timofertas.com Open in urlscan Pro
172.67.129.62  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response timofertas.com/	21 KB 6 KB	812ms 659ms	Document text/html	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 03f9add25d06125fb48faf59c9c636f5c95778dc0b10442adad19f1e87d4c5bd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d44dd4f2db9cb7d-LAX content-encoding zstd content-type text/html; charset=utf-8 date Fri, 18 Oct 2024 01:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dner%2FC5WnqTP6lQPABoTQKBJyVURXq16jERRQAR6EUsDsz%2FxafbYg4SP0fjWFcGiHtnj9wLuFaHa7SNT6l1ms3NBw9t3L1dG49tGwqBxxSI%2FnLypz%2F2h4rmw0kF2NKVXEA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfExtPri vary Accept-Encoding x-powered-by Next.js
GET H3	200	711c01dd42fa48ea.css timofertas.com/_next/static/css/	22 KB 6 KB	80ms 79ms	Stylesheet text/css	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/css/711c01dd42fa48ea.css Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7e7d5dfc59fc2e65b1983b9990ae96b267b65f6f4f8dd2b89857858012699e8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"597d-1929c289fa8" age 3255 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evUvDAJmPURoqK%2B1S2hxeB9cWRpGDL5QY%2FiOICCml7SaZhxOcTvqFJwhfgdrSlSXGnNNCTQp1tMJdDTeuMsy6iAlVXxwMaxlMdxk3HnG0aCaYGEkSpMC6XO6LabQvatyNg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd535c48cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type text/css; charset=UTF-8 last-modified Thu, 17 Oct 2024 20:26:01 GMT vary Accept-Encoding server cloudflare
GET H3	200	46d2f1b70d0e73f2.css timofertas.com/_next/static/css/	6 KB 3 KB	83ms 82ms	Stylesheet text/css	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/css/46d2f1b70d0e73f2.css Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6c8ffdad74698833ddef736c49c9d5061736c712b62f770555e944808845182 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"18fe-19291987608" age 186275 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bevhexxvdWevmn6itSKkuA0YHMojAcceLlZ8q6vgbobs5c4BE%2BnzohKcT%2BkhH4SHmx4ulMJlisIRDNXVEubfigQYEW8GLi95oktXPgMSuXtfYx9M04%2FQWvdL1KlnkM5f3Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd535c49cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type text/css; charset=UTF-8 last-modified Tue, 15 Oct 2024 19:12:21 GMT vary Accept-Encoding server cloudflare
GET H3	200	webpack-38cee4c0e358b1a3.js Show response timofertas.com/_next/static/chunks/	2 KB 1 KB	81ms 79ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/chunks/webpack-38cee4c0e358b1a3.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"6a4-19291987608" age 82530 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9hraEUgi6R5E9QLsOpjBRSZlnAG02yacrlyTqXq%2BHWILk3KgwPvt7xeIC2XO1JZH1YJRYUszNg3wPPOivmXcYQQQKK5Jngdeqz2%2FDLQb%2FsCOf%2BIRlxM0qwhwNmZS7e69w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d24cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 15 Oct 2024 19:12:21 GMT vary Accept-Encoding server cloudflare
GET H3	200	framework-3b5a00d5d7e8d93b.js Show response timofertas.com/_next/static/chunks/	138 KB 45 KB	118ms 116ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/chunks/framework-3b5a00d5d7e8d93b.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6b16d4d6f2b70a8e1dfa5855ed23713c2520884fc2731e02cd7560e20fdf4f2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"22702-19291987608" age 186273 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asY2GGGrz1W5lneDGJXttIO2jdhwhVCUYDSwCdRK2eII%2BQgktAU%2FGs842mdxsFvOreqr1jWq50S8QIQBIbNBbsBtG6zDvytEiW145ElU9c1eQEsFYvrlGDbnovqZQ86KZA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d2dcb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 15 Oct 2024 19:12:21 GMT vary Accept-Encoding server cloudflare
GET H3	200	main-98e9b98642fcffbf.js Show response timofertas.com/_next/static/chunks/	81 KB 26 KB	119ms 116ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/chunks/main-98e9b98642fcffbf.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dceb542b34b5aaab773fc57d788d689198daf8c993dc299797320bd48193e96 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"1443a-19291987608" age 186273 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2F0kBDloxn%2B6vJI9Y9gFzuiON9KK5C4PXdZ8dzQKOtFW3mfskXVFnc7%2BGP7pyPGNtbOlYxJjXsA9I1DDXS2I%2BMkkXNcc%2FyMvq6k3H3qnV1GxqDMUYE4KD1bC0SJNyaYXEA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d2fcb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 15 Oct 2024 19:12:21 GMT vary Accept-Encoding server cloudflare
GET H3	200	_app-deaeb3b9d2c3cd8a.js Show response timofertas.com/_next/static/chunks/pages/	193 KB 69 KB	83ms 80ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/chunks/pages/_app-deaeb3b9d2c3cd8a.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbf23549cce2e34dbc1ca2b20d888cd35806d2f36adf39ff45ef79d9acc0ade8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"303ba-1929c289fa8" age 3254 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iEXVH13o6mqKdwxmJsu4q1YH8rruuM%2Fw7x0cEiA3zJndFNCfgKX8LP%2Fa8c%2By6PvHhFMBFK%2F21yIDvIk1FsZ6VKKqdZMnLJGta8vPyvIGRpHbr0N9ZjZxWX69hK7HC6Zx8w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d31cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Thu, 17 Oct 2024 20:26:01 GMT vary Accept-Encoding server cloudflare
GET H3	200	511-db8924ab3e15c3e4.js Show response timofertas.com/_next/static/chunks/	76 KB 24 KB	149ms 147ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/chunks/511-db8924ab3e15c3e4.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85806fbc1ddea3091158fc82076d508e1702eca4eca85d8d090522ca7bce52bf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"130ba-19291987608" age 186273 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHS6jZT0YeJ9YdxnVZzCjCakIMIpwf%2FxV%2FNc6%2FSNvBLROaFynVOTR7upliCgZJNl1mnYcrSEPve%2BQLS4tgDG5vJUT7nVijoCt7bjYtsndBt%2BIV9odnjIycigibMecbKfsA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d33cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 15 Oct 2024 19:12:21 GMT vary Accept-Encoding server cloudflare
GET H3	200	index-e31499e8ce041c04.js Show response timofertas.com/_next/static/chunks/pages/	8 KB 3 KB	151ms 149ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/chunks/pages/index-e31499e8ce041c04.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fcd29ba9d4d8a5c09f8e6d9d5f9e05361a8b6e2a2c78d208cf2a82f63bd3c59 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"1f6e-1929c289fa8" age 3250 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtSFe4hZbvBTbZAu%2BZz2H4tF%2BjMDlO1ufHWznhiOtwqc2qAjk0Xkn%2Fh94eO6r3ggown9H4ke3NbR37CoeR8Bj%2FUtzuTixeg3sLfDkc%2BK%2F0dNl4LuBDsdB0naa3MZG4eSKw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d35cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Thu, 17 Oct 2024 20:26:01 GMT vary Accept-Encoding server cloudflare
GET H3	200	_buildManifest.js Show response timofertas.com/_next/static/nCGJ7-9MU1X-SNXTLQOT-/	1 KB 975 B	329ms 327ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/nCGJ7-9MU1X-SNXTLQOT-/_buildManifest.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 743200a810b71f4f12042672e74fc46e006e528c4717eec30025915159b9add1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"430-1929c289fa8" age 3250 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r0jjh9hraKJrupaDik9DZHZ41M3OMIpJ7ey7LOElfLWYDaoh81YTTsVuX%2Bj12Zelzq7Y47EnWJxZds22BxIZ07ltIskT8CoUdGEFwUngPWIkzFociHSY9vIDmqZURyevyg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d37cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Thu, 17 Oct 2024 20:26:01 GMT vary Accept-Encoding server cloudflare
GET H3	200	_ssgManifest.js Show response timofertas.com/_next/static/nCGJ7-9MU1X-SNXTLQOT-/	77 B 583 B	330ms 329ms	Script application/javascript	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/nCGJ7-9MU1X-SNXTLQOT-/_ssgManifest.js Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"4d-1929c289fa8" age 3250 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6RLQdtKf6143Vh7F7HH4Ok7vC9%2Bv%2FK49Au%2F7J%2BdV%2BjknJ3ofziV6uOfLIRIjQN5hCmJJSBPysdaVy2mWSYzfjxvUB8i4cHL2MOh8%2F0qxUi1LWnat22mrPP%2FiM1mIj0QUg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd538d38cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 last-modified Thu, 17 Oct 2024 20:26:01 GMT vary Accept-Encoding server cloudflare
GET H2	200	gtm.js Show response www.googletagmanager.com/	247 KB 84 KB	481ms 196ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-59TXSNLT Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 80824cf08165fb4bf1a2f475a94cf31f81d71c5e649b56c6570244f75408430d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Fri, 18 Oct 2024 01:48:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 18 Oct 2024 01:08:15 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 84968 x-xss-protection 0 server Google Tag Manager
GET H3	200	tim-sans-web-regular.1f672397.woff timofertas.com/_next/static/media/	52 KB 52 KB	264ms 263ms	Font font/woff	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/media/tim-sans-web-regular.1f672397.woff Requested by Host: timofertas.com URL: https://timofertas.com/_next/static/css/711c01dd42fa48ea.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e422828bcdfcdf2cfd160a4058fceeb8ce80cc19549026271eab0981afca8064 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://timofertas.com Referer https://timofertas.com/_next/static/css/711c01dd42fa48ea.css Response headers cf-cache-status HIT etag W/"cea4-19291987608" age 186271 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYfEYcVOGGKZmrjmcKi8tRID1nyNnDkIoYAjSVHH8KA5xzmE3cdcQQc8T%2B%2BfnSdjKLnVW%2F21jCrYMFR8y8spNpGfKLpmiNZJb5wJPLoqiEn6KPc7NlLcDiHIJuamhagMIg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type font/woff last-modified Tue, 15 Oct 2024 19:12:21 GMT vary Accept-Encoding cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d44dd53feaacb7d-LAX accept-ranges bytes content-length 52900 server cloudflare
GET H3	200	tim-sans-web-bold.471f4bc5.woff timofertas.com/_next/static/media/	52 KB 53 KB	267ms 266ms	Font font/woff	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/media/tim-sans-web-bold.471f4bc5.woff Requested by Host: timofertas.com URL: https://timofertas.com/_next/static/css/711c01dd42fa48ea.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98fb67452157cc11af4ca058938f0b5017113eff4b911a942e27e8d05f2fb2b1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://timofertas.com Referer https://timofertas.com/_next/static/css/711c01dd42fa48ea.css Response headers cf-cache-status HIT etag W/"d1d4-19291987608" age 186271 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9gFoWW03OxEbHc26Gc75N1OtFbulx8tE4l0bsBbkqWr%2FMDWqvxASo6jjL3dxMPLxWIo3L1hHKRUfTb5cj5l5%2BbcjKki7buRAoW6Jpm%2F3JK8kRgLTOuKTF6XPmzboaQ59g%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type font/woff last-modified Tue, 15 Oct 2024 19:12:21 GMT vary Accept-Encoding cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d44dd53feabcb7d-LAX accept-ranges bytes content-length 53716 server cloudflare
GET H3	200	tim_secundary.svg timofertas.com/assets/	4 KB 2 KB	800ms 799ms	Image image/svg+xml	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://timofertas.com/assets/tim_secundary.svg Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75ae373752d25ceb866ccb69cc4e5624881eb1083ffecb1226263693dc1250c7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"ecc-1929c275b70" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0t93tSidjGxkXrlsxjdR1h78YE0YoneNUkzrKA5s7RSDy74pDBbU7I8ifUQUGs1cMXjdiOekbeCULl8YOFrDHqLjFiM6Qbk6HXgq%2BVKeEJ8ENuw4nw8YEhmmQr1LL7d82g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd53eea2cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type image/svg+xml last-modified Thu, 17 Oct 2024 20:24:38 GMT vary Accept-Encoding server cloudflare
GET H3	200	image timofertas.com/_next/	101 KB 101 KB	282ms 281ms	Image image/webp	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://timofertas.com/_next/image?url=%2Fassets%2Fbanner-girl.png&w=750&q=75 Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51d0f633408e2b33f79d350cfe28849e91bf722d73517cddabc6ffa9a3075fad Security Headers Name Value Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cf-cache-status DYNAMIC etag UdD2M0COKzP3nTUM-iiEnpG-ci1zUXzdq8b-qaMHX60= report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ONXcbO%2FvspUyrN9GUbbfWiRH6Kkq8VBt2%2BnpP%2BPmiBadcQZxIlvJArD7L7Q9iyQtguw07tYUDBOY3ZjQP0aqp5zVRRzVOfXATYgtlTc7sx%2Bi%2FHcXXewG6dr42cPNEaGyw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:10 GMT content-type image/webp vary Accept content-disposition inline; filename="banner-girl.webp" content-security-policy script-src 'none'; frame-src 'none'; sandbox; cache-control public, max-age=60, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d44dd53fea7cb7d-LAX content-length 103252 x-nextjs-cache STALE server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	312 KB 105 KB	363ms 362ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9KDNZXLXQY Requested by Host: timofertas.com URL: https://timofertas.com/_next/static/chunks/main-98e9b98642fcffbf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 63cdc5ab86f3289718adfec7ac7a7c6b8cf237b5fb604b269b22e71ece507e3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Fri, 18 Oct 2024 01:48:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106708 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	238 KB 85 KB	420ms 420ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-475710043 Requested by Host: timofertas.com URL: https://timofertas.com/_next/static/chunks/main-98e9b98642fcffbf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8b0add6183be95799a967284c288eb1c5e5da0a53fbc734220a3dff12c0c16fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Fri, 18 Oct 2024 01:48:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:10 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 18 Oct 2024 01:08:15 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 87380 x-xss-protection 0 server Google Tag Manager
GET H3	200	web Show response timofertas.com/tim-go/plans/	10 KB 3 KB	697ms 696ms	XHR application/json	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/tim-go/plans/web Requested by Host: timofertas.com URL: https://timofertas.com/_next/static/chunks/pages/_app-deaeb3b9d2c3cd8a.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73c862a875d646da877210d7745c8f84cf6c44b809e371d002a92835c7f59cb9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://timofertas.com/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fj5HrhiyrCJcdYW2mVvizd2HkLm5ZOyngKEqF7%2F%2Bsb7S46U4uCDpT%2FGRqmyLsCQ8OSRkSR9PumUdi7C3f80cpXpa9UdcM1vgjpWBEnRUgQKWhuONPxfPOP42zsBAKtyiZg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd55ed54cb7d-LAX apigw-requestid f0quQghaoAMEYYA= alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:11 GMT content-type application/json vary accept-encoding server cloudflare
POST H3	200	interactions Show response timofertas.com/tim-go/	22 B 489 B	708ms 707ms	XHR application/json	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/tim-go/interactions Requested by Host: timofertas.com URL: https://timofertas.com/_next/static/chunks/pages/_app-deaeb3b9d2c3cd8a.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3610663a64dcefff48435c880c13098b8531e15c0981ece21c390e477039521d Request headers Referer https://timofertas.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Content-Type application/json Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Va4uHgVrnKI439p0IP7MgWpk71dcr4F062D4fb1mzmRpLC6FAp8Q9EtLnCqxC0ILSj0QhqHLZzrqKVwHrm3HlD3XCmB7YwrPAir4sNuXkoeFKi6IKL1cKB8O0gP6o4kk0Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd55ed64cb7d-LAX apigw-requestid f0quQiJ8IAMEVEA= access-control-allow-origin https://timofertas.com alt-svc h3=":443"; ma=86400 content-length 22 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:11 GMT content-type application/json vary Origin server cloudflare
GET H3	200	tim-sans-web-medium.456f1168.woff timofertas.com/_next/static/media/	54 KB 55 KB	1107ms 1107ms	Font font/woff	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/_next/static/media/tim-sans-web-medium.456f1168.woff Requested by Host: timofertas.com URL: https://timofertas.com/_next/static/css/711c01dd42fa48ea.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c3d1c91d3f870ff8b6ed12f29c83f895dc19dc6d6cc48c4ef88e6cb44bdfbf7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://timofertas.com Referer https://timofertas.com/_next/static/css/711c01dd42fa48ea.css Response headers cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag W/"d854-1929c289fa8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZRpHyfb7BX6ahyOJWfFjKEuo3NAl8OkW1%2BPPw3m8SNErnosU1DsYZPziDJRYFVjokwQ%2BTJqgeXR4CrHe8%2FaxCfk7PyfIHhpciN57XkYi8xfT0oeR0TMlpc%2BrE5flGvjXA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd560df0cb7d-LAX accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-length 55380 date Fri, 18 Oct 2024 01:48:11 GMT content-type font/woff last-modified Thu, 17 Oct 2024 20:26:01 GMT vary Accept-Encoding server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	313 KB 102 KB	193ms 184ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59TXSNLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8f7aeb2c82ee59c5aedf80341a9207abcf65c1c4eeffc65c21afab453e666c22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Fri, 18 Oct 2024 01:48:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:11 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 104691 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	312 KB 104 KB	171ms 164ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9KDNZXLXQY&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59TXSNLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 234f1e9fef40f4472b7bba1474216ec2543de43e66a0e8b9f9d8d0180bea1acf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Fri, 18 Oct 2024 01:48:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:11 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106616 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect www.google-analytics.com/g/	0 0	255ms 96ms	Fetch text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-9KDNZXLXQY&gtm=45je4ah0v886925156za200zb9180293570&_p=1729216090128&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=1858996695.1729216091&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1729216091&sct=1&seg=0&dl=https%3A%2F%2Ftimofertas.com%2F&dt=TIM%20Controle&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1919 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9KDNZXLXQY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://timofertas.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:11 GMT content-type text/plain server Golfe2
GET H3	200	whatsapp.svg timofertas.com/assets/apps/	1 KB 1 KB	817ms 817ms	Image image/svg+xml	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://timofertas.com/assets/apps/whatsapp.svg Requested by Host: timofertas.com URL: https://timofertas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1559a367199c9b763e5dfe95e3d3b83446089eb8c254ae7b7733c3a4fca838fe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status EXPIRED etag W/"4c0-1929c275b70" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nsnDAOFgasvUUrPJCNOTlnUavPq%2BwR2eD2mMIFq4puYkFFy8dRV3el9Pbg8ljBpi8b5%2FwC6M%2BPPBjRkSFxrRDF8Zh8DqTFXbmeErDWCJa1RsF4xd47lkK7eOgtLMz6%2B%2F4A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd5a7e39cb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:12 GMT content-type image/svg+xml last-modified Thu, 17 Oct 2024 20:24:38 GMT vary Accept-Encoding server cloudflare
POST H2	204	collect analytics.google.com/g/	0 0	432ms 148ms	Fetch text/plain	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-0SZQLHM90J&gtm=45je4ah0v885982427z89180293570za200zb9180293570&_p=1729216090128&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685&cid=1858996695.1729216091&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729216091&sct=1&seg=0&dl=https%3A%2F%2Ftimofertas.com%2F&dt=TIM%20Controle&en=page_view&_fv=1&_ss=2&ep.page_hostname=timofertas.com&ep.parceiro_checkout=oston&tfd=2045 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://timofertas.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:11 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 544 B	406ms 138ms	Ping text/plain	2607:f8b0:4004:c1b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0SZQLHM90J&cid=1858996695.1729216091&gtm=45je4ah0v885982427z89180293570za200zb9180293570&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://timofertas.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 01:48:11 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame 7D4F	0 0	433ms 153ms	Document text/html	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-0SZQLHM90J&gacid=1858996695.1729216091&gtm=45je4ah0v885982427z89180293570za200zb9180293570&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=1314900314 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0SZQLHM90J&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://timofertas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 18 Oct 2024 01:48:11 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	favicon.ico timofertas.com/	4 KB 4 KB	678ms 677ms	Other image/x-icon	172.67.129.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://timofertas.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6af2bc2e086c58d9baddbf87c4a18615359a6a27cebccfb73d0daea9522fb295 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timofertas.com/ Response headers cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"e05-1929c275b70" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RH%2Br%2BRGgKpzt%2BQ4SFmRuRJuhOCMg9T%2FkaWnfLnTf7gTrqgZKuZXD83IpZAb0AA%2BlTKMQJYyteVhc1HcHiB7093TcYSQTBpfQ7Mz0YZBcLzBmYj7lCQ7K17t07VXIXCVysA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d44dd5e1a6dcb7d-LAX alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 18 Oct 2024 01:48:12 GMT content-type image/x-icon last-modified Thu, 17 Oct 2024 20:24:38 GMT vary Accept-Encoding server cloudflare

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| _ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			timofertas.com/	1969-12-31 23:59:59	Name: IAMOston Value: 3e3a522a-d9ea-499f-abb1-6ac3350dc910
			timofertas.com/	1970-01-21 00:23:08	Name: __ost.version Value: a
			.timofertas.com/	1970-01-21 09:56:16	Name: _ga Value: GA1.1.1858996695.1729216091
			.timofertas.com/	1970-01-21 09:56:16	Name: _ga_9KDNZXLXQY Value: GS1.1.1729216091.1.0.1729216091.0.0.0
			.timofertas.com/	1970-01-21 09:56:16	Name: _ga_0SZQLHM90J Value: GS1.1.1729216091.1.0.1729216091.60.0.0
			.doubleclick.net/	1970-01-21 00:20:16	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
stats.g.doubleclick.net
td.doubleclick.net
timofertas.com
www.google-analytics.com
www.googletagmanager.com
172.67.129.62
2001:4860:4802:38::178
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:824::200e
03f9add25d06125fb48faf59c9c636f5c95778dc0b10442adad19f1e87d4c5bd
1559a367199c9b763e5dfe95e3d3b83446089eb8c254ae7b7733c3a4fca838fe
1c3d1c91d3f870ff8b6ed12f29c83f895dc19dc6d6cc48c4ef88e6cb44bdfbf7
234f1e9fef40f4472b7bba1474216ec2543de43e66a0e8b9f9d8d0180bea1acf
3610663a64dcefff48435c880c13098b8531e15c0981ece21c390e477039521d
51d0f633408e2b33f79d350cfe28849e91bf722d73517cddabc6ffa9a3075fad
63cdc5ab86f3289718adfec7ac7a7c6b8cf237b5fb604b269b22e71ece507e3e
6af2bc2e086c58d9baddbf87c4a18615359a6a27cebccfb73d0daea9522fb295
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fcd29ba9d4d8a5c09f8e6d9d5f9e05361a8b6e2a2c78d208cf2a82f63bd3c59
73c862a875d646da877210d7745c8f84cf6c44b809e371d002a92835c7f59cb9
743200a810b71f4f12042672e74fc46e006e528c4717eec30025915159b9add1
75ae373752d25ceb866ccb69cc4e5624881eb1083ffecb1226263693dc1250c7
80824cf08165fb4bf1a2f475a94cf31f81d71c5e649b56c6570244f75408430d
85806fbc1ddea3091158fc82076d508e1702eca4eca85d8d090522ca7bce52bf
8b0add6183be95799a967284c288eb1c5e5da0a53fbc734220a3dff12c0c16fa
8dceb542b34b5aaab773fc57d788d689198daf8c993dc299797320bd48193e96
8f7aeb2c82ee59c5aedf80341a9207abcf65c1c4eeffc65c21afab453e666c22
98fb67452157cc11af4ca058938f0b5017113eff4b911a942e27e8d05f2fb2b1
b7e7d5dfc59fc2e65b1983b9990ae96b267b65f6f4f8dd2b89857858012699e8
c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a
d6b16d4d6f2b70a8e1dfa5855ed23713c2520884fc2731e02cd7560e20fdf4f2
dbf23549cce2e34dbc1ca2b20d888cd35806d2f36adf39ff45ef79d9acc0ade8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422828bcdfcdf2cfd160a4058fceeb8ce80cc19549026271eab0981afca8064
f6c8ffdad74698833ddef736c49c9d5061736c712b62f770555e944808845182