www.ingresse.com Open in urlscan Pro
206.41.74.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/OpqfVIz7eK
Effective URL:
https://www.ingresse.com/holger-garotassuecas-baralto
Submission: On February 10 via api (February 10th 2023, 10:27:02 pm UTC) from CA — Scanned from CA

Summary HTTP 142 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 2 countries across 24 domains to perform 142 HTTP transactions. The main IP is 206.41.74.3, located in United Kingdom and belongs to BSO, GB. The main domain is www.ingresse.com.
TLS certificate: Issued by R3 on December 16th 2022. Valid for: 3 months.

This is the only time www.ingresse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
20	206.41.74.3 206.41.74.3	4455 (BSO) (BSO)
2	18.238.4.111 18.238.4.111	16509 (AMAZON-02) (AMAZON-02)
2	13.35.93.78 13.35.93.78	16509 (AMAZON-02) (AMAZON-02)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.225.223.39 13.225.223.39	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
1	34.238.89.27 34.238.89.27	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	13.33.60.72 13.33.60.72	16509 (AMAZON-02) (AMAZON-02)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
1	104.168.172.151 104.168.172.151	54290 (HOSTWINDS) (HOSTWINDS)
4	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	3.230.201.250 3.230.201.250	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.96.77 18.164.96.77	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4004:c1b::71	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c07::9a	15169 (GOOGLE) (GOOGLE)
14	184.28.190.147 184.28.190.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.128.36 108.138.128.36	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::99	15169 (GOOGLE) (GOOGLE)
22	2606:4700:20:... 2606:4700:20::681a:c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c08::8b	15169 (GOOGLE) (GOOGLE)
2	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.192.238 151.101.192.238	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
8	2600:3c03:e00... 2600:3c03:e000:43f::1	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
142	33

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 206.41.74.3 (United Kingdom)

ASN4455 (BSO, GB)

www.ingresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ingresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.ingresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.4.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-111.phl51.r.cloudfront.net

embedstore.ingresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.93.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-78.jfk50.r.cloudfront.net

front.ingresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.223.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-39.jfk51.r.cloudfront.net

static.queue-it.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.89.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-89-27.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.60.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-72.ewr52.r.cloudfront.net

assets.queue-it.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.168.172.151 (United States)

ASN54290 (HOSTWINDS, US)
PTR: client-104-168-172-151.hostwindsdns.com

cdn-queue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.201.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-201-250.compute-1.amazonaws.com

event.ingresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 184.28.190.147 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-190-147.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-36.jfk50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::99 (Washington, United States)

ASN15169 (GOOGLE, US)

gtm-pv2bdfr-otk5n.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::681a:c6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.stay22.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.stay22.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c08::8b (Ashburn, United States)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:809::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.238 (United States)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:3c03:e000:43f::1 (Cedar Knolls, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)

tiles.stadiamaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	ingresse.com www.ingresse.com cdn.ingresse.com embedstore.ingresse.com front.ingresse.com event.ingresse.com kraken.ingresse.com	489 KB
22	stay22.com www.stay22.com — Cisco Umbrella Rank: 50996 api.stay22.com — Cisco Umbrella Rank: 126832	729 KB
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 780	111 KB
12	google.com google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 2	1 KB
11	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1401 ka-p.fontawesome.com — Cisco Umbrella Rank: 3423	369 KB
8	stadiamaps.com tiles.stadiamaps.com — Cisco Umbrella Rank: 57143	123 KB
6	google.ca www.google.ca — Cisco Umbrella Rank: 8213	906 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	6 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	40 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	248 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 616 script.hotjar.com — Cisco Umbrella Rank: 754 vars.hotjar.com — Cisco Umbrella Rank: 883	72 KB
3	queue-it.net static.queue-it.net — Cisco Umbrella Rank: 11519 assets.queue-it.net — Cisco Umbrella Rank: 10814	12 KB
2	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 1974	505 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	258 B
2	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5091	405 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	136 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
1	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 4285	14 KB
1	appspot.com gtm-pv2bdfr-otk5n.uc.r.appspot.com	547 B
1	cdn-queue.com cdn-queue.com	7 KB
1	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 9188	20 KB
1	siftscience.com cdn.siftscience.com — Cisco Umbrella Rank: 7636	20 KB
1	t.co t.co — Cisco Umbrella Rank: 512	676 B
142	24

	Domain	Requested by
21	www.stay22.com	www.ingresse.com www.stay22.com
14	analytics.tiktok.com	t.co analytics.tiktok.com
14	www.ingresse.com	t.co www.ingresse.com www.googletagmanager.com
10	ka-p.fontawesome.com	www.stay22.com
8	tiles.stadiamaps.com	www.stay22.com
6	www.google.ca	www.ingresse.com
6	www.google.com	www.ingresse.com
6	google.com	www.googletagmanager.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ingresse.com www.stay22.com
5	googleads.g.doubleclick.net	www.googletagmanager.com
5	cdn.ingresse.com	www.ingresse.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	www.ingresse.com www.googletagmanager.com
2	api-js.mixpanel.com	www.stay22.com
2	www.facebook.com	www.ingresse.com
2	hexagon-analytics.com	www.ingresse.com
2	connect.facebook.net	www.ingresse.com connect.facebook.net
2	fonts.googleapis.com	www.ingresse.com
2	static.queue-it.net	www.ingresse.com
2	front.ingresse.com	www.ingresse.com t.co
2	embedstore.ingresse.com	www.ingresse.com
1	api.stay22.com	www.stay22.com
1	kit.fontawesome.com	www.stay22.com
1	images.squarespace-cdn.com	www.stay22.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	kraken.ingresse.com	www.ingresse.com
1	gtm-pv2bdfr-otk5n.uc.r.appspot.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	event.ingresse.com	www.ingresse.com
1	cdn-queue.com	cdn.ingresse.com
1	static.hotjar.com	www.ingresse.com
1	assets.queue-it.net	static.queue-it.net
1	wchat.freshchat.com	www.ingresse.com
1	cdn.siftscience.com	www.ingresse.com
1	t.co
142	36

This site contains links to these domains. Also see Links.

Domain
sobre.ingresse.com
backstage.ingresse.com
ingresse.freshdesk.com
maps.google.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.ingresse.com R3	`2022-12-16` - `2023-03-16`	3 months	crt.sh
*.siftscience.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-02-10`	a year	crt.sh
*.queue-it.net Amazon	`2022-09-21` - `2023-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
cdn-queue.com cPanel, Inc. Certification Authority	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
stay22.com Cloudflare Inc ECC CA-3	`2022-12-23` - `2023-12-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.squarespace-cdn.com R3	`2023-02-05` - `2023-05-06`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.mixpanel.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-28` - `2023-04-28`	a year	crt.sh
*.stadiamaps.com Sectigo ECC Domain Validation Secure Server CA	`2022-05-05` - `2023-06-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.ingresse.com/holger-garotassuecas-baralto
Frame ID: 641EAE3F55DCADDF8CDDA07C0175D52F
Requests: 95 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: A9768BAED94C1425F348B99154DEA29B
Requests: 1 HTTP requests in this frame

Frame: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
Frame ID: B2A9B367EDACCAFE84B65C8841616B49
Requests: 48 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5DA7FD93CF583504CCE16E8045B098C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Holger + Garotas Suecas no Bar Alto

Page URL History Show full URLs

https://t.co/OpqfVIz7eK Page URL
https://www.ingresse.com/holger-garotassuecas-baralto Page URL

Detected technologies

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

142
Requests

99 %
HTTPS

47 %
IPv6

24
Domains

36
Subdomains

33
IPs

2
Countries

2464 kB
Transfer

8530 kB
Size

20
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://sobre.ingresse.com/criar-evento
Title: Criar Evento

Search URL Search Domain Scan URL

URL: https://backstage.ingresse.com/event
Title: Criar Evento

Search URL Search Domain Scan URL

URL: https://ingresse.freshdesk.com/support/home
Title: Fale com a Ingresse

Search URL Search Domain Scan URL

URL: https://sobre.ingresse.com/
Title: Sobre a Ingresse

Search URL Search Domain Scan URL

URL: https://sobre.ingresse.com/termos-de-servico
Title: Termos de Serviço

Search URL Search Domain Scan URL

URL: https://sobre.ingresse.com/termos-de-privacidade
Title: Termos de Privacidade

Search URL Search Domain Scan URL

URL: https://maps.google.com/?ll=-23.5562867%2C-46.6876818&daddr=-23.5562867%2C-46.6876818
Title: Bar Alto Rua Aspicuelta, 194 São Paulo - SP

Search URL Search Domain Scan URL

URL: https://sobre.ingresse.com/meia-entrada
Title: Lei de Meia-Entrada

Search URL Search Domain Scan URL

URL: https://sobre.ingresse.com/ingresse-news
Title: As novidades do mundo dos eventos Confira no Ingresse News! O modelo híbrido: online e offline A Retomada dos eventos no Brasil Top 10 drive-ins mais criativos Festivais com distanciamento social O modelo híbrido: online e offline A Retomada dos eventos no Brasil

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/OpqfVIz7eK Page URL
https://www.ingresse.com/holger-garotassuecas-baralto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

142 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 OpqfVIz7eK
t.co/ 314 B
676 B 142ms
60ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/OpqfVIz7eK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 193
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 22:26:37 GMT
expires: Fri, 10 Feb 2023 22:31:37 GMT
perf: 7626143928
server: tsa_b
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 7aba23227f913457df2ba92137ecd2f16e58853cbe949a54c94f9d735f4b0110
x-response-time: 23
x-transaction-id: 1bbdd83d0bd315ca
x-xss-protection: 0

GET
H2 200 Primary Request holger-garotassuecas-baralto Show response
www.ingresse.com/ 11 KB
3 KB 646ms
61ms Document
text/html 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/holger-garotassuecas-baralto
Requested by: Host: t.co
URL: https://t.co/OpqfVIz7eK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 8b70d815bd10718bf2988c0c1cd1a36107be04476ffe98d98421f1c3a0e191d5

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 10 Feb 2023 22:26:38 GMT
etag: W/"2b37-1860f5ec6f8"
last-modified: Wed, 01 Feb 2023 23:45:15 GMT
server: nginx/1.18.0
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 vendor.css
www.ingresse.com/assets/ 224 KB
44 KB 29ms
25ms Stylesheet
text/css 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/assets/vendor.css
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 41e9f18037209c061af50e5426aacf3780f16a420dd700770d15ef0693c5ca0c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:15 GMT
server: nginx/1.18.0
etag: W/"380e4-1860f5ec6f8"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 websdk.css
cdn.ingresse.com/websdk/v7/styles/ 656 B
703 B 280ms
19ms Stylesheet
text/css 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ingresse.com/websdk/v7/styles/websdk.css
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6aabc473c6cd876873eb0f3e6c280b369f69baea63b3a70dc23fc4102cfa27d4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 23 Jan 2020 22:34:11 GMT
server: AmazonS3
x-amz-request-id: 4HYQQW63CA3XXMG5
etag: W/"bf1a96e9e61c9c21ba218bdad681e1df"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-amz-id-2: 54AYuIeCA2wkqHy53IX5LtYkg4uIQeY66nGBCLf8PFbXJ8XE1GS1zmNqfgbpkG4OtvJcuqznZkk=
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 ingresse-widget.css
embedstore.ingresse.com/ 2 KB
3 KB 388ms
79ms Stylesheet
text/css 18.238.4.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedstore.ingresse.com/ingresse-widget.css
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-111.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f92df491de359b771ba7268be7079b1ede6de9414b30a07ae0af49f9e6f12f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 10:12:34 GMT
via: 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:06:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 44046
etag: "b1dd548d49815c1340bec6b12d8c30f4"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2284
x-amz-cf-id: ItrIxFzSuWJ9HSqItaXGl59jb2Yvll0XidfoN0zFGJ2di0mPFSRORQ==

GET
H2 200 fonts.css
www.ingresse.com/assets/ 324 B
517 B 46ms
43ms Stylesheet
text/css 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/assets/fonts.css
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 6b4a82c0de4398a8d39547fa29f0804e225b1385e1dc091055e73e1b4910e5b3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:15 GMT
server: nginx/1.18.0
etag: W/"144-1860f5ec6f8"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 192
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 site.css
www.ingresse.com/assets/ 156 KB
28 KB 47ms
44ms Stylesheet
text/css 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/assets/site.css
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 53cd784e76126a9f5367c7e4a83233d9e9ff49fb7a3780c20a30f0dd559f727d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:01 GMT
server: nginx/1.18.0
etag: W/"27048-1860f5e9048"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 auth.min.css
cdn.ingresse.com/auth/ 209 B
496 B 279ms
18ms Stylesheet
text/css 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ingresse.com/auth/auth.min.css
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0e66337b52542f237199de3e6a1510d1ffa42ffc1916ad941f0062db80daf62

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 18:27:18 GMT
server: AmazonS3
x-amz-request-id: 4HYNK6DX7NTPEK0T
etag: W/"a0586b560f888d095db1b919ee53df34"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-amz-id-2: i3qkzC5t6klh9bxI68cM0E+R9+qJSH2D3o12VMbakvwY5Ay2I1Jw883rKLhc8T5F6O12Mm5kzYE=
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 auth.min.js Show response
cdn.ingresse.com/auth/ 3 KB
2 KB 282ms
22ms Script
application/javascript 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ingresse.com/auth/auth.min.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ebcef62a9ec6f42fd3994e85bfbe83b0ca0e3574215b7d2326ce7e6059003d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 18:27:19 GMT
server: AmazonS3
x-amz-request-id: 4HYP4277M4RP4MK9
etag: W/"67d550d6ad0c09c86a96da7e70390fef"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-id-2: JB46VwArqesS7i9Jt47pXRrE8RTFwDcgS69JL04XNUUBeB4aJN79gWvAeIaI/P1JKJhDccUbmmQ=
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 ingresse-widget.js Show response
embedstore.ingresse.com/ 9 KB
10 KB 101ms
83ms Script
application/javascript 18.238.4.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedstore.ingresse.com/ingresse-widget.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-111.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b887e261d80ed5ba62609a1a7707d804ab685d2263b32ca12a94d7dc2cd68447

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 10:12:34 GMT
via: 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:06:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 44046
etag: "60eb39153dfd329ce2a0ed0c34977469"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9527
x-amz-cf-id: 8-mGf64vVYJMgomVPti97OC3HdLANmD6jm9Llg1OlpQshRuHvaApoQ==

GET
H2 200 tools.umd.js Show response
cdn.ingresse.com/tools/ 10 KB
4 KB 19ms
18ms Script
application/javascript 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ingresse.com/tools/tools.umd.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04f408ee6064f8dde4be54993d23ed1de7abba34cefc666b787ff57bb78447ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 14:59:19 GMT
server: AmazonS3
x-amz-request-id: 4HYQ1HWDJSV7S005
etag: W/"e478bc1929c1bdf3ad840f1bd030555e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-id-2: hn4phP65BjNPDqRW6OnljQHw0rw3C1A+JBY04MhcUqU1sMby7n43t/C/bZp42jUDU7mFd49WHuE=
expires: Fri, 17 Feb 2023 22:26:39 GMT

GET
H2 200 ing-wcs.esm.js Show response
front.ingresse.com/wc/ 4 KB
4 KB 211ms
19ms Script
application/javascript 13.35.93.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://front.ingresse.com/wc/ing-wcs.esm.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-78.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f184c6ffdf3da68512b5e0d0de3d6d426f4e242653d3af9228bbf7b74e51de7b

Request headers

Referer: https://www.ingresse.com/
Origin: https://www.ingresse.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:31:31 GMT
via: 1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
last-modified: Mon, 06 Feb 2023 19:28:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 10577
etag: "6baed83bed19e0e9214de3ae906762d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 3664
x-amz-cf-id: NeNRolHNtzJ5l6-hHlkrqr8ZGzMkWXx0j_ObOZFy7fejbjTWvM9kVA==

GET
H2 200 s.js Show response
cdn.siftscience.com/ 61 KB
20 KB 127ms
11ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siftscience.com/s.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 04:53:12 GMT
content-encoding: gzip
age: 63206
x-guploader-uploadid: ADPycdtMhqb_Sml8G5h9U_1jl8cEfR6RU0FRq2SmTaPLnaflQ1dYw0e6GOm_zP8q3LH6CbHFRkAasM9BOi7O4xkVInC5Kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-generation: 1586469553682331
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
content-type: application/javascript
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
expires: Sat, 11 Feb 2023 04:53:12 GMT

GET
H2 200 queueclient.min.js Show response
static.queue-it.net/script/ 13 KB
4 KB 74ms
18ms Script
application/x-javascript 13.225.223.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.queue-it.net/script/queueclient.min.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-39.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 944ab414abd7379509535f0f7422544deaf2a4d19b9fbee4ef9bd1b6b02b3dcd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 21:50:36 GMT
content-encoding: gzip
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
x-amz-version-id: 4yQ2rNl7SZrweE0tCIPgmTcwWoJbW7lz
last-modified: Wed, 23 Feb 2022 18:43:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
age: 2163
etag: W/"58074f881862f661a074ef91b00cf15f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=7200
x-amz-cf-id: G1qhdUVyjZPlufD0sMi5vaSvlZjb6icDKgEcWT8EV8-EPGNDuQFBtg==

GET
H2 200 queueconfigloader.min.js Show response
static.queue-it.net/script/ 24 KB
6 KB 75ms
19ms Script
application/x-javascript 13.225.223.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.queue-it.net/script/queueconfigloader.min.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-39.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7157deb8ebe872e9ad11477112493ef6d3175123c43073bbbc81954295049f08

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:32:06 GMT
content-encoding: gzip
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
x-amz-version-id: hmKaoMDmDo5jDZ4nyowQbHuhS.wPsIca
last-modified: Wed, 23 Feb 2022 18:43:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
age: 6873
etag: W/"eee5cc1b5a9d83bc08cac904c6172a69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=7200
x-amz-cf-id: Iom-ugptK5RdaBu99cHVuPb4W6bS18XIJLS4uAXaRPp7SkSdXeJ4_g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 91ms
40ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26110667-1

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32f08b33a2e49181c67c967cecea533e8010850ee8fb4adf08724bbede3cdbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Feb 2023 22:26:39 GMT

GET
H2 200 vendor.js Show response
www.ingresse.com/scripts/ 518 KB
166 KB 62ms
60ms Script
application/javascript 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/scripts/vendor.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 4e7c0a05fb54621f837cedcce0232bbcea533462d858aca31ed036d9b921b059

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:15 GMT
server: nginx/1.18.0
etag: W/"81715-1860f5ec6f8"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 websdk.js Show response
cdn.ingresse.com/websdk/v7/scripts/ 132 KB
49 KB 280ms
20ms Script
application/javascript 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ingresse.com/websdk/v7/scripts/websdk.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa14420b5df2a42c98ad8173625fdf7bf200d16e7e3d540c0ac14d0f8e877ebd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-meta-s3b-last-modified: 20221108T040706Z
date: Fri, 10 Feb 2023 22:26:38 GMT
x-amz-version-id: ngrBgL9xi081ZwJS6HQVL5j3a4Hzhwsv
content-encoding: gzip
last-modified: Tue, 08 Nov 2022 04:07:11 GMT
server: AmazonS3
x-amz-request-id: 4HYTT6FX0X9JECC4
etag: W/"fff1b8f50a167714099b3d4131032368"
vary: Accept-Encoding
x-amz-meta-sha256: aa14420b5df2a42c98ad8173625fdf7bf200d16e7e3d540c0ac14d0f8e877ebd
content-type: application/javascript
cache-control: max-age=604800
x-amz-id-2: fZf2Jg5tsNovDhllMb0bb9cMx+bsqT1dEkWZsLXLQsuMrQePVWWPcWil23/Va7HRApf98qcPmUM=
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H2 200 scripts.js Show response
www.ingresse.com/scripts/ 297 KB
72 KB 83ms
81ms Script
application/javascript 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/scripts/scripts.js
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 4950f6caf32b017a565ff597ed98ba78f0882c256abf14b22c1eb5d1e2919198

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:38 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:15 GMT
server: nginx/1.18.0
etag: W/"4a32f-1860f5ec6f8"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Fri, 17 Feb 2023 22:26:38 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 60 KB
20 KB 169ms
53ms Script
application/javascript 34.238.89.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.238.89.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-238-89-27.compute-1.amazonaws.com

Software

fwe /

Resource Hash

7b6a8dc47b0d8123636ca9c73bf5b41626262542426da96a6e8ae191ca782578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 22:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: a94f7c77-1ee5-461a-a920-7678ea375e7d
x-trace-id: 00-31049457fe2d59bf2ab3937dbbdb61ff-4448a27baaac4869-00
served-by: 2601
last-modified: Fri, 03 Feb 2023 10:43:54 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 82ms
35ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/assets/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 22:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 20:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Feb 2023 22:26:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
542 B 98ms
51ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kalam:400,700

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/assets/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ac9369e054e094229be260cf7173c20c3c816e854963f765e50dac09d851c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 22:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 22:08:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Feb 2023 22:26:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
59 KB 124ms
72ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGPTCDG

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b2a3f494744cb97ff4c56a8b95c5f52c95885018746538faf179f3f327bb6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60108
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 21:04:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Feb 2023 22:26:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 63ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Feb 2023 22:26:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ps3MM1cKYwDh5uQTLFMo15JnQ+mJjnZ847J1nrAjYeMx9UeF1sDToA+cH/InHUv0kaWt+5zDN2iOEAXTYwiKng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 queueclientConfig.js Show response
assets.queue-it.net/ingresse/integrationconfig/javascript/ 3 KB
1 KB 81ms
28ms Script
application/javascript 13.33.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.queue-it.net/ingresse/integrationconfig/javascript/queueclientConfig.js?versionTimestamp=20230210222205
Requested by: Host: static.queue-it.net
URL: https://static.queue-it.net/script/queueconfigloader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-72.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f13fe033798c1090ad7b6696c9ad618ac47d16cb40bb9c321803683828d34f23

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:16 GMT
x-amz-version-id: 7YHKQTD_KEnwZXHyiufClOqCa4Gz.hyR
content-encoding: gzip
via: 1.1 a1b9c0f574e30dae7536945f59627868.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
age: 24
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Mon, 06 Feb 2023 17:34:42 GMT
server: AmazonS3
etag: W/"4d40e5a6309883a7c09c95e2e6733197"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: rwwetk30pkrIedE8AF_Zd14bKHLTpjp6JgfudfvOwrHuMw7HkmAI0w==

GET
H2 200 hotjar-2926126.js Show response
static.hotjar.com/c/ 8 KB
4 KB 115ms
28ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2926126.js?sv=6

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

bc11dbacb3bbda8b83af520aec418f8611ac3c74cd4ea67b89e88f9f75cdd6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 22:26:39 GMT
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 20
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d02013fcc65367779e6aab069cf8a0db
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: YSeKgt9bF1V7qQn8ALq64XBp0RImydcUQb_BvYVwfA2tD4B7PmCLag==

GET
H2 200 queueclient.js Show response
cdn-queue.com/ 20 KB
7 KB 467ms
79ms Script
application/javascript 104.168.172.151
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-queue.com/queueclient.js?verstionTimestamp=6710341
Requested by: Host: cdn.ingresse.com
URL: https://cdn.ingresse.com/websdk/v7/scripts/websdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.168.172.151 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: client-104-168-172-151.hostwindsdns.com
Software: Apache /
Resource Hash: 0f6a2af83a80c70c179054b5af0c993cc671690086dc996c92b3aaf76d6c501c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
last-modified: Fri, 10 Feb 2023 17:37:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7170

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ingresse.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:33:01 GMT
x-content-type-options: nosniff
age: 24818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 15:33:01 GMT

GET
H2 200 p-4145fb5f.js Show response
front.ingresse.com/wc/ 9 KB
9 KB 21ms
21ms Script
application/javascript 13.35.93.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://front.ingresse.com/wc/p-4145fb5f.js
Requested by: Host: t.co
URL: https://t.co/OpqfVIz7eK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-78.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40f7df35acf166922592ca3df483d3f200b8af096fb1e1cef02c4cf4a9ece65c

Request headers

Referer: https://front.ingresse.com/wc/ing-wcs.esm.js
Origin: https://www.ingresse.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:31:31 GMT
via: 1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
last-modified: Mon, 06 Feb 2023 19:28:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 31004
etag: "7fd9fdd3782fe4a8af3cdd4438f322c6"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 9143
x-amz-cf-id: OGC7Z2bOcLJBp7k0YBiFrDFyb-n9wmBhA0piGI8XHVoA2YRbnjOnhA==

GET
H2 200 /
www.ingresse.com/ 11 KB
11 KB 27ms
27ms Image
text/html 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingresse.com/
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:15 GMT
server: nginx/1.18.0
etag: W/"2b37-1860f5ec6f8"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 logo--30x30.svg
www.ingresse.com/assets/images/ 1 KB
885 B 18ms
18ms Image
image/svg+xml 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingresse.com/assets/images/logo--30x30.svg
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/assets/site.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 93fa91c2b29a7420c6b14c4547e0e3dc169b17c9d5f9c96bc6bcca1723974ab6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/assets/site.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:06 GMT
server: nginx/1.18.0
etag: W/"444-1860f5ea3d0"
x-powered-by: Express
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Fri, 17 Feb 2023 22:26:39 GMT

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 934b84598e9c77de1fcd3f7c09aea5e96c48a89993a3f8e9b1d61200ae90cf47

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ingresse.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 19:32:04 GMT
x-content-type-options: nosniff
age: 183275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 19:32:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 25ms
25ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ingresse.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 13:09:08 GMT
x-content-type-options: nosniff
age: 33451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 13:09:08 GMT

GET
H2 200 VenusGlyphs-Regular.woff
www.ingresse.com/assets/fonts/ 28 KB
28 KB 18ms
18ms Font
font/woff 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/assets/fonts/VenusGlyphs-Regular.woff
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/assets/vendor.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 8a7a928fc6ade7c77f18adc8599442ccc0a42237d2767b25b95a8e70d4f75aee

Request headers

Referer: https://www.ingresse.com/assets/vendor.css
Origin: https://www.ingresse.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
last-modified: Wed, 01 Feb 2023 23:45:01 GMT
server: nginx/1.18.0
etag: W/"6efc-1860f5e9048"
x-powered-by: Express
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 28412
expires: Fri, 17 Feb 2023 22:26:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 31ms
31ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ingresse.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 14:05:59 GMT
x-content-type-options: nosniff
age: 30040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:05:59 GMT

GET
H/1.1 200
OK holger-garotassuecas-baralto Show response
event.ingresse.com/public/ 13 KB
14 KB 192ms
91ms XHR
application/json 3.230.201.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.ingresse.com/public/holger-garotassuecas-baralto
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/scripts/vendor.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.201.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-201-250.compute-1.amazonaws.com
Software: /
Resource Hash: e62bb9e1f3315f62485960bf050a29e1fd86764d3159e6bbcb3b46bf921c641f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 10 Feb 2023 22:26:39 GMT
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Authorization, Content-Type
Content-Length: 13805
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8e3a4c653c5e8cfc5ea9c62c3a1ebf50c34ecebeff2e190652553e6eab3631

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 modules.08d4f065a7a29306a4f1.js Show response
script.hotjar.com/ 261 KB
67 KB 93ms
21ms Script
application/javascript 18.164.96.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.08d4f065a7a29306a4f1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2926126.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-77.jfk50.r.cloudfront.net

Software

Resource Hash

4cd4aaecdabe71bda5b5c1f56b18aa7934f2923963b860cc1875f7e85e7c9f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 14:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 5af2699243b550d789ef9dce0b522ed2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 27153
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68067
last-modified: Fri, 10 Feb 2023 14:53:53 GMT
etag: "92a0e284b398aa5019198b4c945d2414"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IwcbzjzrEIMx2BEkCmIBrJfz8sGVnfew7e7d_Zr0M-c1dq9XAAc-og==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 42ms
42ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6BNXL3KJ5Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26110667-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25acfee108722629e643781fd97796c27dbb7bb43f174f83620e27ab6927096d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Feb 2023 22:26:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 79ms
24ms Script
text/javascript 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26110667-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 21:12:51 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4428
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Feb 2023 23:12:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 50ms
50ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26110667-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7d4c723740862f9e4303e9cfdd6a88b597041c13aa5d16d913b54044248e01e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69691
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 21:04:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Feb 2023 22:26:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/674830843/ 2 KB
1 KB 98ms
38ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674830843/?random=1676067999326&cv=11&fst=1676067999326&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Ingresse&auid=1348592518.1676067999&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGPTCDG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08e7070addacd5726c18838273cd5665145829dc4497f38d0e0f9a8658064736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 879
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 613316405473194 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 103ms
103ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/613316405473194?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bead6815bb6fff86a3840d55671538bbea989a041b07fcf6e92f8ac9b8dbbf41

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Feb 2023 22:26:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hJ5a1LKk31Sn04tuw8jvnO4+LuUE90WFe7bCvVSjf9yKvqg5mtrkC0Ve2ISJg+JZz2enLp0AS3+GhmVCFnGzsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 103ms
33ms Script
application/javascript 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDBBCIRC77U5U64QITF0&lib=ttq
Requested by: Host: t.co
URL: https://t.co/OpqfVIz7eK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7c31c135913af767433f9b62299c318b37e43779473f1c32fd4859cf9bfa1b85

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 18dbf3f7
date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=11
content-length: 1459
pragma: no-cache
server: nginx
x-tt-logid: 202302102226391FA46925B91CF8157DB4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d6cf035dbfe8392b01baf9b6852f2234351f85f405648515a21f0f69147c8618f7baaac3a2d895320a26457365169db92b336564d885db03cb16038e59eadbb8cd
expires: Fri, 10 Feb 2023 22:26:39 GMT

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame A976 2 KB
1 KB 87ms
19ms Document
text/html 108.138.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2926126.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-128-36.jfk50.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.ingresse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 638193
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
x-amz-cf-id: sq34eCmI4jjmhRNF6fZdMkrtkhrvaouzvwvkjRkDtanJMw3pMdKbcA==
x-amz-cf-pop: JFK50-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 33ms
32ms Ping
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676067999&sct=1&seg=0&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6BNXL3KJ5Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ingresse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 34ms
33ms Ping
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676067999&sct=1&seg=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&en=page_view&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6BNXL3KJ5Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ingresse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
gtm-pv2bdfr-otk5n.uc.r.appspot.com/g/ 0
547 B 10449ms
10385ms Ping
text/html 2607:f8b0:4004:c1d::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm-pv2bdfr-otk5n.uc.r.appspot.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1676067999&sct=1&seg=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&en=ViewContent&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6BNXL3KJ5Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::99 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:49 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: 9e1c8f7bfef75d88583d38a001c37a7a
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 10 Feb 2023 22:26:49 GMT

POST
H2 404 collect
www.ingresse.com/g/ 149 B
412 B 31ms
30ms Ping
text/html 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ingresse.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1676067999&sct=1&seg=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&en=page_view&_et=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6BNXL3KJ5Z&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),

Reverse DNS

Software

nginx/1.18.0 / Express

Resource Hash

5ceffdb9a3215de3c786476dd873a63deb51831489709dcc59f75af4cf0a69cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
server: nginx/1.18.0
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 136

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/ 2 KB
1 KB 56ms
54ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/?random=1676067999468&cv=11&fst=1676067999468&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Ingresse&auid=1348592518.1676067999&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51aebaae4a2e8af2d4abe7f2a6c2e97fec23906da759d000ed098d7a18760721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 891
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
www.ingresse.com/g/ 11 KB
3 KB 28ms
28ms XHR
text/html 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingresse.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=CA&_s=5&sid=1676067999&sct=1&seg=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&en=gtm.dom&ep.event_id=8b88a8ca-cbe7-4ba2-8342-069bee767425_1676067999029.6&ep.event_name=PageView&_et=1&richsstsse
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6BNXL3KJ5Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 8b70d815bd10718bf2988c0c1cd1a36107be04476ffe98d98421f1c3a0e191d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:15 GMT
server: nginx/1.18.0
etag: W/"2b37-1860f5ec6f8"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 icon--live--rectangle--orange.png
www.ingresse.com/assets/icons/ 1 KB
1 KB 21ms
20ms Image
image/webp 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingresse.com/assets/icons/icon--live--rectangle--orange.png
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/assets/site.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0b1775c459df3ec5160019ee5c1a8b346d07841fcbefbba43ac6a4ecb5bfd5bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/assets/site.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
server: Azion IMS
x-original-image-size: 1743
etag: "7e9ebb75ffe63ecaa2ee9f4ec6d12759bba509aa"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=2592000
content-length: 1154
expires: Sun, 12 Mar 2023 22:26:39 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/ 2 KB
970 B 115ms
115ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/?random=1676067999554&cv=11&fst=1676067999554&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&auid=1348592518.1676067999&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fholger-garotassuecas-baralto&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1144fe8dea8f7c44954e7dbe6139a7063bde1760d952177f31543eba8b3e841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 946
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gm Show response
www.stay22.com/embed/ Frame B2A9 106 KB
27 KB 205ms
146ms Document
text/html 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/scripts/vendor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4cc8d98fb7d318e59cdf446788e68d467bb0f01947ffe5fda034e96261b89e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.ingresse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79784485ca54a1ed-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 22:26:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSOPHOrpxNCm0e3u0GFTO5dSj1w7YsobmnkJOoINIWHiK4kTONPQO3BJy%2B8ZdHNKuqhveCXM4XkFDXA7gD2EVPtTLeL4Hkt5G9eRkG6j02vj%2FV2Z9bCy%2BVzIkAgnPaxcworjefJqk47XzM31"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 vegur
x-powered-by: Express

GET
H2 200 large.jpg
kraken.ingresse.com/event/posters/62708/ 34 KB
34 KB 546ms
285ms Image
image/webp 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.ingresse.com/event/posters/62708/large.jpg?t=2023-02-03T17:30:00.350126+00:00
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: Azion IMS /
Resource Hash: fef674650ed6bd2eeeeb8ca6b474b2b687a8a37f56a106948942308e3d5d82a7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
server: Azion IMS
x-original-image-size: 40192
etag: "ce6fb322604de3d9fdf6cee76fef09ad9f895a2d"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=2592000
content-length: 34418
expires: Sun, 12 Mar 2023 22:26:40 GMT

GET
H2 200 Icon--reserve.svg
www.ingresse.com/assets/icons/ 3 KB
2 KB 20ms
18ms Image
image/svg+xml 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingresse.com/assets/icons/Icon--reserve.svg
Requested by: Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: c508fc8748a0cc16a9aca8adbcbc50234bc27ce7bea40654dfa660ff34444b5a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/holger-garotassuecas-baralto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 23:45:07 GMT
server: nginx/1.18.0
etag: W/"cb1-1860f5ea7b8"
x-powered-by: Express
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Fri, 17 Feb 2023 22:26:39 GMT

POST
H2 200 991958113
google.com/pagead/form-data/ 0
0 92ms
33ms Ping
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/991958113?gtm=45be3280&hn=www.googleadservices.com&auid=1348592518.1676067999&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

POST
H2 204 991958113
google.com/ccm/form-data/ 0
176 B 130ms
71ms Ping
text/plain 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/991958113?gtm=45be3280&hn=www.googleadservices.com&auid=1348592518.1676067999&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ingresse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 655550.gif
hexagon-analytics.com/images/ 43 B
297 B 125ms
47ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/655550.gif?bk=30c710ae5d&tm=635&r=283104430&v=105&cs=UTF-8&h=www.ingresse.com&l=en-US&S=4a384428ef8b009fcdec395adddf28aa&uu=9d4c0bb8a3126e739a2704c1f7355f1&t=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&u=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&rf=https%3A%2F%2Ft.co%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 514539.gif
hexagon-analytics.com/images/ 43 B
108 B 101ms
48ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/514539.gif?bk=30c710ae5d&tm=660&r=750729276&v=105&cs=UTF-8&h=www.ingresse.com&l=en-US&S=4a384428ef8b009fcdec395adddf28aa&uu=9d4c0bb8a3126e739a2704c1f7355f1&t=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&u=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&rf=https%3A%2F%2Ft.co%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1757310351&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=929206184&gjid=1110098095&cid=678695702.1676067999&tid=UA-26110667-1&_gid=582637036.1676068000&_r=1&gtm=457e3280&z=813079810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ingresse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1757310351&t=pageview&cu=BRL&_s=2&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dp=%2Fholger-garotassuecas-baralto&ul=en-us&de=UTF-8&dt=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=678695702.1676067999&tid=UA-26110667-1&_gid=582637036.1676068000&gtm=457e3280&z=716726969

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 02:51:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/674830843/ 42 B
108 B 92ms
41ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/674830843/?random=1676067999326&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Ingresse&fmt=3&is_vtc=1&random=2466584408&rmt_tld=0&ipr=y

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/674830843/ 42 B
108 B 93ms
41ms Image
image/gif 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/674830843/?random=1676067999326&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Ingresse&fmt=3&is_vtc=1&random=2466584408&rmt_tld=1&ipr=y

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWNiNWY1N2YyNQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 278 KB
72 KB 22ms
22ms Script
application/javascript 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDBBCIRC77U5U64QITF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6cbc0e665ba23c67394e2ab842b39c231e8cc28e474184a14922eae1bcd90661

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 18dbf57e
date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230207223925F1D6B07044734F8D6BAB
vary: Accept-Encoding
x-cache: TCP_HIT from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e329fb65add5754036335755ed6d43126c6f76847889a3e72f9d004b5f88e62ebbc2342bd440661739fca15bc9fcf679cd718c44ad19c97269c0578502bb428fc683104ce442461374edcb6842a76e822fc892282ab94e0a2598327547d97670
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 73414

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 84ms
31ms XHR
text/plain 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26110667-1&cid=678695702.1676067999&jid=929206184&gjid=1110098095&_gid=582637036.1676068000&_u=YADAAUAAAAAAACAAI~&z=1354456139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Feb 2023 22:26:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ingresse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 67ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=613316405473194&ev=PageView&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1676067999790&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676067999786.723521019&it=1676067999332&coo=false&rqm=GET

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Feb 2023 22:26:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/991958113/ 42 B
455 B 45ms
38ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991958113/?random=1676067999468&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Ingresse&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1802067551&rmt_tld=0&ipr=y

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/991958113/ 42 B
455 B 49ms
40ms Image
image/gif 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/991958113/?random=1676067999468&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Ingresse&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1802067551&rmt_tld=1&ipr=y

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default-9.css
www.stay22.com/liveassets/ Frame B2A9 223 KB
33 KB 73ms
71ms Stylesheet
text/css 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/liveassets/default-9.css

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

06d3b0b0275ac4ecdb072608a20634610add7130184a3d39a7bf3d3d5490e076

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 86448
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 09 May 2022 18:21:26 GMT
server: cloudflare
etag: W/"3407e-180aa0e0070"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=use6FoGngqRfswgzvpVzFFwsJ5AREfuOtJgatsZsCtIJtddJ5vOPvbgwRowII%2FyY2HYf%2FhVknjzNoK6eEP1hOHCGBVTqHsHrb6E4stjuqnu32X95Otx0QCUAObo0zz2eAz6Rz%2FXMpsgB9z5U"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 79784486dcc3a1ed-YYZ

GET
H2 200 head-7.js Show response
www.stay22.com/liveassets/ Frame B2A9 298 KB
97 KB 53ms
52ms Script
application/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/liveassets/head-7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

633a21aa53c2316d1eba81c850bfe0d5512448253dd38f722a518738ad69a062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 86448
cf-polished: origSize=304743
x-powered-by: Express
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 18 Dec 2021 06:09:06 GMT
server: cloudflare
etag: W/"4a667-17dcc287fd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfLPCgPdyCkFnwrRhZzbIfiAzYxaFWsUuRmHBbbiwcaAzNAWkmdtMgmNCLgFHtvj5W8k8WN%2BT982aYlhdfS9IGnT%2BDRgUfHcgp2JvypuoYW7Sh4JNr2h3chNBbo%2FzQ0h5rgYEPyQPT4Km6Wy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 79784486dcd0a1ed-YYZ

GET
H2 200 app.9d48341a0acba3d3bb21.css
www.stay22.com/static/ Frame B2A9 71 KB
17 KB 77ms
76ms Stylesheet
text/css 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/static/app.9d48341a0acba3d3bb21.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f4fa433d8d3d397dff6e2c2883fcc51bd1364fc40c0a951e133a63c4ae9bde1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 86448
cf-polished: origSize=73468
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 08 Feb 2023 21:25:04 GMT
server: cloudflare
etag: W/"11efc-18632eaf380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVs0AeaoLA1LicSuUP9ZcXrdtvwtvVAXdrnMVUzO0oPYj3LaVGmEJhgz34L%2F1NF9%2FuBmeilpGhJUnejs7PaHEHY51a6dDdier4xXoZcE%2BlGHfPOBwNo92gHZLGO%2FGKOWDwehsvoLa4RCyi4R"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 79784486dccba1ed-YYZ

GET
H2 200 /
www.google.com/pagead/1p-user-list/991958113/ 42 B
108 B 41ms
40ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991958113/?random=1676067999554&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&data=event%3Dpage_view%3Bpage_path%3D%2Fholger-garotassuecas-baralto&fmt=3&is_vtc=1&random=3343618384&rmt_tld=0&ipr=y

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/991958113/ 42 B
108 B 40ms
39ms Image
image/gif 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/991958113/?random=1676067999554&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&data=event%3Dpage_view%3Bpage_path%3D%2Fholger-garotassuecas-baralto&fmt=3&is_vtc=1&random=3343618384&rmt_tld=1&ipr=y

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Logo@3x.png
images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/ Frame B2A9 13 KB
14 KB 252ms
27ms Image
image/png 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo@3x.png?format=1500w
Requested by: Host: www.stay22.com
URL: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d3367491a91008869391cdeecf7a331aa7ce432273c6d2fc87cc7cebf87217fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-cache-hits: 677, 1
date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 226450
x-cache: HIT, HIT
content-length: 13548
x-served-by: cache-iad-kiad7000085-IAD, cache-yyz4524-YYZ
x-timer: S1676068000.323491,VS0,VE10
etag: CMSK3rnYqOsCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 identify_5f1fb.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
30 KB 23ms
22ms Script
application/javascript 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 18dbf5e6
date: Fri, 10 Feb 2023 22:26:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202302072119168BF5F34D63785081F50A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0113c7f99baf9674da6ef89679c1a0fbaa4c5a90f7ac06312a452010fbd6421df4bbc21040e44135412748e6b5ce028529302007a6c36c2fded7983482341716460ab5cafa0a5d3492a5014183e0e6920a5c1a16e4c2888273aba4aef00d9ad377
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30575

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
553 B 42ms
42ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-akamai-request-id: 18dbf637
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210222639ECD0E10969C68B0B9F14
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d6e62ddd09c677348fc71755d2abfb4f16ee6bab023fd2db533f86ec6832cab1f50fb4bb877f293f58fc1fa9f29744c3572d157770d03dfd4a7dd36506e7538263
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=5, origin; dur=16
content-length: 0
expires: Fri, 10 Feb 2023 22:26:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
553 B 40ms
39ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-akamai-request-id: 18dbf639
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210222639D7FED593C2048094D1F6
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d6ff9ba5468d88f152561c273db9bb69a766bd8f21788b6a46386ed71e953b6f501b1c1b3500a6e8b835544158d4575ec006087285afdde54cae19cc57b571df6b
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=4, origin; dur=15
content-length: 0
expires: Fri, 10 Feb 2023 22:26:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 78ms
77ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-akamai-request-id: 18dbf63a
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302102226391FA46925B91CF8157DC9
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d6cf035dbfe8392b01baf9b6852f2234353ce1d8cd2bf92080d7f4170969cec0a6716ec6ab4bd9fc38811fa3a40753aecc2bcf743cc0566d0d0b7ae02fef89a8a0
server-timing: inner; dur=34, cdn-cache; desc=MISS, edge; dur=5, origin; dur=44
content-length: 0
expires: Fri, 10 Feb 2023 22:26:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
555 B 236ms
236ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
x-akamai-request-id: 18dbf64a
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210222639C7D8135373DE08284F91
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 209,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d6cf035dbfe8392b01baf9b6852f22343558823bdeec5b11855d8176bee35140f582fe8c490d635ad267c4d3c1f47bbe396800b1152d5319873dbb10a7b172984c
server-timing: inner; dur=200, cdn-cache; desc=MISS, edge; dur=5, origin; dur=209
content-length: 0
expires: Fri, 10 Feb 2023 22:26:40 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
551 B 45ms
45ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-akamai-request-id: 18dbf64c
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210222639A4253C46629D0D4EEADB
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d64b28a6d34941cf549183eefe31b368f1fc992e2b215f8421ea39bfc0e399d8c1af6c32d4f455fe6440897b8549854a3aa07ab5a1767aa901c9b0e0ebeca78b77
server-timing: inner; dur=9, cdn-cache; desc=MISS, edge; dur=4, origin; dur=19
content-length: 0
expires: Fri, 10 Feb 2023 22:26:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 42ms
42ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-akamai-request-id: 18dbf64f
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210222639D7FED593C2048094D1F8
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d6ff9ba5468d88f152561c273db9bb69a76f4dc391fc4fe839f538fd7dcb086b41aadf7871945e4b2937192720e9c70d2082a36871fa20bc9d08943f39e72436c1
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=4, origin; dur=14
content-length: 0
expires: Fri, 10 Feb 2023 22:26:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 43ms
42ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-akamai-request-id: 18dbf650
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210222639ECD0E10969C68B0B9F19
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d6e62ddd09c677348fc71755d2abfb4f16aca37801b18d59cc8ce8258864ea67c60b099ded893d7a7b82e13e7780d7d8d8b1083057c481a84ba184994a57560fe0
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=5, origin; dur=16
content-length: 0
expires: Fri, 10 Feb 2023 22:26:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
551 B 76ms
75ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
x-akamai-request-id: 18dbf651
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302102226391DF3BC9CB3714B32A22F
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d600e22106a7a76167860c7102548423e2b0a957089f1e9f33f30a093ade4bc02dd5227261027a36e37b3b28dbc257ca252c3317ba3c1f943e3f8dee5a06bbb598
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=5, origin; dur=51
content-length: 0
expires: Fri, 10 Feb 2023 22:26:40 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
552 B 57ms
56ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
x-akamai-request-id: 18dbf657
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302102226397D52E4AF2FAEA9A7EF30
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d664bc51d5d1f439af04da6ebb3e0ee620c060a15c9bd077511cdeec31135f7472594ed25e84ce227e92e7fb75b611a3ff0a886a875e73e2d7bd87ee9f3c4af420
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=5, origin; dur=25
content-length: 0
expires: Fri, 10 Feb 2023 22:26:40 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
555 B 166ms
165ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
x-akamai-request-id: 18dbf658
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210222639EE8DEFA0432AF0487215
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 139,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d64b28a6d34941cf549183eefe31b368f1838509d9d27ac61c5bad9840e133e447eee1f33f9b7b86884cca18ee8107e3f9085659d41b2f4a70c8d8c4a5398c07a0
server-timing: inner; dur=131, cdn-cache; desc=MISS, edge; dur=4, origin; dur=139
content-length: 0
expires: Fri, 10 Feb 2023 22:26:40 GMT

GET
H3 200 search-29.js Show response
www.stay22.com/liveassets/ Frame B2A9 196 KB
61 KB 52ms
51ms Script
application/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/liveassets/search-29.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

03a6b99e074f916c90caa039b705bac733c276797480aee7fc98d6541b584a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 86449
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 17:34:57 GMT
server: cloudflare
etag: W/"30ec0-1837addc1e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQGLtN%2B57RnsKiRb3ntW1vU5n7EqvJN4X6CPaFdW4SwUSaI5qx0fCKnCNMLlEzRQrNGZYCpXYNrmGQWuossnOmvaTCpJr16N%2FTVlcb1eSn6kjHs6wqCtGESFmM4swXL%2FQCdrO2fWYDlemtxn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 797844880f325467-YYZ

GET
H3 200 wpsafelink.js Show response
www.stay22.com/javascripts/vendor/ Frame B2A9 108 B
696 B 78ms
76ms Script
application/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/javascripts/vendor/wpsafelink.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

22e69ba982fdbe21f351c0622239ba082970a56faf756e748bf95f5cf84182c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 86449
cf-polished: origSize=175
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Oct 2022 10:21:00 GMT
server: cloudflare
etag: W/"af-183acd00ee0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPwPcSR9yBZAncUwh3YEeUzYp8wuYQl8pLPzDvEluwcBRtMXcDrg69p%2BqMQkPVSuuNWVRy1SwjH4gvNE6jjZOjxcFyfhFlqJc%2FSAGUOvDq2EWpfZtoFu%2Fc0qUxARVjJSB8P0%2BIU5I%2F5uqOcU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 797844881f425467-YYZ

GET
H3 200 ttpu-2-11-25.js Show response
www.stay22.com/javascripts/vendor/ Frame B2A9 86 KB
34 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/javascripts/vendor/ttpu-2-11-25.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3d6548ab2ddeb0ee340cbf7641f1edd7a757c3088a5619b7c4aae1c728595346

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 88428
cf-polished: origSize=88819
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 15 Aug 2022 11:10:45 GMT
server: cloudflare
etag: W/"15af3-182a132eb08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr34MD9UAYvej6tPQJYKnDRF%2F%2FxT3xHWGch34uU7wvYQ1AxcgzKux2zdhsU2Wu8drc8iGVgf2Cb8klRS7cP53VhT4j718jxNp7qoeCqfv2FN4sKhOvQuOkwXrcPABNCYdXcGdUKPJq8%2Bc%2Bl0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 79784488980b5467-YYZ

GET
H3 200 runtime.da949668a239f7ff6723.js Show response
www.stay22.com/static/ Frame B2A9 2 KB
1 KB 40ms
39ms Script
application/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/static/runtime.da949668a239f7ff6723.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9e15c4741f1757b4b0b53cfc8d139eb86471eb687d5a20849b85f91c30744510

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 605743
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Oct 2022 14:26:24 GMT
server: cloudflare
etag: W/"68d-183d1bd3e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAV11Ml%2Fot9zY0o2apjPEKkPVXRXcgTn7O0xqgSlPWWxP261V6owjR%2BBGVDZXNB64k%2BSvI%2FXEin9n%2BKcBFif4mb4ik9tHmCf%2BkLe84H3Iit4wWWbSyw2E6qslIIBQbCpF29%2FpGplccZcZdcU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 79784488980e5467-YYZ

GET
H3 200 app.90ecec17f731847332d7.js Show response
www.stay22.com/static/ Frame B2A9 2 MB
439 KB 55ms
54ms Script
application/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/static/app.90ecec17f731847332d7.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d53c4f1f8ecf87af1bfb94f3e417e50719aed827983ae774dcf63a33d347de76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 88428
cf-polished: origSize=1678587
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 08 Feb 2023 21:25:04 GMT
server: cloudflare
etag: W/"199cfb-18632eaf380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCmTbruhGHDwcayagge5fw7vLTHQxJmRqbMO%2FqXAJptB1V7uDjy8%2FeJvOFKMWg%2FIThBjK6xJWSASGysci1AxBUZKkb9%2BqkJLfEyYIfP51Hm8P8qaGDSxh%2B5uYWtYnfVIx68EgKR7PBszbO75"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7978448898105467-YYZ

GET
H2 200 a4712ac340.js Show response
kit.fontawesome.com/ Frame B2A9 11 KB
4 KB 91ms
53ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/a4712ac340.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4631720d95ae83e374db17d6108ba4ee7122ce589ca284db242b7466250b3a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
Origin: https://www.stay22.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 59
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 79784488dca74bcb-YUL
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0GbSyveemW0u9gAA27k

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 54ms
51ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26110667-1&cid=678695702.1676067999&jid=929206184&_u=YADAAUAAAAAAACAAI~&z=695180664

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 48ms
46ms Image
image/gif 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26110667-1&cid=678695702.1676067999&jid=929206184&_u=YADAAUAAAAAAACAAI~&z=695180664

Requested by

Host: www.ingresse.com
URL: https://www.ingresse.com/holger-garotassuecas-baralto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
551 B 45ms
42ms Ping
text/plain 184.28.190.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.147 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ingresse.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
x-akamai-request-id: 18dbf6fd
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302102226401DF3BC9CB3714B32A237
x-cache: TCP_MISS from a184-28-190-143.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,184.28.190.143
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f4858e5bee81e74d69774ed42b76ebc8d600e22106a7a76167860c7102548423e2b0a957089f1e9f33f30a093ade4bc02dbe149a582cacd971b091f11f49ea6b3d5f5dd6bd689a632dcfda4e4c69f27457
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=5, origin; dur=16
content-length: 0
expires: Fri, 10 Feb 2023 22:26:40 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B2A9 49 KB
20 KB 25ms
25ms Script
text/javascript 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 21:12:51 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4429
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Feb 2023 23:12:51 GMT

GET
DATA 200
OK truncated
/ Frame B2A9 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.3.0/css/ Frame B2A9 829 KB
179 KB 61ms
55ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/css/pro.min.css?token=a4712ac340
Requested by: Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0acdcbb4e06e44e33f1451a657a384d598960b4ba19269de00ba4bb043bd1da

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:17:22 GMT
server: cloudflare
age: 276714
etag: "63d95b32-2c8bf"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448b29724bcb-YUL
content-length: 182463

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.3.0/css/ Frame B2A9 27 KB
4 KB 73ms
67ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/css/pro-v4-shims.min.css?token=a4712ac340
Requested by: Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b8ecd3a28e1c00bf67b7568e23dc3ef44e56ec02318868841abdea4aa6a274

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
age: 276714
etag: "63d95b31-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448b29764bcb-YUL
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.3.0/css/ Frame B2A9 85 KB
12 KB 95ms
89ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/css/pro-v5-font-face.min.css?token=a4712ac340
Requested by: Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbdb63d15c12ca95f3966b781433e66baeb9f1ebdc78e44a6fe41cd622a1bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
age: 276714
etag: "63d95b31-30b0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448b29784bcb-YUL
content-length: 12464

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.3.0/css/ Frame B2A9 12 KB
2 KB 80ms
75ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/css/pro-v4-font-face.min.css?token=a4712ac340
Requested by: Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b432ffa31eb0b775ca5804cfa7c5e4a01db765fe64fd9e9d1a0d1dd7e5526e6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
age: 276714
etag: "63d95b31-91a"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448b29794bcb-YUL
content-length: 2330

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/ 2 KB
961 B 114ms
113ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/?random=1676068000498&cv=11&fst=1676068000498&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&auid=1348592518.1676067999&uamb=0&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c33ecd50c7d38ff1b63387f0777004fba80f792fbef308d1254c75ef38c27a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 937
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/ 2 KB
961 B 57ms
57ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991958113/?random=1676068000506&cv=11&fst=1676068000506&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&auid=1348592518.1676067999&uamb=0&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d87fb1c6e8344b683e9f664783c91b715967cdc234dcc52fe0f44221aa44c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 937
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 991958113
google.com/pagead/form-data/ 0
0 35ms
33ms Ping
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/991958113?gtm=45be3280&hn=www.googleadservices.com&auid=1348592518.1676067999&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

POST
H2 204 991958113
google.com/ccm/form-data/ 0
45 B 33ms
32ms Ping
text/plain 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/991958113?gtm=45be3280&hn=www.googleadservices.com&auid=1348592518.1676067999&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ingresse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 991958113
google.com/pagead/form-data/ 0
0 35ms
34ms Ping
text/html 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/991958113?gtm=45be3280&hn=www.googleadservices.com&auid=1348592518.1676067999&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

POST
H2 204 991958113
google.com/ccm/form-data/ 0
54 B 70ms
69ms Ping
text/plain 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/991958113?gtm=45be3280&hn=www.googleadservices.com&auid=1348592518.1676067999&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991958113&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ingresse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 5DA7 0
73 B 19ms
19ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.ingresse.com
Referer: https://www.ingresse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.ingresse.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 22:26:40 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ Frame B2A9 65 B
321 B 113ms
38ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=3&lib=web&token=e9ad4524886d36781c045fec24199920&distinct_id=4ce3c704-d0e3-4088-8582-7e116c37a8b6&ip=1&_=1676068000529
Requested by: Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.25.190.35.bc.googleusercontent.com
Software: gunicorn /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 google
server: gunicorn
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.stay22.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
alt-svc: clear

GET
H3 200 trivago-sa Show response
www.stay22.com/api/ Frame B2A9 480 B
897 B 269ms
269ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago-sa?callback=jQuery22402562831284614493_1676068000021&lat=-23.5563&lng=-46.6877&checkin=&checkout=&adults=2&children=0&infants=0&guests=2&rooms=1&polldata=&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=USD&langshort=en&abtest=c&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&localairtld=.ca&impactid=436504&centerlat=-23.5563&centerlng=-46.6877&nelat=-23.5564561&nelng=-46.687673&swlat=-23.5563561&swlng=-46.687573&_=1676068000022

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cbe34b130bb2fc0c5477e8677017e281c1135d4edb158065e45efa93e5cebd74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"1e0-R8+qy6eF/0vScoqPLpY2Pwjzf04"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj3T%2FBEACNu9UuvsX8ls%2B1FoJqpA6RNqZtHeSJidgQmV94tTTlUMMBuH6eT12PMINistRONRDW3i1zx4xQGf1NKC7gQQsP7UueadM8HAGk4g69EP5XR9oJ2u8xo1ovku7mM4A3Uwgyj5W1ZA"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 7978448b7bff5467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 osm_bright.json Show response
tiles.stadiamaps.com/styles/ Frame B2A9 40 KB
4 KB 97ms
18ms Fetch
application/json 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/styles/osm_bright.json

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

34ac16e15d7bfabea809d458b9b7a0a62e699f92def77261a3153398de29357d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:25:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g25-pdfxu
stadia-entrypoint: erw-pop-g2-mskfq
content-length: 3790
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=60
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
BLOB 200
OK d498c139-71a5-4592-b6f3-7882f61d956b
https://www.stay22.com/ Frame B2A9 334 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.stay22.com/d498c139-71a5-4592-b6f3-7882f61d956b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cbdbb38b597ce02e0727b9b6853d872a6ea891cdaa6d1302834b1124b8abf76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 341997
Content-Type: text/javascript

GET
BLOB 200
OK d498c139-71a5-4592-b6f3-7882f61d956b
https://www.stay22.com/ Frame B2A9 334 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.stay22.com/d498c139-71a5-4592-b6f3-7882f61d956b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cbdbb38b597ce02e0727b9b6853d872a6ea891cdaa6d1302834b1124b8abf76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 341997
Content-Type: text/javascript

GET
H3 200 /
www.google.com/pagead/1p-user-list/991958113/ 42 B
64 B 39ms
38ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991958113/?random=1676068000498&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&data=event%3Dform_start&fmt=3&is_vtc=1&random=3928846366&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/991958113/ 42 B
64 B 40ms
39ms Image
image/gif 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/991958113/?random=1676068000498&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&data=event%3Dform_start&fmt=3&is_vtc=1&random=3928846366&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pro-fa-solid-900-d5bbe9.woff2
ka-p.fontawesome.com/releases/v6.3.0/webfonts/ Frame B2A9 24 KB
24 KB 26ms
24ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/webfonts/pro-fa-solid-900-d5bbe9.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c62171588181f55902d0ef986c626c2ac9ae91e479dc87fb146d105cce9d4bb

Request headers

Referer: https://www.stay22.com/
Origin: https://www.stay22.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:29:22 GMT
server: cloudflare
age: 276660
etag: "63d95e02-5e90"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448d5d374bcb-YUL
content-length: 24208

GET
H2 200 pro-fa-regular-400-d5bbe9.woff2
ka-p.fontawesome.com/releases/v6.3.0/webfonts/ Frame B2A9 29 KB
30 KB 36ms
35ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/webfonts/pro-fa-regular-400-d5bbe9.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11bdbae74671be123702dc22d81e165b73f94e9ea740361fdd06a6a7ff5366fc

Request headers

Referer: https://www.stay22.com/
Origin: https://www.stay22.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:29:20 GMT
server: cloudflare
age: 275365
etag: "63d95e00-75b0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448d5d3a4bcb-YUL
content-length: 30128

GET
H2 200 pro-fa-solid-900-b435f9.woff2
ka-p.fontawesome.com/releases/v6.3.0/webfonts/ Frame B2A9 25 KB
25 KB 34ms
33ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/webfonts/pro-fa-solid-900-b435f9.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58e315262aec06e19dabe0c560672ef38f61e127318608e8edc0f964e4968084

Request headers

Referer: https://www.stay22.com/
Origin: https://www.stay22.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:29:22 GMT
server: cloudflare
age: 276691
etag: "63d95e02-649c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448d5d3b4bcb-YUL
content-length: 25756

GET
H2 200 pro-fa-regular-400-b3d0b5.woff2
ka-p.fontawesome.com/releases/v6.3.0/webfonts/ Frame B2A9 31 KB
31 KB 33ms
32ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/webfonts/pro-fa-regular-400-b3d0b5.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5516d3f9f85b1797caca2c45f7c1d0f9c6213aafd5d8a718a8315f5ab75c29c0

Request headers

Referer: https://www.stay22.com/
Origin: https://www.stay22.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:29:19 GMT
server: cloudflare
age: 276691
etag: "63d95dff-7c30"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448d5d3d4bcb-YUL
content-length: 31792

GET
H2 200 pro-fa-regular-400-0112fb.woff2
ka-p.fontawesome.com/releases/v6.3.0/webfonts/ Frame B2A9 33 KB
33 KB 31ms
30ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/webfonts/pro-fa-regular-400-0112fb.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce23ca55dc4a8410870db4e0ebe06d6bd35babba15152a396c41dd4160153bfa

Request headers

Referer: https://www.stay22.com/
Origin: https://www.stay22.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:29:19 GMT
server: cloudflare
age: 276691
etag: "63d95dff-8250"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448d5d3e4bcb-YUL
content-length: 33360

GET
H2 200 pro-fa-regular-400-e41116.woff2
ka-p.fontawesome.com/releases/v6.3.0/webfonts/ Frame B2A9 25 KB
25 KB 23ms
22ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.3.0/webfonts/pro-fa-regular-400-e41116.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 795ac4c9a96869da4ec161192b00f3ec4cc644a8623933d4fd4ad3b81ed1396c

Request headers

Referer: https://www.stay22.com/
Origin: https://www.stay22.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:40 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 18:29:20 GMT
server: cloudflare
age: 276691
etag: "63d95e00-6350"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7978448d5d464bcb-YUL
content-length: 25424

GET
H2 200 openmaptiles.json Show response
tiles.stadiamaps.com/data/ Frame B2A9 535 B
663 B 19ms
18ms Fetch
application/json 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/data/openmaptiles.json

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

a4d84ea004b05277ba7aed25f3341d5b9cbf4d1724db469cb8e412f580a43e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g25-pdfxu
stadia-entrypoint: erw-pop-g2-mskfq
content-length: 262
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=60
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
H2 200 sprite.json Show response
tiles.stadiamaps.com/styles/osm-bright/ Frame B2A9 11 KB
1 KB 19ms
19ms Fetch
application/json 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/styles/osm-bright/sprite.json

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

381c1058d5caabcfb3d265ce6996b8d8563e44bd30dc47d76af64ae054077cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:25:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g25-cliao
stadia-entrypoint: erw-pop-g2-mskfq
content-disposition: attachment
content-length: 1109
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=60
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
H2 200 sprite.png Show response
tiles.stadiamaps.com/styles/osm-bright/ Frame B2A9 12 KB
12 KB 23ms
23ms Fetch
application/json 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/styles/osm-bright/sprite.png

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

105e03fc5aa13e95b57c0b64763572ee09d7a8531504954eb197712cd0c490b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: image/webp,*/*
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:25:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g25-pdfxu
stadia-entrypoint: erw-pop-g2-mskfq
content-disposition: attachment
content-length: 12137
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=60
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
H3 200 /
www.google.com/pagead/1p-user-list/991958113/ 42 B
64 B 39ms
38ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991958113/?random=1676068000506&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&data=event%3Dform_submit&fmt=3&is_vtc=1&random=3359342420&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/991958113/ 42 B
64 B 41ms
41ms Image
image/gif 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/991958113/?random=1676068000506&cv=11&fst=1676066400000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&ref=https%3A%2F%2Ft.co%2F&tiba=Holger%20%2B%20Garotas%20Suecas%20no%20Bar%20Alto&currency_code=BRL&data=event%3Dform_submit&fmt=3&is_vtc=1&random=3359342420&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ingresse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 22:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 trivago Show response
www.stay22.com/api/ Frame B2A9 481 B
899 B 400ms
399ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago?callback=jQuery22402562831284614493_1676068000021&showhotels=false&showairbnbs=false&showothers=false&isinstantbook=false&islastminuterequest=false&checkin=&checkout=&min=0&max=1000&adults=2&children=0&infants=0&guests=2&rooms=1&featuredhcids=&featuredabids=&featuredhpids=&skiphcids=&skipabids=&onlyhcids=&onlyabids=&bedrooms=0&beds=0&bathrooms=0&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=28&localairtld=.ca&impactid=436504&lat=-23.5563&lng=-46.6877&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&_=1676068000023

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d67316701cf00c62e1c3c6bd585d824c1f8d23f0d996a2a64312ef2671b4e23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"1e1-tdR24wImxbhPckM5gV6GXqRL2Gw"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx06dmAmMXuiBUORWC9%2BkGW0PnhqQz5NuiR4JENex%2FL4ecvhZqX5sl%2BuN03UPLydiBj0%2Fd5z48Qsxghs5wdvQHzUg9Nl8Og6mHm6tf2b7zmxhXMKTZXaGb%2B7gzf5yWTxRFVaWsQ8RABzZUw5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 7978448fcb885467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pois Show response
api.stay22.com/ Frame B2A9 456 B
654 B 130ms
122ms Script
application/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stay22.com/pois?callback=jQuery22402562831284614493_1676068000024&lat=43.8137&lng=-79.4531&radius=40&limit=50&types=airport&_=1676068000025

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/liveassets/head-7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f0b19d67ec4e2dc354033e942c0b388da0acf2c9f15f02f73cdba53e748e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:41 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYcKiB5w0zk3H6FRwjpakzkKpWfI8kJiClE0zBLTIWbwvTQOYgnd2ItopGhw0hDkQVMRYqfta5uu1udXHwJxSik9KnI4Zq28o4iIG3n%2BPSUZHVIbvP3H8HlW%2B5QgUgf77hl8msc1ZPKQS6n3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7978448fd8a2a1ed-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 expedia Show response
www.stay22.com/api/sponsors/ Frame B2A9 112 B
615 B 146ms
145ms XHR
application/json 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/sponsors/expedia?did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=28&localairtld=.ca&impactid=436504&lat=-23.5563&lng=-46.6877&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&iata=YYZ&checkin=&checkout=&adults=2&unitsystem=km

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a54caf4f77067a21a90bc4dd3df1b3454d3d4dd00a7c1c62544d8cd9e47349ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:41 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: Express
etag: W/"70-CCeTih2rjnv6o0YaJ0Ki0xh+Lo0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gU%2F%2FMCAnZzStbKqT1xdIRa2jOT%2BerWOfwLY7I8W8wtaEpgesp5XCbDNFPNQG7jD1nOxuULABFZnuHnekTV2oq7AHzxT%2FhBitKKkpcybT3t0lb1B4uC4KKP8fLyf6m2st3m6U8aD2ikIOX0x"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 79784490acc65467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 0-255.pbf Show response
tiles.stadiamaps.com/fonts/Stadia%20Italic/ Frame B2A9 89 KB
28 KB 19ms
18ms Fetch
application/x-protobuf 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/fonts/Stadia%20Italic/0-255.pbf

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

1f56c1b2fcafe1c3b64c4842716ea099c5a3f86af207552327b30e3bc3c2a513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:12:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g24-khinb
stadia-entrypoint: erw-pop-g2-mskfq
content-disposition: attachment
content-length: 28400
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=86400
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
H2 200 0-255.pbf Show response
tiles.stadiamaps.com/fonts/Stadia%20Regular/ Frame B2A9 85 KB
26 KB 20ms
20ms Fetch
application/x-protobuf 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/fonts/Stadia%20Regular/0-255.pbf

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

bc13f9a2cf1db4c5ae7c86d3153601489d3bde1507b017ca64f86da82520df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:12:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g24-yozsh
stadia-entrypoint: erw-pop-g2-mskfq
content-disposition: attachment
content-length: 26249
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=86400
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
H2 200 0-255.pbf Show response
tiles.stadiamaps.com/fonts/Stadia%20Semibold/ Frame B2A9 87 KB
27 KB 21ms
21ms Fetch
application/x-protobuf 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/fonts/Stadia%20Semibold/0-255.pbf

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

c3c38c7a34bcf92b3504c17f794d818cfdd230e5cc832479e94c6059cfc34121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:12:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g24-docvv
stadia-entrypoint: erw-pop-g2-mskfq
content-disposition: attachment
content-length: 26853
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=86400
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
H2 200 8192-8447.pbf Show response
tiles.stadiamaps.com/fonts/Stadia%20Semibold/ Frame B2A9 60 KB
24 KB 26ms
26ms Fetch
application/x-protobuf 2600:3c03:e000:43f::1
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://tiles.stadiamaps.com/fonts/Stadia%20Semibold/8192-8447.pbf

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:3c03:e000:43f::1 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

Resource Hash

63d8440cf4570fac2e5ae7f9be0c2acfa8df8ebda8c7396025cf1f6ad70cf8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:12:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
stadia-tileserver: dfw-tileserver-g24-docvv
stadia-entrypoint: erw-pop-g2-mskfq
content-disposition: attachment
content-length: 23816
stadia-cache: HIT
vary: accept-encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-age=86400,s-maxage=86400
stadia-x: no
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Stadia-Auth

GET
H3 200 trivago-sa Show response
www.stay22.com/api/ Frame B2A9 480 B
902 B 244ms
244ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago-sa?callback=jQuery22402562831284614493_1676068000021&lat=-23.5563&lng=-46.6877&checkin=&checkout=&adults=2&children=0&infants=0&guests=2&rooms=1&polldata=xtUV64pO3jIK3llduKtKxHDLFG5OPqfVdGBQVmegrD9jr1V7fpQVKz%2BC5aUZbmiGy%2Fp5cKCZqFQWBUzEUEkiFz8KDLdweFuiSrtiO0KxHeZMDRv4NZMHelJonZm9k4YOfhmlNNxtQy3Kvy73yzX7oQMb1PeT1z6sVUPqDvdlshCPNvgkqHOrS6s2lcUl2g8rhjpoB6WUo13uxBj2ge5qxHyec8k2h56TjiAoPw%3D%3D&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=28&localairtld=.ca&impactid=436504&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&_=1676068000026

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2ef2b3c84ce65ed72828b5c9e29f97b579c290d3a8b3c5598150500efc823d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"1e0-bT9nDO9i6Q8Vorw8AnW1mIzY0ts"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gk%2Fd38Vr%2Ft5vSrijP2zgB%2BNB9S7HuO7Al5lAPZ7FAZFhtksBQnowlcwtchOIOWg6OyxblMfCn4J%2FpA3m7Rh5TU5PcDCjb6RP8yEln9JeKezHh7hnv7swDZ1rytpQ%2BoSCK4z8E9hjdFVsCNf"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 7978449398ae5467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 trivago Show response
www.stay22.com/api/ Frame B2A9 13 KB
3 KB 366ms
365ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago?callback=jQuery22402562831284614493_1676068000021&showhotels=false&showairbnbs=false&showothers=false&isinstantbook=false&islastminuterequest=false&checkin=&checkout=&min=0&max=1000&adults=2&children=0&infants=0&guests=2&rooms=1&featuredhcids=&featuredabids=&featuredhpids=&skiphcids=&skipabids=&onlyhcids=&onlyabids=&bedrooms=0&beds=0&bathrooms=0&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=36&localairtld=.ca&impactid=436504&lat=-23.5563&lng=-46.6877&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&polldata=AVOk2NG1V%2Bo5sN%2F8qUFtGdjCNkzb%2F09%2F1ucExw61WdbrX8Kfx2XeIdJIORMcIWQKLwACcb%2BuKbvVyX%2B6WIaShWsaisbTHiFxCEhH%2B3fUJvrxq1EjznkGW3WrRKoNtVk5Fc%2BakKtfogNKLmh3tPV2rUMLZBUvb%2Fb6cLunpow3zm6dTAH0xCDVQ3ALFv2q3wZbw0PAm674aJIFilz%2BUQvCxQ0nYKv1E%2B8qzQ3mqA%3D%3D&_=1676068000027

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

867de6cc2e99cc426061d35ab357d8f33d26a90a1deff807202d9ca913bcc611

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:43 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"324b-U1ZbHi3xLIS8GNQV+9SnxF4tT3g"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hp38%2FDnjsQ%2BSOz7M6QL4%2F7ZbTmsN5QhWLDjPNyQdTj0hC6Uzrkm3PJH%2BCjgcsmKlsBwfCqbqlCA0Ebl3uyLCyfRmS4y0ZC6ixGBeLtXEKVb0Mx9kqqyXXcgDd9YwB3gSnbdeb%2Fw%2BETzvqYDB"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 79784499fb3f5467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 BKS_v2.png
www.stay22.com/images/providers/ Frame B2A9 712 B
1 KB 35ms
34ms Image
image/webp 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stay22.com/images/providers/BKS_v2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fc492c48c19bd2305d25c23c3a91465039087444e9c243c98adc0fc706cd56ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:43 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 85993
cf-polished: origFmt=png, origSize=1194
x-powered-by: Express
content-disposition: inline; filename="BKS_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 712
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Feb 2023 16:05:02 GMT
server: cloudflare
etag: W/"4aa-186180627b0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTgIIpOjg7F5DIwA6XTxmjky8lY40UPlkR8Kd7tvBpO23jLfEhl7U%2FU27h4KS9Q3iLluy2JiYkG5RuBv%2BlkrFtkiBZY3KrCutqi4vShpMATNI9USB8%2Fcn8BmIWquPDM1%2BhWEJ8lpD2%2FiR5R%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 7978449ccf505467-YYZ

GET
H3 200 trivago-sa Show response
www.stay22.com/api/ Frame B2A9 480 B
901 B 320ms
320ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago-sa?callback=jQuery22402562831284614493_1676068000021&lat=-23.5563&lng=-46.6877&checkin=&checkout=&adults=2&children=0&infants=0&guests=2&rooms=1&polldata=b%2FgD1XRxL14QEtSju1Cjnm8iFRPPRTjHg5%2FhXKApUyJB7MswdYcWG6PJMkvJo6aphfBHouBiL%2B9d07smiAxuxov6ZnXQB%2BEZfOUEUL%2FgzJss6LPiYS3uu%2F7jhcB2jCiOKR56syAPeA7enD2QqmV6cS0gcs4JlNMxISIsUtytPHP3uK08beunJrmiRLVafaJhvCXmzPO6omfZs0EpJ04QTjWYmcbKXdygBPdRag%3D%3D&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=28&localairtld=.ca&impactid=436504&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&_=1676068000028

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b2250af3c8783b2cf06018c29485aab795aea95c9cad5f7a5b9fb873600f5136

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:44 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"1e0-0EChvPgd4wroqS4oYDGT9SH5Ets"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTymKB9dVECzgh%2FxNQUizfTue5donzlQeLChj7rjPJz7J4%2FN4RbtoZtaTCumshQytkJDj6DE7D8wYh1sTeLLq4%2BSxLinO5RcI230G4399PTSC8Hw5jfnD9CnG%2FMCWblZmKGYNuzZrg7ibeU2"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 797844a0dcfd5467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 trivago Show response
www.stay22.com/api/ Frame B2A9 12 KB
3 KB 297ms
296ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago?callback=jQuery22402562831284614493_1676068000024&showhotels=false&showairbnbs=false&showothers=false&isinstantbook=false&islastminuterequest=false&checkin=&checkout=&min=0&max=1000&adults=2&children=0&infants=0&guests=2&rooms=1&featuredhcids=&featuredabids=&featuredhpids=&skiphcids=&skipabids=&onlyhcids=&onlyabids=&bedrooms=0&beds=0&bathrooms=0&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=36&localairtld=.ca&impactid=436504&lat=-23.5563&lng=-46.6877&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&polldata=d7IhHBRMFd8xFJEWXXaHkItEQ5eKQxTM6wgDOI4W9dX3KpJ%2Bsp4FwSCWFIY%2Bthfl%2FikgUJEQ1VgTKuAlgrqbv5sXPmbGaZazvueeE6ID%2FCLEdmDs6HWXRHb6dL6C42WpETpLmZWinW7d3Fm7uuTsPR8Q2NPp9nt3Mz2MqABdnskpHqA4xHafHWPCNrkM3Hkct8rLk57gqit4eNuxEaQQJ1ea4%2Bf8UdS2rjG%2Fhg%3D%3D&_=1676068000029

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

56d1fde9a9b7978a624090b975a024fbbc4a7961e7dee56b51653400029ce58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:45 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"3158-VsuiPf2JnYqjhRqm/223ju3CPIU"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhJmxoCZZbIhHqIjVXfiAS765unE%2F5b6B6mPDcPNtA3VE4d2haM0zu7081uM2%2BVvBoSxCQLBjfNEgz1L1Ywzub%2Ba9i52TiNhQ8E%2B1wrBuuBjDKGVF6Pe%2F9OckHnCVgR%2Fw6QBBzL4PThMvPVk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 797844a5ac695467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 404 collect
www.ingresse.com/g/ 149 B
412 B 37ms
29ms Ping
text/html 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ingresse.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1676067999&sct=1&seg=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&_s=6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6BNXL3KJ5Z&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),

Reverse DNS

Software

nginx/1.18.0 / Express

Resource Hash

5ceffdb9a3215de3c786476dd873a63deb51831489709dcc59f75af4cf0a69cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ingresse.com/holger-garotassuecas-baralto
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 10 Feb 2023 22:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'
server: nginx/1.18.0
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 136

GET
H3 200 BKS_v2.png
www.stay22.com/images/providers/ Frame B2A9 712 B
1 KB 37ms
37ms Image
image/webp 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stay22.com/images/providers/BKS_v2.png

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fc492c48c19bd2305d25c23c3a91465039087444e9c243c98adc0fc706cd56ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:46 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 85996
cf-polished: origFmt=png, origSize=1194
x-powered-by: Express
content-disposition: inline; filename="BKS_v2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 712
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Feb 2023 16:05:02 GMT
server: cloudflare
etag: W/"4aa-186180627b0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnJ%2FHvvmBsqkn%2Fqkt0wpdmkka4Yw3jv72GnIyL6JqYhLcoZFZQYpBI1XuwgGL%2Bb4GU9ploVqFiSjvQSSA7SWNrFIUYjQkBvgZUODxLOjCXBXSzUA%2FUeHsd0z0ilMlup10yaKQBgIA4OPZ5BI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 797844b18dc35467-YYZ

POST
H2 200 / Show response
api-js.mixpanel.com/track/ Frame B2A9 25 B
184 B 65ms
64ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1676068006633

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 10 Feb 2023 22:26:46 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.stay22.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H3 200 trivago-sa Show response
www.stay22.com/api/ Frame B2A9 480 B
906 B 331ms
330ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago-sa?callback=jQuery22402562831284614493_1676068000024&lat=-23.5563&lng=-46.6877&checkin=&checkout=&adults=2&children=0&infants=0&guests=2&rooms=1&polldata=W5gPipVV6w1Za7kRUs4p3jU0fuEvVC9Q6wVUfMzgQGOWzKjv%2Bp2s%2BClaz5UKZn8qWc3P5KjGUicCHmn5Zid0CFb1KTO3E%2FWOay5XVd3jwDWJXhZiL6TPY%2B6%2F6gLIJYDEvbistSG62fUzD7u9E4qHZouSzefobG2sknVqebO%2BC9gb5knUPpVwUYE3EVdwtm69Ufhjye1iUCz3kMqmDL9M0KD1G%2FkZiM7N24LaBA%3D%3D&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=28&localairtld=.ca&impactid=436504&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&_=1676068000030

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4c95a3041f6df2da6f638a9b61bbd36e45ac236fe2434bab91ca03a8c54c0b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:46 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"1e0-w/chYAvk1z6FnZf7keX6hjtAQkk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gdun%2Fme%2FL9imRaOQ%2FSM5QMOa%2BjEbmszPKBsqv5cupq3Jg%2BQHGgPDj0DFwYHXK2iBwzSdA7OjNH8hCSy7nSOKobH73AWdHW2vtr0uTdLyI%2BoGEfBWOeiDUva62ys%2BXy8rrVx5Y5ILygt7op2"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 797844b19ddd5467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 trivago-sa Show response
www.stay22.com/api/ Frame B2A9 480 B
907 B 415ms
414ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago-sa?callback=jQuery22402562831284614493_1676068000024&lat=-23.5563&lng=-46.6877&checkin=&checkout=&adults=2&children=0&infants=0&guests=2&rooms=1&polldata=bRz%2BkQGSp%2Fpg4W4P3vH%2BtbQPjgwm%2FWYNokfHLKqjeB9VpO9fS0kYOhOPFQjB59bI7DUBJkplFE7cfiqHg0pBTAB37UdgNnSb3NjPLl5HnmqE7GF9USOJEx6HZVn39i3U4Sx%2F%2BFbba%2BepxJREI%2BJ4cEd4SHtY5xuGkhjlgIVRhibfOC38S7SN19EDXPdPodT7ctfCqAwbFF%2BlJjIKN0bukpMGBOT53CeXkzsyKQ%3D%3D&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=28&localairtld=.ca&impactid=436504&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&_=1676068000031

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f4bce2a6b51edde16a05d6539658ce978d7b20d192f04a8c890593b4b37ae754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:49 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"1e0-Lf/k+n/qo/ALGX1chgnufTSYYGA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vG%2FpXfX2GD9m2kBcxZc0hciTw2ZdmUiSa%2BsVcFtsvnFdkh9nWOIK4DL6ugJHVmkjGqcjhYKWE%2B1wqcMy7acNSIHtpQC5FuvZRBORPmVx%2BGqO%2BDjnYD8ViFeI7P%2BITbQpml7uEhu%2FR5%2FRg5hb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 797844c29e905467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 trivago-sa Show response
www.stay22.com/api/ Frame B2A9 7 KB
3 KB 383ms
382ms XHR
text/javascript 2606:4700:20::681a:c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/api/trivago-sa?callback=jQuery22402562831284614493_1676068000024&lat=-23.5563&lng=-46.6877&checkin=&checkout=&adults=2&children=0&infants=0&guests=2&rooms=1&polldata=IJyajb%2F%2Buzm%2FKNlJ44ztkK6JYCojolHXhupVN%2FslQ%2F98sXXHJMEhV7h3hOkMI3karmObQlHprDBw0HnxE47omcrUWZNb8uSm%2BbEuKrJWyyWIT83JT6TidEcw1kKbp1Uh9CsQa1FiBCl4MAEiyA43IWEpJv36O7aGu8ZC6c0IEqwhaStH3xosS3ru0WZLTuobNyhR8RVNedsWcxuLuoNEXguvzw96avsngAcT4A%3D%3D&did=6gyccxen9e&cid=gm&aid=222&sessionid=4ce3c704-d0e3-4088-8582-7e116c37a8b6&groupId=628561ee575b930015df6745&baseAID=ingresse&legacyaid=ingresse_c-desktop*en-ca*ca*chrome*0210&campaignid=&isnear=true&isstatic=false&city=S%C3%A3o+Paulo&fullcity=S%C3%A3o+Paulo%2C+Brazil&timezone=-03%3A00&zoom=16&currency=CAD&langshort=en&abtest=c&width=860&height=550&mapstyle=default&distanceuserfromvenue=8202572&priceper=nightly&limit=28&localairtld=.ca&impactid=436504&centerlat=-23.555799999999465&centerlng=-46.68770000000194&nelat=-23.55309539774187&nelng=-46.683086600496296&swlat=-23.55850454659584&swlng=-46.69231339950801&_=1676068000032

Requested by

Host: www.stay22.com
URL: https://www.stay22.com/static/app.90ecec17f731847332d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0fd96d2fa217047650087e2c8c639ac83feaf9e901096361aa0a2366e411a52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.stay22.com/embed/gm?aid=ingresse&lat=-23.5562867&lng=-46.6876818&maincolor=FFFFFF&fontcolor=000000&markerimage=https://images.squarespace-cdn.com/content/v1/59d68fe3017db263203e4b79/1507233943500-PL0SQBRD1YH3ZW3J4GDH/Logo%403x.png?format=1500w
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 22:26:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-powered-by: Express
etag: W/"1aef-EHgIUYgNMaL6107a9XJgim/THVM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK%2FVEkh3%2FgBbp0XPeeaxNTxNdrd29%2F7qws0FEOyk4WJMpXbDPYWwXGCrb90o76cR%2FagRiM%2FJCVma1oXZw9HXFdpVyEg%2BHjvQMDCEYQ0j0tsCPixm5lZtDowxfHrW8xaMAxAXewW2iEVN4Iku"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 797844cafae85467-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 19:10:27	Name: muc Value: 704d9f3f-dc61-4c98-af49-50b32cb3dea0
.t.co/	1970-01-20 19:10:27	Name: muc_ads Value: 704d9f3f-dc61-4c98-af49-50b32cb3dea0
.ingresse.com/	1970-01-20 11:44:03	Name: _gcl_au Value: 1.1.1348592518.1676067999
.tiktok.com/	1970-01-20 18:56:03	Name: _ttp Value: 2LZ9zQZb42iWcuNtPei4wPWBiDr
.doubleclick.net/	1970-01-20 19:10:27	Name: IDE Value: AHWqTUmX7CWuKK3_yWrVCNgMryDBB05SzKiroj0Hch6H86CYN4uOhzNNn57b9Vxr
.ingresse.com/	1970-01-20 19:10:27	Name: _ga_6BNXL3KJ5Z Value: GS1.1.1676067999.1.1.1676067999.0.0.0
.ingresse.com/	1970-01-20 19:10:27	Name: __ssid Value: 9d4c0bb8a3126e739a2704c1f7355f1
.ingresse.com/	1970-01-20 19:10:27	Name: _ga Value: GA1.2.678695702.1676067999
.ingresse.com/	1970-01-20 09:35:54	Name: _gid Value: GA1.2.582637036.1676068000
.ingresse.com/	1970-01-20 09:34:28	Name: _gat_gtag_UA_26110667_1 Value: 1
www.stay22.com/	1970-01-20 19:10:27	Name: session22 Value: eyJpZCI6IjRjZTNjNzA0LWQwZTMtNDA4OC04NTgyLTdlMTE2YzM3YThiNiIsImFidGVzdCI6eyJ0ZXN0TmFtZSI6Ijc2LUZTLUUtVjEwMCIsInZlcnNpb24iOiJjIiwid2VpZ2h0IjowLjI1fX0=
www.stay22.com/	1970-01-20 19:10:27	Name: session22.sig Value: sX-dQRovy_48WwJk7PYEkFmYzow
.ingresse.com/	1970-01-20 11:44:04	Name: _fbp Value: fb.1.1676067999786.723521019
.ingresse.com/	1970-01-20 18:20:03	Name: _hjSessionUser_2926126 Value: eyJpZCI6ImI1YTU2NGVkLTEwYzctNTgxZi05NDMwLTQ1OTUzYjYwMWU1MyIsImNyZWF0ZWQiOjE2NzYwNjc5OTk3MzgsImV4aXN0aW5nIjpmYWxzZX0=
.ingresse.com/	1970-01-20 09:34:29	Name: _hjFirstSeen Value: 1
www.ingresse.com/	1970-01-20 09:34:28	Name: _hjIncludedInSessionSample Value: 0
.ingresse.com/	1970-01-20 09:34:29	Name: _hjSession_2926126 Value: eyJpZCI6IjRiMzQwNDE3LTYxMzYtNDk3MC05ZDNhLThhNzcyNTIzZGU4ZSIsImNyZWF0ZWQiOjE2NzYwNjc5OTk4MTMsImluU2FtcGxlIjpmYWxzZX0=
.ingresse.com/	1970-01-20 09:34:29	Name: _hjAbsoluteSessionInProgress Value: 0
.ingresse.com/	1970-01-20 18:56:03	Name: _tt_enable_cookie Value: 1
.ingresse.com/	1970-01-20 18:56:03	Name: _ttp Value: iJGyX434tYgkZcCIndyI0MiRFkD

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ingresse.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1676067999&sct=1&seg=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&en=page_view&_et=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ingresse.com/g/collect?v=2&tid=G-6BNXL3KJ5Z&gtm=45je3280&_p=1757310351&cid=678695702.1676067999&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1676067999&sct=1&seg=1&dl=https%3A%2F%2Fwww.ingresse.com%2Fholger-garotassuecas-baralto&dr=https%3A%2F%2Ft.co%2F&dt=Ingresse&_s=6 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-js.mixpanel.com
api.stay22.com
assets.queue-it.net
cdn-queue.com
cdn.ingresse.com
cdn.siftscience.com
connect.facebook.net
embedstore.ingresse.com
event.ingresse.com
fonts.googleapis.com
fonts.gstatic.com
front.ingresse.com
google.com
googleads.g.doubleclick.net
gtm-pv2bdfr-otk5n.uc.r.appspot.com
hexagon-analytics.com
images.squarespace-cdn.com
ka-p.fontawesome.com
kit.fontawesome.com
kraken.ingresse.com
script.hotjar.com
static.hotjar.com
static.queue-it.net
stats.g.doubleclick.net
t.co
tiles.stadiamaps.com
vars.hotjar.com
wchat.freshchat.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.ingresse.com
www.stay22.com
104.168.172.151
104.244.42.69
108.138.106.49
108.138.128.36
13.225.223.39
13.33.60.72
13.35.93.78
151.101.192.238
18.164.96.77
18.238.4.111
184.28.190.147
206.41.74.3
2600:3c03:e000:43f::1
2606:4700:20::681a:c6
2606:4700::6812:1634
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1d::99
2607:f8b0:4006:809::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
3.230.201.250
34.102.232.42
34.238.89.27
34.96.67.224
35.190.25.25
03a6b99e074f916c90caa039b705bac733c276797480aee7fc98d6541b584a76
04f408ee6064f8dde4be54993d23ed1de7abba34cefc666b787ff57bb78447ad
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
06d3b0b0275ac4ecdb072608a20634610add7130184a3d39a7bf3d3d5490e076
08e7070addacd5726c18838273cd5665145829dc4497f38d0e0f9a8658064736
0b1775c459df3ec5160019ee5c1a8b346d07841fcbefbba43ac6a4ecb5bfd5bd
0d87fb1c6e8344b683e9f664783c91b715967cdc234dcc52fe0f44221aa44c39
0f6a2af83a80c70c179054b5af0c993cc671690086dc996c92b3aaf76d6c501c
0fd96d2fa217047650087e2c8c639ac83feaf9e901096361aa0a2366e411a52d
105e03fc5aa13e95b57c0b64763572ee09d7a8531504954eb197712cd0c490b5
1144fe8dea8f7c44954e7dbe6139a7063bde1760d952177f31543eba8b3e841b
11bdbae74671be123702dc22d81e165b73f94e9ea740361fdd06a6a7ff5366fc
1c62171588181f55902d0ef986c626c2ac9ae91e479dc87fb146d105cce9d4bb
1cbdbb38b597ce02e0727b9b6853d872a6ea891cdaa6d1302834b1124b8abf76
1f56c1b2fcafe1c3b64c4842716ea099c5a3f86af207552327b30e3bc3c2a513
1f92df491de359b771ba7268be7079b1ede6de9414b30a07ae0af49f9e6f12f7
22e69ba982fdbe21f351c0622239ba082970a56faf756e748bf95f5cf84182c7
25acfee108722629e643781fd97796c27dbb7bb43f174f83620e27ab6927096d
2ef2b3c84ce65ed72828b5c9e29f97b579c290d3a8b3c5598150500efc823d3d
32f08b33a2e49181c67c967cecea533e8010850ee8fb4adf08724bbede3cdbc1
34ac16e15d7bfabea809d458b9b7a0a62e699f92def77261a3153398de29357d
381c1058d5caabcfb3d265ce6996b8d8563e44bd30dc47d76af64ae054077cb3
3d6548ab2ddeb0ee340cbf7641f1edd7a757c3088a5619b7c4aae1c728595346
3f8e3a4c653c5e8cfc5ea9c62c3a1ebf50c34ecebeff2e190652553e6eab3631
40f7df35acf166922592ca3df483d3f200b8af096fb1e1cef02c4cf4a9ece65c
41e9f18037209c061af50e5426aacf3780f16a420dd700770d15ef0693c5ca0c
4631720d95ae83e374db17d6108ba4ee7122ce589ca284db242b7466250b3a0b
4950f6caf32b017a565ff597ed98ba78f0882c256abf14b22c1eb5d1e2919198
4b432ffa31eb0b775ca5804cfa7c5e4a01db765fe64fd9e9d1a0d1dd7e5526e6
4c95a3041f6df2da6f638a9b61bbd36e45ac236fe2434bab91ca03a8c54c0b8d
4cc8d98fb7d318e59cdf446788e68d467bb0f01947ffe5fda034e96261b89e0b
4cd4aaecdabe71bda5b5c1f56b18aa7934f2923963b860cc1875f7e85e7c9f97
4e7c0a05fb54621f837cedcce0232bbcea533462d858aca31ed036d9b921b059
51aebaae4a2e8af2d4abe7f2a6c2e97fec23906da759d000ed098d7a18760721
53cd784e76126a9f5367c7e4a83233d9e9ff49fb7a3780c20a30f0dd559f727d
5516d3f9f85b1797caca2c45f7c1d0f9c6213aafd5d8a718a8315f5ab75c29c0
56d1fde9a9b7978a624090b975a024fbbc4a7961e7dee56b51653400029ce58a
58e315262aec06e19dabe0c560672ef38f61e127318608e8edc0f964e4968084
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b2a3f494744cb97ff4c56a8b95c5f52c95885018746538faf179f3f327bb6fe
5ceffdb9a3215de3c786476dd873a63deb51831489709dcc59f75af4cf0a69cf
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
633a21aa53c2316d1eba81c850bfe0d5512448253dd38f722a518738ad69a062
63d8440cf4570fac2e5ae7f9be0c2acfa8df8ebda8c7396025cf1f6ad70cf8f1
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6aabc473c6cd876873eb0f3e6c280b369f69baea63b3a70dc23fc4102cfa27d4
6b4a82c0de4398a8d39547fa29f0804e225b1385e1dc091055e73e1b4910e5b3
6cbc0e665ba23c67394e2ab842b39c231e8cc28e474184a14922eae1bcd90661
7157deb8ebe872e9ad11477112493ef6d3175123c43073bbbc81954295049f08
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
795ac4c9a96869da4ec161192b00f3ec4cc644a8623933d4fd4ad3b81ed1396c
7b6a8dc47b0d8123636ca9c73bf5b41626262542426da96a6e8ae191ca782578
7c31c135913af767433f9b62299c318b37e43779473f1c32fd4859cf9bfa1b85
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867de6cc2e99cc426061d35ab357d8f33d26a90a1deff807202d9ca913bcc611
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8a7a928fc6ade7c77f18adc8599442ccc0a42237d2767b25b95a8e70d4f75aee
8b70d815bd10718bf2988c0c1cd1a36107be04476ffe98d98421f1c3a0e191d5
8ebcef62a9ec6f42fd3994e85bfbe83b0ca0e3574215b7d2326ce7e6059003d1
934b84598e9c77de1fcd3f7c09aea5e96c48a89993a3f8e9b1d61200ae90cf47
93fa91c2b29a7420c6b14c4547e0e3dc169b17c9d5f9c96bc6bcca1723974ab6
944ab414abd7379509535f0f7422544deaf2a4d19b9fbee4ef9bd1b6b02b3dcd
9ac9369e054e094229be260cf7173c20c3c816e854963f765e50dac09d851c1a
9c33ecd50c7d38ff1b63387f0777004fba80f792fbef308d1254c75ef38c27a3
9e15c4741f1757b4b0b53cfc8d139eb86471eb687d5a20849b85f91c30744510
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e66337b52542f237199de3e6a1510d1ffa42ffc1916ad941f0062db80daf62
a4d84ea004b05277ba7aed25f3341d5b9cbf4d1724db469cb8e412f580a43e93
a54caf4f77067a21a90bc4dd3df1b3454d3d4dd00a7c1c62544d8cd9e47349ed
aa14420b5df2a42c98ad8173625fdf7bf200d16e7e3d540c0ac14d0f8e877ebd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2250af3c8783b2cf06018c29485aab795aea95c9cad5f7a5b9fb873600f5136
b7d4c723740862f9e4303e9cfdd6a88b597041c13aa5d16d913b54044248e01e
b887e261d80ed5ba62609a1a7707d804ab685d2263b32ca12a94d7dc2cd68447
bafbdb63d15c12ca95f3966b781433e66baeb9f1ebdc78e44a6fe41cd622a1bd
bc11dbacb3bbda8b83af520aec418f8611ac3c74cd4ea67b89e88f9f75cdd6db
bc13f9a2cf1db4c5ae7c86d3153601489d3bde1507b017ca64f86da82520df01
bead6815bb6fff86a3840d55671538bbea989a041b07fcf6e92f8ac9b8dbbf41
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c3c38c7a34bcf92b3504c17f794d818cfdd230e5cc832479e94c6059cfc34121
c508fc8748a0cc16a9aca8adbcbc50234bc27ce7bea40654dfa660ff34444b5a
cbe34b130bb2fc0c5477e8677017e281c1135d4edb158065e45efa93e5cebd74
ce23ca55dc4a8410870db4e0ebe06d6bd35babba15152a396c41dd4160153bfa
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d0acdcbb4e06e44e33f1451a657a384d598960b4ba19269de00ba4bb043bd1da
d3367491a91008869391cdeecf7a331aa7ce432273c6d2fc87cc7cebf87217fa
d53c4f1f8ecf87af1bfb94f3e417e50719aed827983ae774dcf63a33d347de76
d67316701cf00c62e1c3c6bd585d824c1f8d23f0d996a2a64312ef2671b4e23c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bb9e1f3315f62485960bf050a29e1fd86764d3159e6bbcb3b46bf921c641f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13fe033798c1090ad7b6696c9ad618ac47d16cb40bb9c321803683828d34f23
f184c6ffdf3da68512b5e0d0de3d6d426f4e242653d3af9228bbf7b74e51de7b
f4bce2a6b51edde16a05d6539658ce978d7b20d192f04a8c890593b4b37ae754
f4fa433d8d3d397dff6e2c2883fcc51bd1364fc40c0a951e133a63c4ae9bde1a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8b8ecd3a28e1c00bf67b7568e23dc3ef44e56ec02318868841abdea4aa6a274
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
f9f0b19d67ec4e2dc354033e942c0b388da0acf2c9f15f02f73cdba53e748e5f
fc492c48c19bd2305d25c23c3a91465039087444e9c243c98adc0fc706cd56ed
fef674650ed6bd2eeeeb8ca6b474b2b687a8a37f56a106948942308e3d5d82a7

www.ingresse.com Open in urlscan Pro 206.41.74.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

99 %HTTPS

47 %IPv6

24 Domains

36 Subdomains

33 IPs

2 Countries

2464 kBTransfer

8530 kBSize

20 Cookies

9 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ingresse.com Open in urlscan Pro
206.41.74.3 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

99 %
HTTPS

47 %
IPv6

24
Domains

36
Subdomains

33
IPs

2
Countries

2464 kB
Transfer

8530 kB
Size

20
Cookies

142 HTTP transactions
3 data transactions