: origem_awin
Value: undefined
checkout.timlive.tim.com.br/ Name: clickid
Value: undefined
checkout.timlive.tim.com.br/ Name: msxt
Value: undefined
.tim.com.br/ Name: _gid
Value: GA1.3.1447406041.1670795926
.tim.com.br/ Name: _dc_gtm_UA-19358192-1
Value: 1
.tim.com.br/ Name: _fbp
Value: fb.2.1670795926171.31387384
.tim.com.br/ Name: _ga_0SZQLHM90J
Value: GS1.1.1670795926.1.0.1670795926.60.0.0
.tim.com.br/ Name: _ga
Value: GA1.1.1061087118.1670795926
.tim.com.br/ Name: _hjSessionUser_1328257
Value: eyJpZCI6ImM5NjVhZjA4LTk3ODQtNTI3Yy1hOTYxLTA5N2JiOGUzZjk1MiIsImNyZWF0ZWQiOjE2NzA3OTU5MjYxMDYsImV4aXN0aW5nIjpmYWxzZX0=
.tim.com.br/ Name: _hjFirstSeen
Value: 1
checkout.timlive.tim.com.br/ Name: _hjIncludedInSessionSample
Value: 0
.tim.com.br/ Name: _hjSession_1328257
Value: eyJpZCI6IjZjZjhkOTFhLTk5ZTAtNGQzZC1hNjI1LWNkM2EwZjQwNTFlZSIsImNyZWF0ZWQiOjE2NzA3OTU5MjYyMTIsImluU2FtcGxlIjpmYWxzZX0=
.tim.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 0
.tiktok.com/ Name: _ttp
Value: 2Imo4HImMIdGxObpQszVoZkBO1f
.yahoo.com/ Name: A3
Value: d=AQABBJZSlmMCELugyAQsbngtUWO0WB6fzkYFEgEBAQGkl2OgYwAAAAAA_eMAAA&S=AQAAAiIKCc4hFh70nU-5cPFSeS8
.tim.com.br/ Name: _tt_enable_cookie
Value: 1
.tim.com.br/ Name: _ttp
Value: 0b3a2d5c-956c-43d7-aade-f56eb8f7a3b2
.tim.com.br/ Name: smc_uid
Value: 1670795926436304
.tim.com.br/ Name: smc_tag
Value: eyJpZCI6NDI5NywibmFtZSI6InRpbWxpdmUudGltLmNvbS5iciJ9
.tim.com.br/ Name: smc_session_id
Value: BxKTZ372w9Gxy1jHJegXNXGaFO69wajb
.tim.com.br/ Name: smc_refresh
Value: 25221
.tim.com.br/ Name: smc_tpv
Value: 1
.tim.com.br/ Name: smc_spv
Value: 1
.tim.com.br/ Name: smc_sesn
Value: 1
.tim.com.br/ Name: smc_not
Value: default
.tim.com.br/ Name: smct_last_ov
Value: %5B%7B%22id%22%3A74283%2C%22loaded%22%3A1670795927185%2C%22open%22%3Anull%2C%22eng%22%3Anull%2C%22closed%22%3Anull%7D%5D
.tim.com.br/ Name: smct_session
Value: %7B%22s%22%3A1670795927446%2C%22l%22%3A1670795929447%2C%22lt%22%3A1670795929448%2C%22t%22%3A3%2C%22p%22%3A3%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.jsdelivr.net
checkout.timlive.tim.com.br
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
d2d7do8qaecbru.cloudfront.net
firehose.eu-west-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
js.smct.io
ls.smct.co
region1.analytics.google.com
s.yimg.com
script.hotjar.com
smct.co
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.99.14
18.66.112.93
18.66.147.29
18.66.97.10
2001:4860:4802:34::36
212.82.100.181
23.11.206.10
2600:9000:2490:3600:f:8ce2:fb80:93a1
2606:4700:10::6816:3aad
2606:4700::6810:5614
2a00:1288:80:807::2
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
2a05:d018:94a:8a00:ee31:fae8:a09d:4ddc
52.222.236.63
54.207.4.156
54.246.204.4
54.94.187.157
99.80.34.195
017217e952a763a6a3ac2688bb3c1c17db0a42721148434b9060158bd08716d6
01f8c6f48ea217d6c394c68e1a68f2958169d972c7b435f4d71361e57c26e411
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
19aa3cf2e78b26f550aac28fbf86dcdd08fe4459cad8e42eeef1e2174200f11d
21a47f52c52ba74b3334b1d2093a90098c1ffe8361ea1e69427ede43c2082411
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
3c036a5c40fd66483fe24b26d5510d47752286e582168b168dac8f288867a820
3caf4dc47d0c30596d9f5713ab9a5a34f83297d56d9da5d8824732a400a34fd5
503c69a5f1470e791eb389efcc02a9792b0e3201f5e7646cad3d6d2b60e20c79
504bc993c08aef2fc0e123b929bfdfd4c33c1d45a9b1c8e3a077a1152d9e8982
5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a
5891e62800c4390940b4fb8c7bce51a76a10100cce30c7332e79348a1d13d2cb
65f4c48ba988561ab14157af320663bd728b12b8a2cc60d95efb8436774c52a5
692a38ef71f1827e12642086c0a596ef11c0bc400df3867eb5ae3dac4dead417
6ed4ae511bd56081cd526c08d43c0603b4982eb5c6fef0aac79fb578400be8d9
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
719622cbf5bbbe0b5246ba5b11e93f7066da83a10541e898192ce8515b29522a
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
751e01fb7a5879ed21ddb0cbea5d115d3790a936edc1b9c73d270a3af7650ef3
76a98a541dae6ad185492a129f69e0bd34c9f0e73884f912556ba165d661d13b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c8c179fdcf590c4a2280cdec2268e03aacdd55c63c0ccb018077b66da2dbda
92eecdfce763cd25e612e33353fc686173084e59320bcb61f237e3ec821ae416
9420936496b0a7f806aa1cab5e50987d67bd6e7567d8247c9f830d49d761ff39
9f3285e650e035bb565be3dd2db986119652c55d795a0a6882930006b43abef4
a1cee6cccb8807d095430b926725d06cd8f27d3a6bc3775f37e96b53023b380a
a23fcf51ed44e08bb5900bdfb20c09d637adedd4ad71c3fcfbc72a297fb988bd
a678d1918cb89ea975a3d3f8e339a7a95af7639e2c940259d5f93d1114f1c0c7
ae29aca4941d6dde6ec82482df58cbe6bb011ebf57cf516abd9bbba5e95f7c9d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6721e53bcb4febb066bc9f35775576fbca8074e5ad417cf2fc456828f55e7f6
c3a4bd40f86075445b666128fa2d797170da1cab91f2865c5682e1f7e6a3008d
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
ced2745486869cf76816f96b54006fe3efc60fdf6c49d2e482eae4878ef57ec6
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e
d0aa8794eae4d207f8bffd02baf1c4e2f1551f252caaf6c86e06395d309183c3
d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b
e5cf600f3eb35157e811757e4113b20cae15499aee24156a3510e607e139d47b
ebb21dd1fc9e0fa45212e9108b4bae9092fa204e66efa03bf458460a150d5260
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7ae464625044ea387301a74576ab068c2b1e9997fcbc04c2099815db4ebd11
f19d3089f890caa27dcd93a5dca0458baf5a214c10f81d4a5a52221cd5755216
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc715754a044353a83fb71d4aef986b53be4033614936deb8f001eb4fa7d13de