operations.red Open in urlscan Pro
2606:4700:3031::ac43:bd26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://operations.red/
Submission: On April 04 via api (April 4th 2024, 1:16:12 am UTC) from US — Scanned from US

Summary HTTP 90 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 24 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3031::ac43:bd26, located in United States and belongs to CLOUDFLARENET, US. The main domain is operations.red.
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2024. Valid for: 3 months.

This is the only time operations.red was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:bd26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
24	104.19.237.57 104.19.237.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.238.57 104.19.238.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::54	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	172.67.180.67 172.67.180.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	44.240.196.172 44.240.196.172	16509 (AMAZON-02) (AMAZON-02)
1	13.225.189.204 13.225.189.204	16509 (AMAZON-02) (AMAZON-02)
9	172.67.189.38 172.67.189.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	2600:9000:26a... 2600:9000:26a0:fc00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f08e:219:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	3.161.214.161 3.161.214.161	16509 (AMAZON-02) (AMAZON-02)
9	23.206.172.53 23.206.172.53	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	142.251.167.155 142.251.167.155	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
3	172.253.115.147 172.253.115.147	15169 (GOOGLE) (GOOGLE)
1	54.69.251.6 54.69.251.6	16509 (AMAZON-02) (AMAZON-02)
2	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f17b:283:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
90	29

1 2606:4700:3031::ac43:bd26 (United States)

ASN13335 (CLOUDFLARENET, US)

operations.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.19.237.57 (None, )

ASN13335 (CLOUDFLARENET, US)

assets-app.buson.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.238.57 (None, )

ASN13335 (CLOUDFLARENET, US)

asset.buson.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.180.67 (United States)

ASN13335 (CLOUDFLARENET, US)

i.k-analytix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.196.172 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-196-172.us-west-2.compute.amazonaws.com

i.konduto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.189.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-189-204.yul62.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.189.38 (United States)

ASN13335 (CLOUDFLARENET, US)

operations.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a0:fc00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f08e:219:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.161.214.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-214-161.yul62.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.206.172.53 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-53.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.167.155 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.251.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-251-6.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f17b:283:face:b00c:0:25de (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	buson.com.br assets-app.buson.com.br asset.buson.com.br	711 KB
10	operations.red operations.red	175 KB
9	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 704	161 KB
8	segment.com cdn.segment.com — Cisco Umbrella Rank: 1729	70 KB
8	gstatic.com fonts.gstatic.com	206 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 27 analytics.google.com — Cisco Umbrella Rank: 159 www.google.com — Cisco Umbrella Rank: 2	85 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	275 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	19 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	70 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5776	288 B
1	siftscience.com cdn.siftscience.com — Cisco Umbrella Rank: 10475	21 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	270 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1349	173 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 816	395 B
1	t.co t.co — Cisco Umbrella Rank: 663	377 B
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 7745	14 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4602	12 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 787	15 KB
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3068	26 KB
1	konduto.com i.konduto.com — Cisco Umbrella Rank: 241529	156 B
1	k-analytix.com i.k-analytix.com — Cisco Umbrella Rank: 253815	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	1 KB
0	roeyecdn.com Failed lantern.roeyecdn.com Failed
90	24

	Domain	Requested by
24	assets-app.buson.com.br	operations.red assets-app.buson.com.br
10	operations.red	assets-app.buson.com.br
9	analytics.tiktok.com	operations.red analytics.tiktok.com
8	cdn.segment.com	operations.red cdn.segment.com
8	fonts.gstatic.com	fonts.googleapis.com assets-app.buson.com.br
3	www.google.com	operations.red
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.googleadservices.com
3	www.googletagmanager.com	operations.red www.googletagmanager.com
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	connect.facebook.net	operations.red connect.facebook.net
2	asset.buson.com.br	operations.red
1	hexagon-analytics.com
1	cdn.siftscience.com	operations.red
1	www.facebook.com	operations.red
1	api.segment.io	cdn.segment.com
1	analytics.twitter.com	operations.red
1	t.co	operations.red
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	tag.rmp.rakuten.com	operations.red
1	www.dwin1.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	cdn.amplitude.com	assets-app.buson.com.br
1	i.konduto.com	i.k-analytix.com
1	i.k-analytix.com	operations.red
1	accounts.google.com	operations.red
1	fonts.googleapis.com	operations.red
0	lantern.roeyecdn.com Failed	www.dwin1.com
90	28

This site contains links to these domains. Also see Links.

Domain
blog.buson.com.br
onelink.to
www.buson.com.br
play.google.com
itunes.apple.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
operations.red GTS CA 1P5	`2024-04-02` - `2024-07-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.buson.com.br AlphaSSL CA - SHA256 - G4	`2023-07-21` - `2024-08-21`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
k-analytix.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.konduto.com Amazon RSA 2048 M02	`2024-03-31` - `2025-04-28`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-12` - `2024-04-11`	3 months	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-04` - `2025-01-02`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.siftscience.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-01-19`	a year	crt.sh
*.hexagon-analytics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-27` - `2024-11-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://operations.red/
Frame ID: 6365E92DC4F3B94F690A1788836750EC
Requests: 90 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buson: Compre Passagem de Ônibus Online Aqui!

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

90
Requests

98 %
HTTPS

36 %
IPv6

24
Domains

28
Subdomains

29
IPs

3
Countries

1872 kB
Transfer

4506 kB
Size

29
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.buson.com.br/
Title: Blog

Search URL Search Domain Scan URL

URL: http://onelink.to/app_buson
Title: Baixe Agora

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/gontijo

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/catedral

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/empresa-cruz

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/eucatur

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/expresso-itamarati

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/expresso-transporte

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/nordeste

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/piracicabana

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/sao-luiz-px

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/pluma

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/ouro-e-prata

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/penha

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/princesa-do-norte

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/princesa-dos-campos

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/reunidas

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/satelite-norte

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/passaro-verde

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/vb-transportes

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/passaro-marron

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao/garcia

Search URL Search Domain Scan URL

URL: https://blog.buson.com.br/como-comprar-passagem-de-onibus-online/
Title: Ler mais...

Search URL Search Domain Scan URL

URL: https://blog.buson.com.br/destinos-para-viajar-na-pascoa-2024/
Title: Ler mais...

Search URL Search Domain Scan URL

URL: https://blog.buson.com.br/tipos-de-onibus/
Title: Ler mais...

Search URL Search Domain Scan URL

URL: https://blog.buson.com.br/lugar-mais-seguro-para-sentar-no-onibus/
Title: Ler mais...

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/passagem-de-onibus
Title: passagem de ônibus na Buson

Search URL Search Domain Scan URL

URL: https://www.buson.com.br/viacao
Title: empresas de ônibus

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.guichevirtual.android&hl=pt-BR

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/guiche-virtual-passagens-onibus/id787401052?mt=8

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VaiDeBuson

Search URL Search Domain Scan URL

URL: https://twitter.com/busonbr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/VaideBuson

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCuwMZXVguWeToz7gSFfsI8Q

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993290547/?random=340679553&cv=9&fst=1712193367496&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foperations.red%2F&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIgIDWq7GnhQMV5KeDCB3bzAobMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vb3BlcmF0aW9ucy5yZWQv HTTP 302
https://www.google.com/pagead/1p-conversion/993290547/?random=340679553&cv=9&fst=1712193367496&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foperations.red%2F&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIgIDWq7GnhQMV5KeDCB3bzAobMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vb3BlcmF0aW9ucy5yZWQv&is_vtc=1&cid=CAQSKQB7FLtqHPKLCWQMRwm5APK8eIbIHB4tjnw_kMyq5tpQ3ESNq0M0WoYs&random=2322614251&resp=GooglemKTybQhCsO

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
operations.red/ 117 KB
23 KB 493ms
421ms Document
text/html 2606:4700:3031::ac43:bd26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:bd26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e6dcd54c9767852e1fd2614934db97d2c31391992df9627f8da7346db7d374

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net

X-Frame-Options

DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86ed7375fbdf4bd8-BUF
content-encoding: br
content-security-policy: default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2024 01:16:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OHKgOalxo70fGIxmlMMJe%2FEfIZJZYHJnQs8JEHYZ%2FSyO3dQ5lKAzi%2B93EYnaGN8RCu%2FgsGoDdGVB6RgBrLMO7L2SJbe9bLeawBp4uws7ei5XSkh%2Bayprsf5hHeDI0FBx539a2EPXOBhBjZGyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-frame-options: DENY

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 141ms
55ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b19fcfa92aa08c90130c81dbe3853c10b43e677ac419da25076e16fef81f65c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Apr 2024 01:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 01:16:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Apr 2024 01:16:05 GMT

GET
H3 200 home-critic.bundle.js Show response
assets-app.buson.com.br/assets-staging-200/_v2/application/pages/ 23 KB
9 KB 203ms
161ms Script
application/javascript 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/pages/home-critic.bundle.js
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956b47bccea16c3088dd3252c49d327eaf55fdbe15a11d441064b1f95f7e108d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 222551
cf-polished: origSize=23222
x-guploader-uploadid: ABPtcPouhyrEVELbf3wHp3wpT4TfYIG0ifTWFJ41e8Yp4lV7xDh6NnGNZTDQgEc2oDXGN7Nqq_EXkwvUHuJsZmU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 12:10:20 GMT
server: cloudflare
etag: W/"d94c847d26b7b3fb4ee6fef4ec86e23e"
vary: Accept-Encoding
x-goog-generation: 1711541420490372
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=VkfTvg==, md5=2UyEfSa3s/tO5v707IbiPg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 23222
cf-ray: 86ed737908357118-YYZ
expires: Thu, 11 Apr 2024 01:16:05 GMT

GET
H3 200 home.bundle.css
assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/ 240 KB
32 KB 200ms
159ms Stylesheet
text/css 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b203de67a52790c6ae1fd7a5661753b91a8a3aeed799a3d59c06c7093321060

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 222551
cf-polished: origSize=246556
x-guploader-uploadid: ABPtcPpJ2J1i_9bP8t0FCD5_VTb5zr4dpuqW9WpIy5XaQzY0tS6YqsewZCdRcmEkUrXu3gPdFU4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 12:10:13 GMT
server: cloudflare
etag: W/"a74a6db9f31cc95580803e22660b3202"
vary: Accept-Encoding
x-goog-generation: 1711541413721723
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=JD+seg==, md5=p0ptufMcyVWAgD4iZgsyAg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 246556
cf-ray: 86ed737908347118-YYZ
expires: Thu, 11 Apr 2024 01:16:05 GMT

GET
H3 200 banner-mobile.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/ 6 KB
7 KB 56ms
55ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-mobile.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bc48322b67f7f3e57c48f2c31f2ce91092a20d534495b69918b58864fb19342

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 480159
x-guploader-uploadid: ABPtcPoBGwB7Z3RICGkHGEAE4Nx9jjMJcXQZVuXXxDmVRmDh4FiI64qgOYz_ZWQv046C0RYnf5o52MZOpg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 6488
last-modified: Wed, 27 Mar 2024 12:08:56 GMT
server: cloudflare
etag: "11f3d393ae7e8c6af5ef11d92bea4537"
vary: Accept-Encoding
x-goog-generation: 1711541336694257
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=M5iCvQ==, md5=EfPTk65+jGr17xHZK+pFNw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 6488
accept-ranges: bytes
cf-ray: 86ed737a2a127118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 home-promotion.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/ 4 KB
5 KB 73ms
71ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/home-promotion.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f15bdf290c8be43267bd95540a071b88f9cda49363a20e71c1e79883690da9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 480160
x-guploader-uploadid: ABPtcPoE1ZyEPSDj15JIOi_-GA0opE6aPscJpkMqe3niPknfryl701ROZJD6nzontCjRuo2xZXunr8hyfKYXFPU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 4362
last-modified: Wed, 27 Mar 2024 12:09:18 GMT
server: cloudflare
etag: "a1750153ad40fb62e5a4a7a31c3fdd5e"
vary: Accept-Encoding
x-goog-generation: 1711541358801631
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=6W5D+Q==, md5=oXUBU61A+2LlpKejHD/dXg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 4362
accept-ranges: bytes
cf-ray: 86ed737a2a367118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 logo-buson.svg
assets-app.buson.com.br/assets-staging-200/_v2/static/img/ 2 KB
1 KB 54ms
51ms Image
image/svg+xml 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/logo-buson.svg
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102eebccd930047161f45f31bd9a6e60184f1dcafd3cb880b36a1db4655d7147

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 41189
x-guploader-uploadid: ABPtcPr5R7fZFuChuZUDhK2HwDLGgpLVXcBDeb_CJ6IH7yCjk66GnRe8cATkCQmNjwZbzvSimPq9ZpAr_w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 12:08:55 GMT
server: cloudflare
etag: W/"1a30d7ed20b96536fe1f04df02cce7df"
vary: Accept-Encoding
x-goog-generation: 1711541335679278
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=rpg0Bg==, md5=GjDX7SC5ZTb+HwTfAszn3w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 2179
cf-ray: 86ed737a2a3a7118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 home-promote-app.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/home/emphasis-app/ 324 KB
324 KB 87ms
48ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/home/emphasis-app/home-promote-app.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57113c352ed6a690d6f9d307be964ef9a96cf9086cec6cbb6ac770587d5e0423

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:05 GMT
cf-cache-status: HIT
age: 480160
x-guploader-uploadid: ABPtcPpTot5E3wqv2QIMJwK_J6najaoO4U7egc3FW7UkXB9gThAzKiCDiV6JOpgPP-PRwqQyKvb7ZbJ6wR4-4OA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 331264
last-modified: Wed, 27 Mar 2024 12:09:38 GMT
server: cloudflare
etag: "a8ce55d94c142876caa1f74401d9fed1"
vary: Accept-Encoding
x-goog-generation: 1711541378907363
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=7/EL7w==, md5=qM5V2UwUKHbKofdEAdn+0Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 331264
accept-ranges: bytes
cf-ray: 86ed7379082a7118-YYZ
expires: Thu, 11 Apr 2024 01:16:05 GMT

GET
H3 200 qrcode-app-branco.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/home/emphasis-app/ 392 B
1 KB 196ms
157ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/home/emphasis-app/qrcode-app-branco.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4540cc3c900d8b9712c79719afca2e6da65766430c1f5d511279dc1c1087809

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:05 GMT
cf-cache-status: HIT
age: 480160
x-guploader-uploadid: ABPtcPqB4KxHRqTXq42HOPOoVxnaAaRUiglBLmjPKotapc6a2ddZmZqRz6Us4g_Jb-sTBXVOGBSM8m646A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 392
last-modified: Wed, 27 Mar 2024 12:09:38 GMT
server: cloudflare
etag: "bf29345f89d06a651b61694f668b011a"
vary: Accept-Encoding
x-goog-generation: 1711541378802598
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=gau9aw==, md5=vyk0X4nQamUbYWlPZosBGg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 392
accept-ranges: bytes
cf-ray: 86ed737908307118-YYZ
expires: Thu, 11 Apr 2024 01:16:05 GMT

GET
H3 200 icon-bus.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/home/emphasis-app/ 30 KB
31 KB 202ms
162ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/home/emphasis-app/icon-bus.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e8e2b4338dae80a6cf491cdc28232026128cc1e22fe2b5eb6e80a208d38e9f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:05 GMT
cf-cache-status: HIT
age: 480159
x-guploader-uploadid: ABPtcPrtGhT-b3zdN1RZZD6KMiZTJgKjiyKAo4F43O-3NiFlaROg5xKSl2edldnw5RPZNue3TA_Dz9-hyQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 30894
last-modified: Wed, 27 Mar 2024 12:09:38 GMT
server: cloudflare
etag: "7eba867bbcaaf1b131d786d9443e63e3"
vary: Accept-Encoding
x-goog-generation: 1711541378707059
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=U+SnsA==, md5=frqGe7yq8bEx14bZRD5j4w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 30894
accept-ranges: bytes
cf-ray: 86ed7379083a7118-YYZ
expires: Thu, 11 Apr 2024 01:16:05 GMT

GET
H3 200 cupom.png
assets-app.buson.com.br/assets-staging-200/_v2/static/img/ 3 KB
4 KB 201ms
161ms Image
image/webp 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/cupom.png
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11bd1e326d09bbfad931dad8561279813258d156b88abf745232ef1a24814088

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:05 GMT
cf-cache-status: HIT
age: 10797
cf-polished: origFmt=png, origSize=5300
x-guploader-uploadid: ABPtcPoBUU8G5S33VdZkS4liLYnk90dJURU3n9PJLF7Inokwpc9xvlTNm92j8o7IcvF1HkmLt7CtQ5GR1g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="cupom.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3534
cf-bgj: imgq:100,h2pri
last-modified: Wed, 27 Mar 2024 12:09:01 GMT
server: cloudflare
etag: "08fb0247ec71c6e9061c9d3b8ca9db4d"
vary: Accept
x-goog-generation: 1711541341752319
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=L2To8A==, md5=CPsCR+xxxukGHJ07jKnbTQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 5300
accept-ranges: bytes
cf-ray: 86ed737908387118-YYZ
expires: Thu, 11 Apr 2024 01:16:05 GMT

GET
H3 200 2265
asset.buson.com.br/image/view2/ 136 KB
136 KB 139ms
97ms Image
image/webp 104.19.238.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.buson.com.br/image/view2/2265?w=391
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.238.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658ec3e887d875c92aaf7f0939a2ee12702fd3aef9f235ea07c8bf9d013d55e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Mar 2024 20:27:26 GMT
server: cloudflare
cf-polished: origFmt=png, origSize=185814
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 86ed73791b7a36d5-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 139146
expires: Sat, 04 May 2024 01:16:06 GMT

GET
H3 200 6650
asset.buson.com.br/image/view2/ 21 KB
22 KB 204ms
162ms Image
image/jpeg 104.19.238.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.buson.com.br/image/view2/6650?w=391
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.238.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4ff09da005595b9faff6285fbce6b81a1d1b2ac67fbe82d033aa333911d637e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2024 00:12:29 GMT
server: cloudflare
cf-polished: origSize=22805
vary: Accept-Encoding
content-type: image/jpeg;charset=UTF-8
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 86ed73791b7d36d5-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 21694
expires: Sat, 04 May 2024 01:16:06 GMT

GET
H3 200 android.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/ 3 KB
4 KB 59ms
56ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/android.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ac5be784b8359e178327b2aa198cdd2b34384002604773a51294df332b5d2d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 480160
x-guploader-uploadid: ABPtcPrshsEO6pHgww0DdwE2M60txj5Cu54lrDDLD0lYNuDhkWLdgJXbn4PZhgiSMXMQDSgnh9QsSJ8I6L-yoNY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3488
last-modified: Wed, 27 Mar 2024 12:09:43 GMT
server: cloudflare
etag: "2639fd842385d12d38c7dac429579810"
vary: Accept-Encoding
x-goog-generation: 1711541383838423
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=aOKXyQ==, md5=Jjn9hCOF0S04x9rEKVeYEA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 3488
accept-ranges: bytes
cf-ray: 86ed737a2a3d7118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 ios.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/ 4 KB
5 KB 69ms
67ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/ios.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ace1e3287e3c5997d9e3edc25f397b7f6d7746bbd742343f61ca09e88f48c88

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 480160
x-guploader-uploadid: ABPtcPrsCiK_CMyTP7-FMA6fqA41ynIiSB0zGsQbrM-ZToYvPrU_AIhXLggiRbAT9Ug_ZzpEjw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 4568
last-modified: Wed, 27 Mar 2024 12:09:43 GMT
server: cloudflare
etag: "8a8ac24ba60e5405c33940cd85d6631d"
vary: Accept-Encoding
x-goog-generation: 1711541383532454
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=igiYnQ==, md5=iorCS6YOVAXDOUDNhdZjHQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 4568
accept-ranges: bytes
cf-ray: 86ed737a2a3e7118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 holding-phone.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/ 17 KB
17 KB 50ms
47ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/holding-phone.webp
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4854fa58837630d4b8a75f39c625e3bfa7b25aeb61d0b404fc89e3e62b4f47b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 222541
x-guploader-uploadid: ABPtcPps7YP5NEEy2awPKmRd-HmTWrXMeAQ8GROI4HpF8acpzCvuBsUbVW_CiVFcbto7qWge586zUkONh_r7J0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 16912
last-modified: Wed, 27 Mar 2024 12:09:43 GMT
server: cloudflare
etag: "a2f2c8644fff6b0a39d57e67933ed4ad"
vary: Accept-Encoding
x-goog-generation: 1711541383734582
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=rs57Zw==, md5=ovLIZE//awo51X5nkz7UrQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 16912
accept-ranges: bytes
cf-ray: 86ed737a2a407118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 app-download.svg
assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/ 2 KB
1 KB 57ms
54ms Image
image/svg+xml 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-app/app-download.svg
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc7a4571e555cff1b5c90a222becae8ed5c297a14c183af332b0a540557536b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 36922
x-guploader-uploadid: ABPtcPqya4qWvuN1ij-B2mrZdoYmUesFbAQDRkzEAY3ndsWsIyqrYPTmwigXDD1_jZ6vQZ-aGZSh0BTQDA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 12:09:43 GMT
server: cloudflare
etag: W/"bd1e459f8be1e468a94cecaba76c83d6"
vary: Accept-Encoding
x-goog-generation: 1711541383331924
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=vw1Cdg==, md5=vR5Fn4vh5GipTOyrp2yD1g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 1939
cf-ray: 86ed737a2a437118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 layout.bundle.js Show response
assets-app.buson.com.br/assets-staging-200/_v2/application/pages/ 619 B
776 B 82ms
80ms Script
application/javascript 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/pages/layout.bundle.js
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521a2d3690f74082aa3bb8f1d9c3159066756c178df86552f7f6b25500c8f5d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 41191
cf-polished: origSize=661
x-guploader-uploadid: ABPtcPo-nySAeiTzNNojklMjuEYhD0WdElJ5v9SSZrJYlfLXePddkoCCHugJ3Wi0x0N_XzxBFNh1aCmONaDkm9k
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 12:10:20 GMT
server: cloudflare
etag: W/"db8998072903457528356b6a5590b273"
vary: Accept-Encoding
x-goog-generation: 1711541420897367
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=872Gjw==, md5=24mYBykDRXUoNWtqVZCycw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 661
cf-ray: 86ed737a1a067118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 219 KB
84 KB 196ms
110ms Script
application/javascript 2607:f8b0:4004:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86029f404faed72a6d14d1b9d86abeb02a9c8c788dc7c5ea797a6ea0e083c6ab

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-WBkhqyCOIlvSURddBbNN6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-WBkhqyCOIlvSURddBbNN6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H3 200 commons.bundle.js Show response
assets-app.buson.com.br/assets-staging-200/_v2/application/ 110 KB
32 KB 82ms
80ms Script
application/javascript 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aaf7f1df6a23268f7dea5f0757d793354193f078a7cd8ceeafae3c6defd1ac5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 38027
cf-polished: origSize=112617
x-guploader-uploadid: ABPtcPoNEqsu2KY35nGWi5u910zAAnsDZChsf4uv5ClV0-rVoQnWwPjo28Ho4qpanpSTxonnlFBIK2yn_vKtXs8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 12:10:19 GMT
server: cloudflare
etag: W/"16cc222970d3d93d2adcb077f5585b4e"
vary: Accept-Encoding
x-goog-generation: 1711541419307577
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=g8n4/g==, md5=FswiKXDT2T0q3LB39VhbTg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 112617
cf-ray: 86ed737a2a447118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
98 KB 159ms
75ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QHSZVJ

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbd2bd0c0acaac8e68a35ff0ed7cefd8485121e4b643d0b7f6f19113627ddc6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100289
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H3 200 k.js Show response
i.k-analytix.com/ 13 KB
6 KB 123ms
42ms Script
application/javascript 172.67.180.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.k-analytix.com/k.js
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c06289db84a0908cd85436df12539be6bb9349cd100d9d54b77eb56512e0363

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
x-amz-version-id: Ka_FvSb0QtAIDxj9d1lcIvFx4bHNiSMx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 09MBQ3XRRMZ75R3H
age: 1844
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +JZKhRCr9FyJjJzDnMsuwrIwfOukfvyP236kDd1pApQT2YWsQgyL+keyMGAROn8+n8PjTKgIUxE=
last-modified: Mon, 08 Oct 2018 12:54:00 GMT
server: cloudflare
etag: W/"350e1ed2302c06a6b637acbe68d8cb22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvYIXbggoQflgtorRp3xbaxdjZ%2FMaoyTARV1ieGYp3Wa3qA5DI3YrQU9YL2vWdorVT4SzQizi%2FhsICo7Z1huFaDf0QG1YB7UfeN2tn1DqBmDDC2y4rePrOup%2BsglI3G2mMOG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 86ed737abf1560b8-ORD

GET
H3 200 logo-buson-2.svg
assets-app.buson.com.br/assets-staging-200/_v2/static/img/ 2 KB
1 KB 55ms
54ms Image
image/svg+xml 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/logo-buson-2.svg
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31f53e84704b247337fe3a00c1f1454753215ece8d8f6742620fc8260f4700e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 44891
x-guploader-uploadid: ABPtcPpxgda5otAj_xXLUYzYa0_edkjIyWii48qBaDoNv7c9fctprXE_Eh54v6OgeuczQMVKsa4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 12:09:11 GMT
server: cloudflare
etag: W/"a0de4fe0bfe836c4305fca2899475fd7"
vary: Accept-Encoding
x-goog-generation: 1711541351905527
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=+7iBfg==, md5=oN5P4L/oNsQwX8oomUdf1w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 2194
cf-ray: 86ed737a3a5b7118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 background-desktop.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-home/ 31 KB
32 KB 59ms
58ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-home/background-desktop.webp
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a1f2087a7ed4cc6d80dcd029b79eb095ecd963b4ee81d5a15082e310dfa151

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 36922
x-guploader-uploadid: ABPtcPonlPTnNYlqj92yCfbX_93vFAQKMgAw-RxFMg7BCmvwgEur62kJ2m9d4ZinUcXGmB2Xeu4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 32194
last-modified: Wed, 27 Mar 2024 12:09:43 GMT
server: cloudflare
etag: "7dd481c1cdf7ede0b310774bd67091eb"
vary: Accept-Encoding
x-goog-generation: 1711541383231131
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=d6TWFg==, md5=fdSBwc337eCzEHdL1nCR6w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 32194
accept-ranges: bytes
cf-ray: 86ed737a3a5e7118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 family-desktop.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-home/ 22 KB
23 KB 73ms
72ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-home/family-desktop.webp
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e682da8f10b3cfd0c49a78e33327ff9644188ed300283732e8997dc75f62d2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 36922
x-guploader-uploadid: ABPtcPo5r814qo3ov6apw67p2C-hrGT-KFJbTBqjS1aPl2cbwEVF2gFeZ1UMbVA2qDhU9hnCL9DGDOz1-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 22994
last-modified: Wed, 27 Mar 2024 12:09:42 GMT
server: cloudflare
etag: "720aeadf8d921cedd04db11176bcf89a"
vary: Accept-Encoding
x-goog-generation: 1711541382737271
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=u1oiyw==, md5=cgrq342SHO3QTbERdrz4mg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 22994
accept-ranges: bytes
cf-ray: 86ed737a3a607118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 phone-desktop.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-home/ 8 KB
9 KB 65ms
65ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-home/phone-desktop.webp
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907e9994a2ae6e01092641396a67e18440ddc8f0fa0f8c75e59b08166ba61b63

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 10681
x-guploader-uploadid: ABPtcPoiTqzQYjbrwRxnuWVibAczl-WApB9j71hBxcxkIAuec1M_-715PF7UjU9ndfeE4SF6vzDzAztJ9A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 8370
last-modified: Wed, 27 Mar 2024 12:09:43 GMT
server: cloudflare
etag: "9d41e33cd3634fc8dad3d9bb3ba87408"
vary: Accept-Encoding
x-goog-generation: 1711541383027611
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=6HFSYg==, md5=nUHjPNNjT8ja09m7O6h0CA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 8370
accept-ranges: bytes
cf-ray: 86ed737a3a617118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 baseline-room-24px.svg
assets-app.buson.com.br/assets-staging-200/_v2/static/img/icons/ 1 KB
1 KB 55ms
55ms Image
image/svg+xml 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/icons/baseline-room-24px.svg
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 614eb11e80db5f0f4b52ba6a8d20978b40deba35557f58428531c63135212d83

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 37495
x-guploader-uploadid: ABPtcPojeIi-DdGc9FrELuZRcU24olNfVHJjpnpi64HWwDQ1y-UggUKCFDF6zc5xy7Mf7DyLZIocuAougQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 12:09:28 GMT
server: cloudflare
etag: W/"abc74f928b13f845380e0d30a53d03b9"
vary: Accept-Encoding
x-goog-generation: 1711541368314538
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=TTxJYg==, md5=q8dPkosT+EU4Dg0wpT0DuQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 1135
cf-ray: 86ed737a3a627118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H2 200 KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2
fonts.gstatic.com/s/asap/v30/ 42 KB
42 KB 195ms
114ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asap/v30/KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1128adb79c7208d410630c04fe6e8ac8886aeb778aafb3f4195fe735acc1d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:11:26 GMT
x-content-type-options: nosniff
age: 18280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42616
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 20:38:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 20:11:26 GMT

GET
H3 200 gv-sprite-cards-small.webp
assets-app.buson.com.br/assets-staging-200/_v2/static/img/ 6 KB
7 KB 62ms
61ms Image
application/octet-stream 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/gv-sprite-cards-small.webp
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e0c4dae3b866c9ca140adb954d274f792bf1fb47670ad2f08b8f0a44795f5f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 37494
x-guploader-uploadid: ABPtcPoO9UeB93N_uY0EMpKo8pgNHWWuSx1AjQv5SLhks807aM6AUDfy6DeyoqfMPa1DUyVZ-g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 6594
last-modified: Wed, 27 Mar 2024 12:09:04 GMT
server: cloudflare
etag: "a9c3f8db679673eb9151954363445251"
vary: Accept-Encoding
x-goog-generation: 1711541344842941
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=vDIPxA==, md5=qcP422eWc+uRUZVDY0RSUQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 6594
accept-ranges: bytes
cf-ray: 86ed737a4a697118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H3 200 logo-comodo-destkop.png
assets-app.buson.com.br/assets-staging-200/_v2/static/img/ 2 KB
3 KB 62ms
62ms Image
image/webp 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/logo-comodo-destkop.png
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13a5ff44b306916e83d9a82f56cfd7ce80fb8642d1e916f9b916e0296bef8ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
cf-cache-status: HIT
age: 36921
cf-polished: origFmt=png, origSize=2755
x-guploader-uploadid: ABPtcPq77f2Sdr5Y7qNLAnwS2T2Hvle_qYUD7if8H1fyiGedsJKQDAwMwxRQQv2Gok2a9cCe-IZAwTD0qErsH3k
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="logo-comodo-destkop.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2226
cf-bgj: imgq:100,h2pri
last-modified: Wed, 27 Mar 2024 12:09:19 GMT
server: cloudflare
etag: "b544ded654df84eb9ea5922947fa279b"
vary: Accept
x-goog-generation: 1711541359012543
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=v5xvtg==, md5=tUTe1lTfhOuepZIpR/onmw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 2755
accept-ranges: bytes
cf-ray: 86ed737a4a6d7118-YYZ
expires: Thu, 11 Apr 2024 01:16:06 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v41/ 54 KB
54 KB 213ms
136ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v41/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/stylesheets/pages/home.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets-app.buson.com.br/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 22:48:08 GMT
x-content-type-options: nosniff
age: 8878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55208
x-xss-protection: 0
last-modified: Thu, 16 Aug 2018 20:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 22:48:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 126ms
49ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:05:48 GMT
x-content-type-options: nosniff
age: 162618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 04:05:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 116ms
39ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:09:29 GMT
x-content-type-options: nosniff
age: 397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Apr 2025 01:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 175ms
99ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:45:04 GMT
x-content-type-options: nosniff
age: 16262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 20:45:04 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 239ms
164ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:59:19 GMT
x-content-type-options: nosniff
age: 15407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 20:59:19 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 159ms
83ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:00:59 GMT
x-content-type-options: nosniff
age: 4507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Apr 2025 00:00:59 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 233ms
157ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:wght@400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Barlow:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://operations.red
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:43:42 GMT
x-content-type-options: nosniff
age: 5544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 23:43:42 GMT

POST
H/1.1 200
OK v1 Show response
i.konduto.com/ 0
156 B 448ms
105ms XHR
text/plain 44.240.196.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.konduto.com/v1?pk=P1809996AA9
Requested by: Host: i.k-analytix.com
URL: https://i.k-analytix.com/k.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.196.172 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-196-172.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 amplitude-4.5.2-min.gz.js Show response
cdn.amplitude.com/libs/ 76 KB
26 KB 121ms
36ms Script
application/javascript 13.225.189.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.5.2-min.gz.js
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/pages/home-critic.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.189.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-189-204.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a28f221720bef2396de8f1113568e75fd2cb28c76ffb3efe31d4d28a26bdee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 04:50:36 GMT
content-encoding: gzip
via: 1.1 c0216388ff1632eb6c4704890b01eee4.cloudfront.net (CloudFront)
x-amz-version-id: zskY2uLkrv0oL4SiNEoxREaWRVRZwrqD
x-amz-cf-pop: YUL62-C1
age: 851131
x-cache: Hit from cloudfront
content-length: 25727
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "5e816d32cb1cd1f7bda71ead48ac192e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6jkZ28TxW4Kw0G6H9OZJnKYX0SMzYxSHMBFbKF8YUKdgE3dCfHQFog==

GET
H3 200 localization Show response
operations.red/api/ 324 B
4 KB 255ms
254ms XHR
application/json 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/api/localization

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f94f1e5cf8d4b6f197d7ef7f7e8d02e9051af742d344ea4b940905061abe06

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-security-policy: default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"144-XtCJssr0UAy0gzXPUH8p3PuZdTI"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ScI8QD3MZCWH%2BH%2Bui1v5g83rWkcr17Nx42hw9%2BrF78G1o08Zr5uxnrKjcNpBs68NTkQS09%2FTI53kwIcFR18oCufVpiPWmb95t5H4XXy6lPHzAGgkiHO%2FGL6MXyufUrPiNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86ed737c6d2a6057-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 me Show response
operations.red/t/user/ 0
4 KB 267ms
267ms XHR
text/plain 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/t/user/me

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-security-policy: default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlTMgIcgRyspiPYc%2BGHrLhF50YqihYhiIxu2wWqrtXiFXtg0hDcw80eoHl8NwvFN4TiKzIwQri74mToO9jSg8%2Fm4YkKgQjJmYxbLIseu7rNa2axf6q80hQgA4GulKawQIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86ed737c6d2e6057-ORD
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 all Show response
operations.red/station/ 696 KB
128 KB 762ms
762ms XHR
application/json 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://operations.red/station/all
Requested by: Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3f075aa4a0298c6239ea276be5bd08c0ca9589ea7756cce78d81869818433b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p78UyI7B0L92xqXAH%2FSfR7qYyVfU4PUlOcjPCGY85Fu3i9pYJZrjV%2FIo%2BjPxSWJCqmS9vQ0VdgFJJuKRfnj2WJ59P6j0EV%2BBo5vtE5vJJ9BSw9t1v2Op64OnDYu1skjIqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86ed737c6d306057-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
99 KB 77ms
76ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L7HJ5T78EE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QHSZVJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d76fc82475349a5ca803adf8aafd84fd60d03e09ca8fafbfbfd9108fef4c60d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
78 KB 72ms
72ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-993290547&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QHSZVJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a77684595d74fb21a93e856ae5eeb299bf2e71e1cbbf1719dd248fbd43645267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79424
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 00:21:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 161ms
36ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QHSZVJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000030-IAD

GET
H2 200 66092.js Show response
www.dwin1.com/ 42 KB
12 KB 197ms
55ms Script
application/javascript 2600:9000:26a0:fc00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/66092.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QHSZVJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:fc00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 048ac3a0355e468d50bd4e712eacfc902b6779c4a84e3de3a2d6d03cacdd2b3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ZTQSeQgs3lAcZa8nJ447meX1htmY0tXv
content-encoding: gzip
via: 1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
date: Thu, 04 Apr 2024 01:13:06 GMT
x-amz-cf-pop: YUL62-P2
age: 181
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Mar 2024 07:47:21 GMT
server: AmazonS3
etag: W/"bb8b1f08ae518895a944b1464e8ef556"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: g9VBkv0mSK3yKJkMlG1qg43okVfJJA5XSpyieqWU4Gxnnpp7HDqw7g==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 344ms
112ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Apr 2024 01:16:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=109, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=7, ullat=-1
pragma: public
x-fb-debug: nySBMGnbwFa3iu117MRmyiGCgkYMv+KyvniR/UciQpo/Vn4nEudkH5IKHkUHBmCbrwRWeCZjp/Y+SVtuxZSJrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 124805.ct.js Show response
tag.rmp.rakuten.com/ 40 KB
14 KB 232ms
71ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/124805.ct.js

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

e557dccd4c74a7ba23d6f328f5a42da66a57f3b3288c51d1de655fa5179ecbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Thu, 04 Apr 2024 01:16:06 GMT
x-cache: miss
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/ 110 KB
30 KB 202ms
68ms Script
text/javascript 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb2d7f616360e1d15cd169de36f6b19e6b072cd5792d97a86df0a17ccdf87282

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: OPBVxcnyvVZ1mqjoDzF1LkiNjYLNdpAW
content-encoding: br
via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
date: Thu, 04 Apr 2024 01:15:35 GMT
x-amz-cf-pop: YUL62-P1
age: 32
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 20 Mar 2024 21:00:40 GMT
server: AmazonS3
etag: W/"a97ecc026356f7f196df719934344ee9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: zQXdI1M_Sp6YEEFBdj7WyXiKiZ_TBMFFUTk5JQ7qC2QKGVrlMk1Z5w==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 189ms
55ms Script
application/javascript 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLFLJE3C77U0GRKV54QG&lib=ttq
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 46722cb1c0667d45f260b3ff595708d4b857c3ba053236b1c38c7036db2b1a03

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b51bda4
date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240404011606C2DF541B081F031877D0-2CE3377AF4CADC58-00
x-cache: TCP_MISS from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=13
content-length: 1850
pragma: no-cache
server: nginx
x-tt-logid: 20240404011606C2DF541B081F031877D0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.58.89.53
x-tt-trace-host: 01a838deab791d1122375a34f1014c1e4150a73bf3052da83d8765a16647339085755405836662da8c3982c5863b49bfde00489ca0e339e249ecfc5fdcdb4492323c7d640338bdc7e50429417aabadaf0fab7428eb6aa77cd1ae3655e0b19f791b
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 184ms
52ms Script
application/javascript 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLFNL3BC77U8PKBJTQ20&lib=ttq
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c34b7d9f8223b8898a876e7314af0b42e40e8a8d1f8ada2fe7ad852c9fc61463

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b51bda6
date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404040116063CA33C605274E7C6EB53-04F47924B910FCAD-00
x-cache: TCP_MISS from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
content-length: 1812
pragma: no-cache
server: nginx
x-tt-logid: 202404040116063CA33C605274E7C6EB53
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.58.89.53
x-tt-trace-host: 01a838deab791d1122375a34f1014c1e4150a73bf3052da83d8765a16647339085f7e1360687ea1d0b11d6837cd80ea69c18ec0591cf20476b63b2c6cdb5d452a8852b752aa0bbc013a414c483af90acc7ec416be2932e1dcbde1807289cb73972
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 182ms
51ms Script
application/javascript 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNAARS3C77U0CFAO4OLG&lib=ttq
Requested by: Host: operations.red
URL: https://operations.red/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5845dd74634210cfd30720adb1aff724c1c7e1e8c0ca7d4f089d38d889320539

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b51bda5
date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24040401160671D66E06C87125173BDB-7F9A9577E94C957D-00
x-cache: TCP_MISS from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=13
content-length: 1868
pragma: no-cache
server: nginx
x-tt-logid: 2024040401160671D66E06C87125173BDB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.58.89.53
x-tt-trace-host: 01a838deab791d1122375a34f1014c1e4150a73bf3052da83d8765a16647339085086dc3cc3bf043a4a1e498d2035ab138bdf35a062df7b6a3734541061753753fce801f53406e8a9213d4f719dabf54cec089d18c892d3390930d7a360d89a197
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993290547/ 2 KB
1 KB 134ms
50ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993290547/?random=1712193366619&cv=11&fst=1712193366619&bg=ffffff&guid=ON&async=1&gtm=45be4410v890414044z8850524973za200&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Foperations.red%2F&hn=www.googleadservices.com&frm=0&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&npa=0&pscdl=noapi&auid=549325017.1712193366&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-993290547&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

754b3dac0b83ab63dad7cc934d8900fda8d398682d5c6922fd65c32beabbef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1300
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 116ms
43ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-L7HJ5T78EE&gtm=45je4410v873548201z8850524973za200&_p=1712193366093&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=201142201.1712193367&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712193366&sct=1&seg=0&dl=https%3A%2F%2Foperations.red%2F&dt=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1347
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L7HJ5T78EE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.red
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 132ms
47ms Ping
text/plain 2607:f8b0:4004:c19::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L7HJ5T78EE&cid=201142201.1712193367&gtm=45je4410v873548201z8850524973za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L7HJ5T78EE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.red
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 get-popup Show response
operations.red/api/ 0
4 KB 252ms
252ms XHR
text/plain 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/api/get-popup?value=Buffalo&method=CITY&complement=NY&page=%2F&device=desktop

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:06 GMT
content-security-policy: default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVgBBAy4CJaP%2B5tcXClqNj3fKDy5%2Fbf4c1%2BB4g6%2FtNDooBb%2FvNha5RMwdPzNN3k%2FBeOGZ%2Bj26GsAOr7ZIVV2PPby48zXGPBsbHPVbJgoH9A08AHZa46Wtkq1vOsUj7y9dA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86ed737e1fd96057-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.MTcwMjJjYTNhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 41ms
41ms Script
application/javascript 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwMjJjYTNhMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNAARS3C77U0CFAO4OLG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc408cbd0dfe8b655b7897f0b4e69c65dedccfcb91aaec526f999b645bc15e5c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b51beb1
date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240403121617F8A43951BEEBEAAE15E9
x-tt-trace-id: 00-240403121617F8A43951BEEBEAAE15E9-6A7E2E72F7585D4E-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011559ba162f611323cdb6f792e4b173a99b1bf04661db5543e686d57980c09d825d6b85a3a7214a4ebf3d0907cc339453e7b917ade774ed4dc30dc8823b1d14f1d04b47b9b455e23f60f315ab8ddde990f0a3843da1c6cd465129ee8ec7c3b310
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 115995

GET
H2 200 adsct
t.co/i/ 43 B
377 B 275ms
144ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=68147c9a-834a-44e1-8e57-085aa1f23959&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1352a649-6b31-4069-96c3-9aacc928e330&tw_document_href=https%3A%2F%2Foperations.red%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4az6&type=javascript&version=2.3.30

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 83
date: Thu, 04 Apr 2024 01:16:06 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: fcff58d1345da464
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 4bcf879d51121e4f9328c7e4f28a851088354a9ddf3ba4a336d97a7c40503c24
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 265ms
136ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=68147c9a-834a-44e1-8e57-085aa1f23959&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1352a649-6b31-4069-96c3-9aacc928e330&tw_document_href=https%3A%2F%2Foperations.red%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4az6&type=javascript&version=2.3.30

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 74
date: Thu, 04 Apr 2024 01:16:06 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: b1611773f74a723e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 7f8df4b122430df4f4223ac0f6c26c79635110454452d5e68e81d1d92862fc25
content-length: 43

GET lantern_global_66092.min.js
lantern.roeyecdn.com/ 0
0

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/ 2 KB
1 KB 186ms
89ms Fetch
application/json 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34b80c57828cdb1f0a11720a3319cce04edc9e753ba383fd79e74282ee0c8696

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Y1R1ZnobiwTUm5DcCYxaer76GsRfLsQC
content-encoding: br
via: 1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
date: Wed, 03 Apr 2024 23:00:19 GMT
x-amz-cf-pop: YUL62-P1
age: 8148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 02 Apr 2024 19:25:47 GMT
server: AmazonS3
etag: W/"ae8038432eac1db3a81cb11965349a92"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: X5cPrNUG30dIxcZ_AdAPsu99UbhrXyJq4d4DQH1M_vq5J8fqKUHCYQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/993290547/ 42 B
64 B 124ms
48ms Image
image/gif 172.253.115.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/993290547/?random=1712193366619&cv=11&fst=1712192400000&bg=ffffff&guid=ON&async=1&gtm=45be4410v890414044z8850524973za200&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Foperations.red%2F&frm=0&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqf0_kS3ElEXIwLqCc7IE0QrPjC8vRvw&random=3600295264&rmt_tld=0&ipr=y

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_457bd.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 38ms
37ms Script
application/javascript 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_457bd.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwMjJjYTNhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b51c0a4
date: Thu, 04 Apr 2024 01:16:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404021222040DA2E602D23982150AAD
x-tt-trace-id: 00-2404021222040DA2E602D23982150AAD-061600F89B9ED486-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014fb1bfeebc64bf0b6a914ee9ff5d7400e92f741eb358774a8ad8317a35f1c09aede43fade2b4dd3a314bdbfdaf30466931a1a87c3741d695e05e306189c646b83730aa26f6ef14aebf6bbd1333dcb212bb9b020c3f5c22454a3cb708a435fbe5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37151

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 80ms
79ms Ping
text/plain 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwMjJjYTNhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b51c16f
date: Thu, 04 Apr 2024 01:16:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404040116063CA33C605274E7C6EB76-7732637A00840BCB-00
x-cache: TCP_MISS from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=8, origin; dur=35
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404040116063CA33C605274E7C6EB76
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.58.89.53
x-tt-trace-host: 01a838deab791d1122375a34f1014c1e4150a73bf3052da83d8765a16647339085f7e1360687ea1d0b11d6837cd80ea69c54ab8e300e96a3b4e3a01fbb040fa52df6cc5dd5b4e8c47b5b128a605f87fef5a5d205656978caa66a1992d7b44b5ce8
access-control-allow-headers: Authorization,*
expires: Thu, 04 Apr 2024 01:16:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 96ms
95ms Ping
text/plain 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwMjJjYTNhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b51c170
date: Thu, 04 Apr 2024 01:16:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24040401160671D66E06C87125173BEF-27230013F544468D-00
x-cache: TCP_MISS from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=38, cdn-cache; desc=MISS, edge; dur=8, origin; dur=48
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024040401160671D66E06C87125173BEF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 48,23.58.89.53
x-tt-trace-host: 01a838deab791d1122375a34f1014c1e4150a73bf3052da83d8765a16647339085086dc3cc3bf043a4a1e498d2035ab1389b565c3f0cc46b3c615ec11e86d69aaea6fea07ab561f6e09b1fb2dcd333c244b7b46568f7b7519a5a6ac447534e91e5
access-control-allow-headers: Authorization,*
expires: Thu, 04 Apr 2024 01:16:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 84ms
83ms Ping
text/plain 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwMjJjYTNhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b51c171
date: Thu, 04 Apr 2024 01:16:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240404011606C2DF541B081F031877E4-46FA9CD1F0855793-00
x-cache: TCP_MISS from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=27, cdn-cache; desc=MISS, edge; dur=8, origin; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240404011606C2DF541B081F031877E4
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 37,23.58.89.53
x-tt-trace-host: 01a838deab791d1122375a34f1014c1e4150a73bf3052da83d8765a16647339085755405836662da8c3982c5863b49bfdeaf1336979bb053d5f14980bbcaa897baed27f2bb060eed74441a34080ebb39b60f4bf5126dc049147cfb3a5ca6ba3859
access-control-allow-headers: Authorization,*
expires: Thu, 04 Apr 2024 01:16:06 GMT

GET
H2 200 ajs-destination.bundle.196edae455b4fdcecd90.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 43ms
43ms Script
application/javascript 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.196edae455b4fdcecd90.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86a590d25968e7fd492f88cda922d92181bfd543d56906bfe7785a464f1ed579

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 05:54:26 GMT
x-amz-version-id: HuNgSZ75f5vpNBhJmnNITrmcxktXMCrD
content-encoding: br
via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 242501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Mar 2024 17:33:04 GMT
server: AmazonS3
etag: W/"a1f137007ed37048753fe2812b495a22"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: N06q2PNM4uYhX5lqHoCCdsT1i-kObdDYKr9fAY-RUsBxJ7NpLsaYQA==

GET
H3 200 get-popup Show response
operations.red/api/ 0
4 KB 334ms
333ms XHR
text/plain 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/api/get-popup?value=NY&method=STATE&page=%2F&device=desktop

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
content-security-policy: default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpRYeflua4MIps6OXDFdqxMZwtDGeSNfKDxTi970VglaYi5aovc3nNEe%2Bxxdz2xxsSBRp%2F0%2FjGJI2UPHfMt8VFkN%2Bcfe2Ziu%2FhgG1uppp7s10hZarfZgiFMh8ZDgaS%2BtZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86ed737fbaf66057-ORD
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 42ms
42ms Script
application/javascript 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 05:54:27 GMT
x-amz-version-id: t2HdxMOQBUZV4nLGxbEbIVdvpwRHqiXA
content-encoding: br
via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 242501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Mar 2024 17:33:04 GMT
server: AmazonS3
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 7wlcXCVjjkkOBoQMbyLssTurOUs4nkM1LeVtlP7n8oBHGMH_rq5rtA==

GET
H2 200 cac01ade437672595986.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
2 KB 43ms
43ms Script
application/javascript 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/cac01ade437672595986.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a1a6d91ca9b6ad0cde6e6b0cb0f97dbe1b9fb89631cd68a4fc58d6e8d0d044d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 06:09:17 GMT
x-amz-version-id: duuB_SR.x7mNif7yyw7lE7GzjZ2MNbic
content-encoding: br
via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 68811
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Apr 2024 15:48:55 GMT
server: AmazonS3
etag: W/"2b2f07a3ca14c7a58f65de36c644b2f4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: qbYZ2HwXaCp8sGD2L7uq38_A0pFdOXkjfL-kjut3pG_aJbOc3n14sQ==

GET
H2 200 451761978588735 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 190ms
189ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/451761978588735?v=2.9.151&r=stable&domain=operations.red&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cfacd66376f0c1e23b5f04428848982ca6a64852898589ab3f51ba302a6b1aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Apr 2024 01:16:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=63, mss=1294, tbw=63161, tp=-1, tpl=-1, uplat=83, ullat=0
pragma: public
x-fb-debug: 0k09k9hBErdz2mcEkJDXMbLJ3bhv9AbJtqoYRAUI5eToLFSLDfMh8mtyr+Fs321fA5k0Zq6c8OdvJa4xpaxkvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b5a14d87d43750634fa0.js Show response
cdn.segment.com/next-integrations/actions/845/ 25 KB
8 KB 45ms
45ms Script
application/javascript 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/b5a14d87d43750634fa0.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/cac01ade437672595986.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 444204540e9a788c517039c8411a9fa9e05b6a385d374f1411852674f9a9d903

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 05:38:53 GMT
x-amz-version-id: cp0aNuTnux1ZRx5HSSFIZo3znp3YGwWa
content-encoding: br
via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 70635
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Apr 2024 15:48:54 GMT
server: AmazonS3
etag: W/"a8e06caf361f7cd82b1caaa5ce358ca8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: au1_z0QLlLucSkq2XDH7dPxecSW-0gwGKT_vsvAO-OAPfcFfsLxFaw==

GET
H2 200 adwords.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 4 KB
2 KB 44ms
43ms Script
application/javascript 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 06:08:23 GMT
content-encoding: gzip
via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-version-id: hvhf9ZNYHiGHczxS3d0Z3IokiRopv6zn
x-amz-cf-pop: YUL62-P1
age: 68865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1356
last-modified: Fri, 08 Mar 2024 07:35:28 GMT
server: AmazonS3
etag: "257fe81df53dcd4819bc1a81e78fce58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: fhoe5HpBEQP89qJytey-Lfm9uyo7GWtI9ghXewMZ2PLIxaoGFqdlig==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 278ms
93ms Fetch
application/json 54.69.251.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.251.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-251-6.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://operations.red
date: Thu, 04 Apr 2024 01:16:07 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
697 B 96ms
96ms Ping
text/plain 23.206.172.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwMjJjYTNhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.53 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-53.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b51c4ff
date: Thu, 04 Apr 2024 01:16:07 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240404011607C2DF541B081F03187801-72787E63F792780A-00
x-cache: TCP_MISS from a23-58-89-53.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=44, cdn-cache; desc=MISS, edge; dur=7, origin; dur=53
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240404011607C2DF541B081F03187801
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 54,23.58.89.53
x-tt-trace-host: 01a838deab791d1122375a34f1014c1e4150a73bf3052da83d8765a16647339085041c4c9a93df46d0c083620b843bd0905d185de0cdbc32e4a2c76bfb2e3c61224452379c59956d1e89c57a7127761184960a78a84d4b406f617516034b8e3247
access-control-allow-headers: Authorization,*
expires: Thu, 04 Apr 2024 01:16:07 GMT

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 49ms
48ms Script
application/javascript 3.161.214.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/O9xC1Ruk7Hh0Hj8CVVa9jT4j2setQFJk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.214.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-214-161.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:18:13 GMT
content-encoding: gzip
via: 1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-version-id: HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop: YUL62-P1
age: 21475
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Fri, 08 Mar 2024 07:35:27 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: FtTKTWGTZnpQGUMZN5WbmIVcQMm1OQQ7mkTZL0v-yyy4xpE6aV5wDg==

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 209ms
112ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

0591f85d9d774abacd4a8afabaaf466b07de36e4b0522ad6d64c24f8ec7d36b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18043
x-xss-protection: 0
server: cafe
etag: 11307464994319591577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 01:16:07 GMT

GET
H3 200 get-popup Show response
operations.red/api/ 0
4 KB 234ms
233ms XHR
text/plain 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/api/get-popup?method=NONE&page=%2F&device=desktop

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
content-security-policy: default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjPRGUz4OxRkfHnD2%2BEXL4g%2BdfceBr4gefPg%2FtplP1kiTC%2Fdkt3oNEXQKNI%2FvRDEjn6eWpCLQ3D3CK8i%2FfWK0OOsCU4PDNjdANAvTdbzJb0j5Vj5q0siHT7yD8uaRmseFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86ed7381cde36057-ORD
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
operations.red/user/search-history/ 2 B
447 B 197ms
197ms XHR
application/json 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/user/search-history/

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WG7KL%2Fe7w51Ed0g62V1dmL3R5KpY3ltR5N%2BTxhFdY57T5OdJ3owOHyAVCSIIDJtUdQrDu4dHLs5o1%2FrchaX0W4yWipvag2zhX8BY0R7TyG90NPT1%2B%2FF9XfNDtRPTYEKcDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
x-frame-options: DENY
cf-ray: 86ed7381ddfc6057-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
operations.red/user/search-history/ 2 B
444 B 218ms
217ms XHR
application/json 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/user/search-history/

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZmLVBwr%2F1GpCetgvBLtE63bs6LwQpFyb1CDM6B8e6f8QtsIZqRKfy8dlBVbLWuEJ2vwVpp124DeQBkp3SKef7ZEVGeRQXlCgO1oPkxFmbSL3o4JD%2FHxCXDCn9ij5lzZcxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
x-frame-options: DENY
cf-ray: 86ed7381ddff6057-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 334ms
114ms Image
text/plain 2a03:2880:f17b:283:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=451761978588735&ev=PageView&dl=https%3A%2F%2Foperations.red%2F&rl=&if=false&ts=1712193367328&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=30&cs_est=true&ler=empty&cdl=API_unavailable&it=1712193367105&coo=false&rqm=GET

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f17b:283:face:b00c:0:25de Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=105, rtx=0, c=10, mss=1294, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 Apr 2024 01:16:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/993290547/ 3 KB
1 KB 64ms
64ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/993290547/?random=1712193367496&cv=9&fst=1712193367496&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foperations.red%2F&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

a74f3cca2875796b574913000379c85e14f7e08d718d254c5b8d04970119d60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1476
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993290547/ 2 KB
1 KB 55ms
55ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993290547/?random=1712193367504&cv=9&fst=1712193367504&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C509562773%2C512247838&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DBuson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!%3Burl%3Dhttps%3A%2F%2Fwww.buson.com.br&frm=0&url=https%3A%2F%2Foperations.red%2F&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

1b0359660dc9d9c6051b72d29aac49b9e1cc44d403d4123d876000e961a1d9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/993290547/ 42 B
64 B 46ms
46ms Image
image/gif 172.253.115.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/993290547/?random=1712193367504&cv=9&fst=1712192400000&num=1&guid=ON&eid=466465925%2C509562773%2C512247838&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DBuson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!%3Burl%3Dhttps%3A%2F%2Fwww.buson.com.br&frm=0&url=https%3A%2F%2Foperations.red%2F&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&async=1&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqp5eUX1bIs9w-qvU0DalkYVjeXdYpswVPTNvSkHet1eJxk6P4&random=1411250730&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/993290547/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993290547/?random=340679553&cv=9&fst=1712193367496&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=8...
https://www.google.com/pagead/1p-conversion/993290547/?random=340679553&cv=9&fst=1712193367496&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_...

42 B
64 B

51ms
50ms

Image
image/gif

172.253.115.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/993290547/?random=340679553&cv=9&fst=1712193367496&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foperations.red%2F&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIgIDWq7GnhQMV5KeDCB3bzAobMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vb3BlcmF0aW9ucy5yZWQv&is_vtc=1&cid=CAQSKQB7FLtqHPKLCWQMRwm5APK8eIbIHB4tjnw_kMyq5tpQ3ESNq0M0WoYs&random=2322614251&resp=GooglemKTybQhCsO

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Server

172.253.115.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://operations.red/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/993290547/?random=340679553&cv=9&fst=1712193367496&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foperations.red%2F&tiba=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIgIDWq7GnhQMV5KeDCB3bzAobMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vb3BlcmF0aW9ucy5yZWQv&is_vtc=1&cid=CAQSKQB7FLtqHPKLCWQMRwm5APK8eIbIHB4tjnw_kMyq5tpQ3ESNq0M0WoYs&random=2322614251&resp=GooglemKTybQhCsO
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 me Show response
operations.red/t/user/ 0
4 KB 245ms
245ms XHR
text/plain 172.67.189.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.red/t/user/me

Requested by

Host: assets-app.buson.com.br
URL: https://assets-app.buson.com.br/assets-staging-200/_v2/application/commons.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.189.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
content-security-policy: default-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost;script-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br http://*.google-analytics.com https://*.googletagmanager.com https://*.googlesyndication.com https://www.google.com https://accounts.google.com https://files.lgtcdn.net https://cdn.amplitude.com https://i.k-analytix.com https://googleads.g.doubleclick.net https://apis.google.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com http://cdn.siftscience.com https://www.awin1.com http://www.awin1.com https://cdnjs.cloudflare.com https://c.btg360.com.br https://certify.alexametrics.com https://ad.doubleclick.net https://cdn.ampproject.org https://www.gstatic.com/ https://static.hotjar.com https://script.hotjar.com/ https://csmetrics.hotjar.com/ https://bat.bing.com/ https://d3dh5c7rwzliwm.cloudfront.net/ https://www.googleadservices.com https://csmetrics.hotjar.com/ *.cloudfront.net *.cloudflare.com *.hotjar.com *.segment.com https://api.segment.io https://cdn.segment.io http://www.googleadservices.com https://analytics.tiktok.com https://lantern.roeyecdn.com 'unsafe-eval' 'unsafe-inline';media-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br;font-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.gstatic.com https://maxcdn.bootstrapcdn.com/;style-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost fonts.googleapis.com https://accounts.google.com/ 'unsafe-inline';connect-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost https://ampcid.google.com https://ampcid.google.com.br https://heimdall-prod.lgtcdn.net https://api.amplitude.com https://*.analytics.google.com https://*.googletagmanager.com https://static.ads-twitter.com https://www.dwin1.com https://connect.facebook.net http://tag.rmp.rakuten.com https://static.hotjar.com http://cdn.siftscience.com http://i.konduto.com/ https://google.com http://*.google-analytics.com https://accounts.google.com https://*.g.doubleclick.net https://www.facebook.com/tr/ https://apis.google.com https://c.btg360.com.br https://certify.alexametrics.com https://d31qbv1cthcecs.cloudfront.net https://event.getblue.io https://script.hotjar.com https://sslwidget.getblue.io https://stats.g.doubleclic https://stats.g.doubleclick.net/ https://www.google.com https://www.google.com.br https://csmetrics.hotjar.com/ *.cloudfront.net *.hotjar.com *.facebook.com *.google.com *.segment.com https://api.segment.io https://cdn.segment.io *.google.com.br *.googlesyndication.com https://bat.bing.com/ https://googleads.g.doubleclick.net *.hotjar.io wss://ws15.hotjar.com wws://wsp15.hotjar.com wss://ws.hotjar.com wss://*.hotjar.com https://analytics.tiktok.com https://lantern.roeyecdn.com http://ip-api.com/;form-action 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://accounts.google.com https://www.facebook.com;img-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://images.unsplash.com https://google.com https://*.google.com https://*.google.com.br https://hexagon-analytics.com https://www.facebook.com https://analytics.twitter.com https://t.co/i/adsct https://*.googletagmanager.com https://www.awin1.com http://www.awin1.com https://connect.facebook.net/ https://consent.linksynergy.com/ data: https://*.analytics.google.com https://www.googleadservices.com https://track.linksynergy.com https://*.google-analytics.com *.cloudfront.net https://bat.bing.com/ https://*.g.doubleclick.net https://lh3.googleusercontent.com *.googleusercontent.com;frame-src 'self' *.buson.com.br https://buson.com.br *.guichevirtual.com.br https://guichevirtual.com.br localhost *.buson.com.br https://buson.com.br https://www.facebook.com https://accounts.google.com https://maps.google.com https://www.google.com https://www.google.com.br https://indexanetwork.go2cloud.org https://*.googletagmanager.com https://vars.hotjar.com https://td.doubleclick.net https://bid.doubleclick.net https://*.doubleclick.net
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXDkS40h8tUIooz4d4K3n1%2FmTF8vF%2B5UqIhkTdlmA0xinT3rWUcRSP7XiYbxSepuPoQjl%2FicUHqTNdZkHKBbW18LVrG98MEsp5Isfz0ZzywE%2BzyOFs826DxHy3bzfKIpLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86ed738428e26057-ORD
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 favicon.png
assets-app.buson.com.br/assets-staging-200/_v2/static/img/favicons/ 436 B
1021 B 52ms
52ms Other
image/webp 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/favicons/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e607d3e73652b07cb41881cac47507ad28fe924d951e529dcae293698cfdb5bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
cf-cache-status: HIT
age: 36920
cf-polished: origFmt=png, origSize=1274
x-guploader-uploadid: ABPtcPpG0boTiRvHNfpuboPgxtY_TspyOfjGqXg5KEvufYmTQZbiR1p4Tbzq4Fq3GJKnejUqDG4odwSCuQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="favicon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 436
cf-bgj: imgq:100,h2pri
last-modified: Wed, 27 Mar 2024 12:09:33 GMT
server: cloudflare
etag: "7e6ac359c554d8dad64225e65a793de7"
vary: Accept
x-goog-generation: 1711541373952604
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=tcpnQg==, md5=fmrDWcVU2NrWQiXmWnk95w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 1274
accept-ranges: bytes
cf-ray: 86ed73842b357118-YYZ
expires: Thu, 11 Apr 2024 01:16:07 GMT

GET
H3 200 favicon-32x32.png
assets-app.buson.com.br/assets-staging-200/_v2/static/img/favicons/ 272 B
860 B 51ms
50ms Other
image/webp 104.19.237.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/favicons/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.237.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccdb016f77ebbfa2406b3db30b03e1ede8da444c1bce7b79251e43ff07c5ac6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 01:16:07 GMT
cf-cache-status: HIT
age: 36919
cf-polished: origFmt=png, origSize=729
x-guploader-uploadid: ABPtcPpBXQnEZWXyqmcmJh4hXjBu2ThuGHlhE51JchzjazVKge46hBYQDF1hChqNkEMsMx0xFAtTjoK_ow
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="favicon-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 272
cf-bgj: imgq:100,h2pri
last-modified: Wed, 27 Mar 2024 12:09:36 GMT
server: cloudflare
etag: "8de2ef08ac1a6438380018e3e70a1b79"
vary: Accept
x-goog-generation: 1711541376408430
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=FRAINQ==, md5=jeLvCKwaZDg4ABjj5wobeQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 729
accept-ranges: bytes
cf-ray: 86ed73847bc37118-YYZ
expires: Thu, 11 Apr 2024 01:16:07 GMT

GET
H2 200 s.js Show response
cdn.siftscience.com/ 62 KB
21 KB 122ms
31ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.siftscience.com/s.js

Requested by

Host: operations.red
URL: https://operations.red/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 18 Mar 2024 08:36:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1442377
x-guploader-uploadid: ABPtcPqTJneJwoI4G5mG61DQ9n_2giyP4N7sbpv2dPC9gOvrrxEaDPwYUaEnJ-6c72YFE1xtFqVRjbE_Nw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20557
last-modified: Mon, 18 Mar 2024 08:23:03 GMT
server: UploadServer
etag: "489c51cfaaabb9e46cdcd9805f9cb5e7"
x-goog-generation: 1710750183024543
x-goog-hash: crc32c=asYZeQ==, md5=SJxRz6qrueRs3NmAX5y15w==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 20557
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Mar 2025 08:36:32 GMT

GET
H2 200 412779.gif
hexagon-analytics.com/images/ 43 B
288 B 152ms
67ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/412779.gif?bk=9df983fa1a&tm=28&r=639193581&v=107&cs=UTF-8&h=operations.red&l=en-US&S=cb0cbde7449c82217a1ac531780bfe95&uu=6dd7a4ac3a75691023cec3b9f95e383&t=Buson%3A%20Compre%20Passagem%20de%20%C3%94nibus%20Online%20Aqui!&u=https%3A%2F%2Foperations.red%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&nm=2&mh=63196a00446a1e285d1992cfe444aa55&np=5&ph=332b72bdb211e34e6e3c24f88d7c393b&sh=600&sw=800&cd=24&p=Win32&to=600&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=16&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=fae6548d136db15e45c35040a4cbd54b&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://operations.red/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 01:16:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lantern.roeyecdn.com
URL: https://lantern.roeyecdn.com/lantern_global_66092.min.js

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
operations.red/	1970-01-20 19:46:38	Name: widgetAnalyticsRemoved Value: true
operations.red/	1970-01-20 19:46:38	Name: noServiceFeeLabelOnCheckoutResume Value: false
operations.red/	1970-01-20 19:46:38	Name: smallDevicesAdjust Value: false
operations.red/	1970-01-20 19:46:38	Name: searchResultImprovement Value: false
operations.red/	1970-01-20 19:46:38	Name: cancelLinkRemoved Value: true
operations.red/	1970-01-20 19:46:38	Name: newHeader Value: false
operations.red/	1970-01-20 19:46:38	Name: checkoutResume Value: false
operations.red/	1969-12-31 23:59:59	Name: linksOnCard Value: false
operations.red/	1970-01-20 19:36:36	Name: connect.sid Value: s%3A4xJyJo77cFULKQOZGLrr9yJB2MOqpQzA.8ORZi%2FwoaNR1tUAiM5Ne1uvBveQUoXdq1SZEiCnwRQk
.buson.com.br/	1970-01-20 19:36:35	Name: __cf_bm Value: AYzjR34REFOHzoJbTaMskJMZqCj_RC4oQHeFp0bPrc0-1712193366-1.0.1.1-975qXFxGP4seOUpnOzHxJX450KpKGGsS4CkiR0VA.M880QDcmbOwb4vqFbAl59fvJO96I9EDY.4WUy0qlTWMWg
.operations.red/	1970-01-21 04:22:09	Name: __kdtv Value: t%3D1712193366279%3Bi%3Dff91d7e928e25044d959ec1c47fdeb6cbf2f1643
.operations.red/	1970-01-21 04:22:09	Name: _kdt Value: %7B%22t%22%3A1712193366279%2C%22i%22%3A%22ff91d7e928e25044d959ec1c47fdeb6cbf2f1643%22%7D
.operations.red/	1970-01-20 21:46:09	Name: _gcl_au Value: 1.1.549325017.1712193366
.operations.red/	1970-01-20 20:19:45	Name: AwinChannelCookie Value: aw
operations.red/	1970-01-20 19:36:36	Name: amplitude_buson Value: %7B%22deviceId%22%3A%22cdf92cef-36c8-4e3b-ad6e-2b139a319f2fR%22%2C%22userId%22%3Anull%2C%22sessionId%22%3A1712193366525%7D
.operations.red/	1970-01-21 05:12:33	Name: amplitude_id_533be26b67e2936d537d199018758c9boperations.red Value: eyJkZXZpY2VJZCI6ImNkZjkyY2VmLTM2YzgtNGUzYi1hZDZlLTJiMTM5YTMxOWYyZlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTcxMjE5MzM2NjUyNSwibGFzdEV2ZW50VGltZSI6MTcxMjE5MzM2NjUzMCwiZXZlbnRJZCI6MiwiaWRlbnRpZnlJZCI6Miwic2VxdWVuY2VOdW1iZXIiOjR9
.tiktok.com/	1970-01-21 04:58:09	Name: _ttp Value: 2ecACkzOqC3mTLinYNuNuvqxkDl
.operations.red/	1970-01-21 05:12:33	Name: _ga_L7HJ5T78EE Value: GS1.1.1712193366.1.0.1712193366.60.0.0
.operations.red/	1970-01-21 05:12:33	Name: _ga Value: GA1.1.201142201.1712193367
.operations.red/	1970-01-21 04:58:09	Name: _tt_enable_cookie Value: 1
.operations.red/	1970-01-21 04:58:09	Name: _ttp Value: e0YWUIHi5ptqDs-OMKn35gAhZMr
.twitter.com/	1970-01-21 05:12:33	Name: personalization_id Value: "v1_R5IBkRCimGJ+Zx53UA0kVQ=="
.t.co/	1970-01-21 05:12:33	Name: muc_ads Value: 2a90f4c1-3e3d-45c4-9a39-291a6cdedbf2
.operations.red/	1970-01-21 04:22:09	Name: ajs_anonymous_id Value: f6f94555-fd12-485b-a6f6-d796084d7051
.operations.red/	1970-01-21 04:22:09	Name: analytics_session_id Value: 1712193367180
.operations.red/	1970-01-21 04:22:09	Name: analytics_session_id.last_access Value: 1712193367180
operations.red/	1970-01-20 19:36:36	Name: JSESSIONID Value: 8BF432295BB948860E49373CA17B0E0F
.doubleclick.net/	1970-01-21 05:12:33	Name: IDE Value: AHWqTUlMS2ByP7hJfWFkGKxjrjTHdoHRWEaSBNjLvvr25tLDMhyLZtD60pqHCygp
.operations.red/	1970-01-21 05:12:33	Name: __ssid Value: 6dd7a4ac3a75691023cec3b9f95e383

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/451761978588735?v=2.9.151&r=stable&domain=operations.red&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 87) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://operations.red/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://operations.red/ Message: The resource https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/banner-mobile.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://operations.red/ Message: The resource https://assets-app.buson.com.br/assets-staging-200/_v2/static/img/home-promotion.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

X-Frame-Options

DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api.segment.io
asset.buson.com.br
assets-app.buson.com.br
cdn.amplitude.com
cdn.segment.com
cdn.siftscience.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
i.k-analytix.com
i.konduto.com
lantern.roeyecdn.com
operations.red
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.rmp.rakuten.com
www.dwin1.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
lantern.roeyecdn.com
104.19.237.57
104.19.238.57
104.244.42.67
104.244.42.69
13.225.189.204
142.251.163.154
142.251.167.155
146.75.28.157
172.253.115.147
172.67.180.67
172.67.189.38
2001:4860:4802:38::181
23.206.172.53
2600:9000:26a0:fc00:f:8ce2:fb80:93a1
2606:4700:3031::ac43:bd26
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::54
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::9a
2607:f8b0:4004:c1b::5e
2a03:2880:f08e:219:face:b00c:0:3
2a03:2880:f17b:283:face:b00c:0:25de
3.161.214.161
34.102.147.248
34.102.232.42
34.96.67.224
44.240.196.172
54.69.251.6
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
048ac3a0355e468d50bd4e712eacfc902b6779c4a84e3de3a2d6d03cacdd2b3d
0591f85d9d774abacd4a8afabaaf466b07de36e4b0522ad6d64c24f8ec7d36b7
0c06289db84a0908cd85436df12539be6bb9349cd100d9d54b77eb56512e0363
102eebccd930047161f45f31bd9a6e60184f1dcafd3cb880b36a1db4655d7147
10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2
11bd1e326d09bbfad931dad8561279813258d156b88abf745232ef1a24814088
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18f15bdf290c8be43267bd95540a071b88f9cda49363a20e71c1e79883690da9
1b0359660dc9d9c6051b72d29aac49b9e1cc44d403d4123d876000e961a1d9c5
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de
22f94f1e5cf8d4b6f197d7ef7f7e8d02e9051af742d344ea4b940905061abe06
26e6dcd54c9767852e1fd2614934db97d2c31391992df9627f8da7346db7d374
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2bc48322b67f7f3e57c48f2c31f2ce91092a20d534495b69918b58864fb19342
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
34b80c57828cdb1f0a11720a3319cce04edc9e753ba383fd79e74282ee0c8696
3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342
444204540e9a788c517039c8411a9fa9e05b6a385d374f1411852674f9a9d903
44e682da8f10b3cfd0c49a78e33327ff9644188ed300283732e8997dc75f62d2
46722cb1c0667d45f260b3ff595708d4b857c3ba053236b1c38c7036db2b1a03
49a1f2087a7ed4cc6d80dcd029b79eb095ecd963b4ee81d5a15082e310dfa151
4cfacd66376f0c1e23b5f04428848982ca6a64852898589ab3f51ba302a6b1aa
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
521a2d3690f74082aa3bb8f1d9c3159066756c178df86552f7f6b25500c8f5d5
57113c352ed6a690d6f9d307be964ef9a96cf9086cec6cbb6ac770587d5e0423
5845dd74634210cfd30720adb1aff724c1c7e1e8c0ca7d4f089d38d889320539
5aaf7f1df6a23268f7dea5f0757d793354193f078a7cd8ceeafae3c6defd1ac5
5b203de67a52790c6ae1fd7a5661753b91a8a3aeed799a3d59c06c7093321060
614eb11e80db5f0f4b52ba6a8d20978b40deba35557f58428531c63135212d83
63e0c4dae3b866c9ca140adb954d274f792bf1fb47670ad2f08b8f0a44795f5f
658ec3e887d875c92aaf7f0939a2ee12702fd3aef9f235ea07c8bf9d013d55e2
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
754b3dac0b83ab63dad7cc934d8900fda8d398682d5c6922fd65c32beabbef73
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
86029f404faed72a6d14d1b9d86abeb02a9c8c788dc7c5ea797a6ea0e083c6ab
86a590d25968e7fd492f88cda922d92181bfd543d56906bfe7785a464f1ed579
907e9994a2ae6e01092641396a67e18440ddc8f0fa0f8c75e59b08166ba61b63
956b47bccea16c3088dd3252c49d327eaf55fdbe15a11d441064b1f95f7e108d
978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad
9a1a6d91ca9b6ad0cde6e6b0cb0f97dbe1b9fb89631cd68a4fc58d6e8d0d044d
9ace1e3287e3c5997d9e3edc25f397b7f6d7746bbd742343f61ca09e88f48c88
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ac5be784b8359e178327b2aa198cdd2b34384002604773a51294df332b5d2d
a4540cc3c900d8b9712c79719afca2e6da65766430c1f5d511279dc1c1087809
a74f3cca2875796b574913000379c85e14f7e08d718d254c5b8d04970119d60b
a77684595d74fb21a93e856ae5eeb299bf2e71e1cbbf1719dd248fbd43645267
abc7a4571e555cff1b5c90a222becae8ed5c297a14c183af332b0a540557536b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1128adb79c7208d410630c04fe6e8ac8886aeb778aafb3f4195fe735acc1d89
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b19fcfa92aa08c90130c81dbe3853c10b43e677ac419da25076e16fef81f65c5
bb2d7f616360e1d15cd169de36f6b19e6b072cd5792d97a86df0a17ccdf87282
bc408cbd0dfe8b655b7897f0b4e69c65dedccfcb91aaec526f999b645bc15e5c
c34b7d9f8223b8898a876e7314af0b42e40e8a8d1f8ada2fe7ad852c9fc61463
c3f075aa4a0298c6239ea276be5bd08c0ca9589ea7756cce78d81869818433b3
c5a28f221720bef2396de8f1113568e75fd2cb28c76ffb3efe31d4d28a26bdee
d13a5ff44b306916e83d9a82f56cfd7ce80fb8642d1e916f9b916e0296bef8ad
d4854fa58837630d4b8a75f39c625e3bfa7b25aeb61d0b404fc89e3e62b4f47b
d76fc82475349a5ca803adf8aafd84fd60d03e09ca8fafbfbfd9108fef4c60d7
e31f53e84704b247337fe3a00c1f1454753215ece8d8f6742620fc8260f4700e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ff09da005595b9faff6285fbce6b81a1d1b2ac67fbe82d033aa333911d637e
e557dccd4c74a7ba23d6f328f5a42da66a57f3b3288c51d1de655fa5179ecbe2
e607d3e73652b07cb41881cac47507ad28fe924d951e529dcae293698cfdb5bb
eccdb016f77ebbfa2406b3db30b03e1ede8da444c1bce7b79251e43ff07c5ac6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e8e2b4338dae80a6cf491cdc28232026128cc1e22fe2b5eb6e80a208d38e9f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbd2bd0c0acaac8e68a35ff0ed7cefd8485121e4b643d0b7f6f19113627ddc6a

operations.red Open in urlscan Pro 2606:4700:3031::ac43:bd26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

98 %HTTPS

36 %IPv6

24 Domains

28 Subdomains

29 IPs

3 Countries

1872 kBTransfer

4506 kBSize

29 Cookies

34 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

operations.red Open in urlscan Pro
2606:4700:3031::ac43:bd26 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

98 %
HTTPS

36 %
IPv6

24
Domains

28
Subdomains

29
IPs

3
Countries

1872 kB
Transfer

4506 kB
Size

29
Cookies

90 HTTP transactions
0 data transactions