onibusbrasil.com Open in urlscan Pro
2606:4700:3031::681b:8c3a Public Scan

URL:
https://onibusbrasil.com/
Submission: On November 15 via api (November 15th 2020, 12:56:31 am UTC) from BR

Summary HTTP 143 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 143 HTTP transactions. The main IP is 2606:4700:3031::681b:8c3a, located in United States and belongs to CLOUDFLARENET, US. The main domain is onibusbrasil.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2020. Valid for: a year.

This is the only time onibusbrasil.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	2606:4700:303... 2606:4700:3031::681b:8c3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	54.239.192.92 54.239.192.92	16509 (AMAZON-02) (AMAZON-02)
2 2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
4	18.196.191.129 18.196.191.129	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
10	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
143	17

52 2606:4700:3031::681b:8c3a (United States)

ASN13335 (CLOUDFLARENET, US)

onibusbrasil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sp1.onibusbrasil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
brt.onibusbrasil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.192.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-92.waw50.r.cloudfront.net

m2d.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland) 2 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.196.191.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-191-129.eu-central-1.compute.amazonaws.com

analytics2.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	onibusbrasil.com onibusbrasil.com sp1.onibusbrasil.com brt.onibusbrasil.com	823 KB
34	googlesyndication.com 5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	206 KB
15	ampproject.org cdn.ampproject.org	291 KB
13	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	197 KB
9	google.com 3 redirects www.google.com adservice.google.com	2 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	174 KB
5	m2.ai m2d.m2.ai analytics2.m2.ai	178 KB
5	googleapis.com fonts.googleapis.com	4 KB
2	googletagservices.com www.googletagservices.com	46 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	fbsbx.com platform-lookaside.fbsbx.com	6 KB
2	facebook.com 2 redirects graph.facebook.com	724 B
1	google.de adservice.google.de	803 B
1	googletagmanager.com www.googletagmanager.com	38 KB
143	14

	Domain	Requested by
40	onibusbrasil.com	onibusbrasil.com
24	tpc.googlesyndication.com	onibusbrasil.com securepubads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org
15	cdn.ampproject.org	securepubads.g.doubleclick.net
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net onibusbrasil.com
10	brt.onibusbrasil.com	onibusbrasil.com
8	www.google.com	3 redirects m2d.m2.ai www.gstatic.com onibusbrasil.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.googleapis.com	onibusbrasil.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	analytics2.m2.ai	m2d.m2.ai
3	googleads.g.doubleclick.net
2	www.googletagservices.com	m2d.m2.ai securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sp1.onibusbrasil.com	onibusbrasil.com
2	platform-lookaside.fbsbx.com	onibusbrasil.com
2	graph.facebook.com	2 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	m2d.m2.ai	onibusbrasil.com
1	www.googletagmanager.com	onibusbrasil.com
143	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-09` - `2021-08-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.m2.ai Amazon	`2020-02-14` - `2021-03-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://onibusbrasil.com/
Frame ID: C4F92134C426DC6BA2A21C8834026FED
Requests: 83 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&co=aHR0cHM6Ly9vbmlidXNicmFzaWwuY29tOjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=normal&cb=1k0ghpj0keid
Frame ID: 4399531F4CFBD6C8B047F7B4C1609A28
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&cb=t0okwmo5tb8i
Frame ID: 73259B2A7A70A5B7891450770AAF6B76
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: F2A0F2E40F32AE96288F208AA4F7E52E
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: E6C647671CEB9CCE9DAAEBFBA317C045
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: AC946B11EA99B2CF5F27D0343AF42C1D
Requests: 22 HTTP requests in this frame

Frame: https://5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 39E4B4B77D326E5FCC9F3D21C8AFA398
Requests: 1 HTTP requests in this frame

Frame: https://5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F702364323D7FD73A1CBF0E147CFB474
Requests: 1 HTTP requests in this frame

Frame: https://5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 840DD7DB4E53445BE063D4BBE783D651
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 93EB7535A74D603B8D1ECDB386209297
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

143
Requests

100 %
HTTPS

82 %
IPv6

14
Domains

22
Subdomains

17
IPs

3
Countries

1986 kB
Transfer

5086 kB
Size

22
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/onibusbrasil
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/onibusbrasil
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/22317892/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://graph.facebook.com/v2.4/%201687864348156800/picture?type=normal HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1687864348156800&height=100&width=100&ext=1607993771&hash=AeRvHQMkBshhHr6BgL8

Request Chain 21

https://graph.facebook.com/v2.4/%20108996534098542/picture?type=normal HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=108996534098542&height=100&width=100&ext=1607993771&hash=AeQT_Fpzm070asE9kx0

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

143 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onibusbrasil.com/ 36 KB
8 KB 604ms
573ms Document
text/html 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a182b93249bd6795664a084041a389bc845c29b2b3e565bdca6604128b7bc66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: onibusbrasil.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 15 Nov 2020 00:56:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2426756a45cf260980708230bd5914f01605401771; expires=Tue, 15-Dec-20 00:56:11 GMT; path=/; domain=.onibusbrasil.com; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6IkYrTm9WYUQrMU5LNlNtMnl1dGpDbWc9PSIsInZhbHVlIjoiWmZWWnJnaWZRcE9vTEtBZnpPd1wvMEpKVE95YjJPOXBnaksxbWtpblppbGd4am9QbXJzOUpzZUNEM1VuYVRBNVgiLCJtYWMiOiIxOTZiMTE4MTFiYzQ1NmVkNDBjZGE2OTczM2NiZjRiODUzMDhkNDFjYjBhZWU0MmFhNDk4M2I0ZTQ3YTFhODlkIn0%3D; expires=Sun, 15-Nov-2020 02:56:11 GMT; Max-Age=7200; path=/; domain=.onibusbrasil.com; secure ob4_session=eyJpdiI6IkJDK2liakIwTmQ0WFI4dTVGdHp4VXc9PSIsInZhbHVlIjoiajZTcDFJNW8rQVwvbVZOSFJkYUR4NHR5UnlWaTg3c3R1cWJsWnVMRytqN1RjbWo2eFlVSHJaQWxQakpUSkt1cFMiLCJtYWMiOiJkZDI3NjE0OWQ0MzVmYTk3YmEwMTIxY2E2OTY2OGNhYTU0ZjA5OWEwZTNlNTBhMGNhNGUxZTBjYTE2NGFkYWIzIn0%3D; expires=Sun, 15-Nov-2020 02:56:11 GMT; Max-Age=7200; path=/; domain=.onibusbrasil.com; secure; httponly
vary: Accept-Encoding
cache-control: no-cache, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
cf-request-id: 066b0014d00000dff394b6e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1j4nnzcuck50y%2FylFy0iGBZkDnSO6jfoaLG3goNpFWpza2pX8vAb%2FlRyppKrjA2SQZjXcq1uZyd8WYnUNGfr12rzF1Do5dr4deFAqrDfHByYOi9dfOXXX1xfyJGf"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f2502ce1a2edff3-FRA
content-encoding: br

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 39ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-120360188-1

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8eacec47783317c9e9e04ca2dab99b6044b793e4114d0491bc8c4e414c9f9e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38694
x-xss-protection: 0
last-modified: Sun, 15 Nov 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 15 Nov 2020 00:56:11 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
807 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

426f61abc23d6e3d3828bae17092c8db3301629ac8190174fbfa37f3c76f80a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 15 Nov 2020 00:56:11 GMT
server: ESF
date: Sun, 15 Nov 2020 00:56:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Nov 2020 00:56:11 GMT

GET
H2 200 libs-001.css
onibusbrasil.com/css/ 393 KB
49 KB 46ms
45ms Stylesheet
text/css 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onibusbrasil.com/css/libs-001.css

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb686f3af593d4a5d61575a65682ebaa6a5ec362b757b3ed593a69ab425b7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 590870
status: 200
x-server-powered-by: Engintron
cf-bgj: minify
cf-request-id: 066b0017260000dff33009b000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 11 Jun 2020 05:33:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2BatlF%2BM2YKuICNS3XTtTWi3eMOrR2u6IvoxQ4hameXkk4aZrsNs4pPmcCSWaqkzVE95Ci8TGzCaca1sutb8YzSZv61uvmBZrDDgqKVfEPTVLPKik3vNW5I2%2Fotr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5f2502d1dd85dff3-FRA
expires: Tue, 08 Dec 2020 04:48:21 GMT

GET
H2 200 theme-001.css
onibusbrasil.com/css/ 358 KB
42 KB 25ms
24ms Stylesheet
text/css 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onibusbrasil.com/css/theme-001.css
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e24e9c5ef1cec032c5eddd145fa09cd4259912a0e51f4055e0e64a35d0d2d94

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 802501
cf-polished: origSize=366700
status: 200
cf-bgj: minify
cf-request-id: 066b0017270000dff304339000000001
pragma: public
last-modified: Thu, 11 Jun 2020 05:33:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x8p9oyb5Ym4AiF%2F2%2FA8bKNVgqOxUDUle6NtiQsUOgsoRxIUdB%2BGsfdX4jC1Ajhu0ILj9SK9QB08H%2BMJ9DfyHkQQUN23KFQoXCjfwUFkO0xncskun3kJe3EzZ1Ynj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 5f2502d1dd89dff3-FRA
expires: Sat, 05 Dec 2020 18:01:10 GMT

GET
H2 200 pg.onibusbrasil.js Show response
m2d.m2.ai/ 610 KB
177 KB 202ms
76ms Script
application/javascript 54.239.192.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pg.onibusbrasil.js
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.239.192.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-239-192-92.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396171a809c1929d754f948bf3d4344399f73822008f0b170fd196c09b6f1cc8

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:55:56 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 16:19:45 GMT
server: AmazonS3
age: 16
etag: "7faf1052ac1f6e086990b4029be027c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-amz-cf-pop: WAW50-C1
x-amz-cf-id: _vmeOtw08ZCljIDEnAHtOBWCEXoW6Xsg7fwAq81yUIoNA7-fZBiT5A==
via: 1.1 f62050e21268ac5026b6ccb68a1f0a2b.cloudfront.net (CloudFront)

GET
H2 200 logo.png
onibusbrasil.com/img/ob/ 4 KB
5 KB 43ms
31ms Image
image/png 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onibusbrasil.com/img/ob/logo.png
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a586a13c00fc41d14b297e15d079b256122ed578cdd585328f2820aad801a65f

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1021043
status: 200
content-length: 4369
cf-request-id: 066b00173c0000dff38d298000000001
pragma: public
last-modified: Tue, 23 Jan 2018 00:00:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fw4FM2yZlzUcggK4ZZYPAHlMpPD42X0EHAJVvP8Ylba%2Ba9SWpAbR4wRZl5XEEcWuDBUou%2Fg4qLNYKMjl3foK8HDWM5%2BETMnfBEm3c0dZH2D7bN%2FJL15rlZ2abetF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdabdff3-FRA
expires: Sat, 02 Jan 2021 05:18:48 GMT

GET
H2 200 46b7ebee2534ef9813c7f56f3aa6c241.jpg
onibusbrasil.com/storage/i/2020/11/3/t/ 9 KB
10 KB 49ms
37ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/3/t/46b7ebee2534ef9813c7f56f3aa6c241.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2f5037b70a506030c369a574344e67e39672563c105ad2c9329bae38fcabe2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 9660
cf-request-id: 066b0017400000dff33219d000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 03 Nov 2020 07:01:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zwH%2BKGTZ%2BewIiOQL%2BJsrUHbyGdVWKzqhuobVbPsoHMa6FDINIADyj8rtY9HCMECZrgk%2FhEWPoRpugP30C0Q65Q1mROm8NjcZn79rpew42E414Ffg6lM60862wv5i"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdaedff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 fe1a73d7553314f8b8961bcf868b6556.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 7 KB
7 KB 500ms
489ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/fe1a73d7553314f8b8961bcf868b6556.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a4a180b318e0e69fb8cba4a292bbad227f99236f0dea50603e0d2524a3305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-server-powered-by: Engintron
content-length: 7302
cf-request-id: 066b00173d0000dff363afc000000001
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 15 Nov 2020 00:56:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VYTWYpEnqIOmtXjWjYgZS4MfC23mclJBHLeHEOXYFcSwqmvOEChANbmgjky5guvC3J7R64jo1T%2FUbZjNw%2BoKLrb7f29ysP40hMFN%2BHYfIYzzFsB3FoDjI2HKLjen"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdb1dff3-FRA
expires: Thu, 14 Jan 2021 00:56:12 GMT

GET
H2 200 09a5e56059d3a617c491f58403cdc0cb.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 9 KB
9 KB 498ms
487ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/09a5e56059d3a617c491f58403cdc0cb.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa6e58c29ac39841e6f596dff2688d20acc39047e007b4a28ea6c9b727a20102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-server-powered-by: Engintron
content-length: 8754
cf-request-id: 066b00173e0000dff313be5000000001
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 15 Nov 2020 00:55:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IAuQpuaLho%2Bybx60jHo61u7HPSpkb5ckOuF3I1a66dTiYd%2FqXnqoIJ2ouUIwmjtJADZnPGVZXDjA89LbFK3FQRAkrNL0FDCw8VQZ%2BDfJ6CPHrlcmZyr0GCPThkIW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdb4dff3-FRA
expires: Thu, 14 Jan 2021 00:56:12 GMT

GET
H2 200 35a43b83e5740a52c9185ed22988205a.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 9 KB
9 KB 505ms
493ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/35a43b83e5740a52c9185ed22988205a.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c35f6fd3d9a9209a55cc4507785c3400a9f9872645e273f2bd3ffd85417629e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-server-powered-by: Engintron
content-length: 8772
cf-request-id: 066b00173e0000dff33009c000000001
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 15 Nov 2020 00:55:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nQcCOu592vE4j1SvQOWgTUth%2F7t5JhEQ471pphBfOcV9Ky2PT7PVi%2BrCgfBK%2BL0PPcQMSXN6iZ3ZE5ncBrmHvEiLdWtEysKJlxT88R4VopHN%2FW0Y0t1S6LxjadWm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdb5dff3-FRA
expires: Thu, 14 Jan 2021 00:56:12 GMT

GET
H2 200 321c33003b7756942428a67665eaf9e9.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 10 KB
11 KB 41ms
30ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/321c33003b7756942428a67665eaf9e9.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878553bd3c405aa0a175973e069c25a0d18df46442c191ab5d265e2ea8327351

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 10667
cf-request-id: 066b00173f0000dff38a2bb000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:55:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GRtk%2BslbNO1MsN5PWqoqzzBD4o8N%2BPsl%2Ba7qIjF%2BapDQzp1%2BjZkeoM5g4zgVee6ba3aTC9JAtHeLb7df9imtiGy3W%2F%2FE10Oe4raEb9CChbwWqaOA9XZN0L1tWm6n"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdb7dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 fdd11e150de0195e7a45d18eeb9a8713.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 7 KB
7 KB 41ms
30ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/fdd11e150de0195e7a45d18eeb9a8713.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135ef0ad977ebdc657e5a8e841c6a31cc4d9e49ea7d3e47298e99beea9f69ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 7294
cf-request-id: 066b00173f0000dff34b05e000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:55:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LgthWRKtiKrkuDv5zRJXXLtVBM6ZsRwm1VmiowzyMEsqbHJ4Wam1YxJ970EZ4c6IlKUroo1Rc0j0wSgbA2UarcywA6iSMLA%2FIYpWQxCzdlpr0SATmMcIzcEj2ZKz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdb9dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 53e14cdf706e20f7bcb555aba07fe57e.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 11 KB
11 KB 42ms
31ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/53e14cdf706e20f7bcb555aba07fe57e.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e78bb1b1f18b39b513798370107b26f74a0cce1ef5324966092ae3177ef98dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 10940
cf-request-id: 066b0017480000dff34321b000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:54:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HcDt981fW7w%2BHywFf5GibusaG8QsiSTAf3S2FWYfj%2Fd3s9EIuFOZ9hfX17GWPGyRA6%2FfoF3OWigDS0btJt3ZVEOlSUI75IzXBAVDoj7lFL2T8il1V8qm6e5uFZkj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdbadff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 030167ee5ac15687480ab00cae3df26c.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 10 KB
10 KB 49ms
38ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/030167ee5ac15687480ab00cae3df26c.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2e9a05372d2ff3512b66debcadaa3fb0d1b9be0ef3193559c03535b59bd993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 9892
cf-request-id: 066b00174c0000dff359b9e000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:53:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QDAMEO9YazxjmnX%2FlwJwoGjyoaXW4vKdPX9tEqWMDiB0FgA5z3IevYks1iXhxnQHVh4%2B%2Boppa6vePZx5RqU%2FQP%2FhLQ1fsjXDlNVlRDUPPd29FdY1wWvRuz3RE6eO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdc8dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 c82f1a861ab2edf4d9a1adbb5ce120b4.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 6 KB
7 KB 46ms
35ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/c82f1a861ab2edf4d9a1adbb5ce120b4.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8bab4b33b835f7366eb3d14bda2adc9652e0f17e3e10aa18e4274369d67a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 6564
cf-request-id: 066b00174c0000dff34b8a9000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:53:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BfPkSrxciVjBb0HnxfDhvdlVx%2BC%2FISMjpNg%2FEQAmI%2B4ocKORqeuxfQ2nTSkZ6bSKKNNBdLcBvUg5yOVGdBGDhxYpPTWpjemHlKBmF4qXRbmr4lvynBX2bMve%2B6Ry"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdcbdff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 6e93463dc96096fe141b67bca58306af.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 8 KB
8 KB 46ms
36ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/6e93463dc96096fe141b67bca58306af.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dc72474da8ca27739e09dbb9427b96171106257ca461b3d50ff976805d120a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 7851
cf-request-id: 066b00174c0000dff35f92f000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:53:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=13l4OEIJ4SvA8ZYPoMKmfDQkMdzyZw6dEOHjVXVnJoQ3aXdJ%2Bcew6xaXxYpwuodTnnKLxRPsmLzWvCp7f9lnKVwrR9Jo2aW5%2FAzNzbvZ3nv0zknZKp0IE4VDrf3k"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdccdff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 616a811d8fcf506391c537fedc6db121.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 9 KB
9 KB 46ms
36ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/616a811d8fcf506391c537fedc6db121.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1ce4751f1c5154f124652da1afe3d42a39f40c305c1919b60a13d8067cd8409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8836
cf-request-id: 066b00174d0000dff3193db000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:52:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HioYOV8eLBVcVRSgd%2BSTTmVyoCIgL6CMSQQnXnhv%2BibDexznX8gwWmVONzi65XoUaTpkmokQXja3GVNs2dIr9Y3JkE9pPgw7UstijWz26%2FHEofJ%2FjuePbE8Q8Jp4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d1fdcddff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 00ac63eff28c3574ab0baaa5ca037555.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 9 KB
9 KB 42ms
32ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/00ac63eff28c3574ab0baaa5ca037555.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0738ea93f16187f5279e792b88c1c880033b2b1b0abd3813b16097dbac2b185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8967
cf-request-id: 066b00174e0000dff3310f5000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 15 Nov 2020 00:52:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FtrOewsmeds6poboM2LVICCM9apcwgs%2BVtTTFocL9EKMmJzK0UbM8RX6Qiqhlf8zMQMZ3HvQmHZO3gSOHleAdn%2FLYqmH%2F3%2B2%2B7lTwl8yx4bjpexhTMuTfYLcxlUA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21dd0dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v2.4/%201687864348156800/picture?type=normal
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1687864348156800&height=100&width=100&ext=1607993771&hash=AeRvHQMkBshhHr6BgL8

3 KB
3 KB

49ms
36ms

Image
image/jpeg

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1687864348156800&height=100&width=100&ext=1607993771&hash=AeRvHQMkBshhHr6BgL8
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1254f47fda9cf5c338f650018f210c22cdb31b2d007ae5ebed6d818dd1daf72e

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 2684772005
date: Sun, 15 Nov 2020 00:56:12 GMT
last-modified: Sun, 10 Mar 2019 23:29:26 GMT
x-needle-checksum: 245179572
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
content-disposition: attachment
x-fb-config-version-olb-prod: 955
content-length: 2994

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002981958
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: vgs5u2vwJenfN0+PlQjfKXN3oV8vD8QZbC51vhgxo/csOw7k6Wk04lCIb0LHw+kxDulG8PQA6esn/5EKIkTQ1g==
x-fb-trace-id: DxJKnrzGUZB
date: Sun, 15 Nov 2020 00:56:11 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1687864348156800&height=100&width=100&ext=1607993771&hash=AeRvHQMkBshhHr6BgL8
x-fb-request-id: Avjr9o6DlkWVwIR4YrBrVOe
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 015f07144c7a7fbc3e1017ddfdd3558e.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 9 KB
9 KB 524ms
514ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/015f07144c7a7fbc3e1017ddfdd3558e.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a1209b0766ecf30dd090bc1d27e2e84770e4c32fa7b47d5f05cb0ac4b55972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-server-powered-by: Engintron
content-length: 9194
cf-request-id: 066b00174f0000dff3028db000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 14 Nov 2020 12:36:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qB6uMYCeDEchjKQqPiIc7oxFhcY%2B79fMmnHJ1zHetwGfr5FFSiWeNjaJZTSsLnUL68yQlziDPdRLlKMUcnAGY08a5XoqT7CH71I1A%2Fq4%2FaLxdGAYVTP9HZmK%2B65e"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21dd1dff3-FRA
expires: Thu, 14 Jan 2021 00:56:12 GMT

GET
H2 200 82aa213d81fc0b115dd7bff786d3bc6e.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 7 KB
7 KB 538ms
529ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/82aa213d81fc0b115dd7bff786d3bc6e.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e93984ce194bd4aabf272e1056694b0c057f7df036d82f79e6bb4db6fc01656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-server-powered-by: Engintron
content-length: 7354
cf-request-id: 066b0017560000dff3028dc000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 14 Nov 2020 12:22:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EkZWAp3hh%2B7NYD%2Be%2F9mxRBotvOlY0FUBevDnVDteRh4OvW5E60Lp6mvPSqyQlVKBNm8H4oHVj9e17y4NEXfcwYfSwIijYNAKxO%2BsHFh%2FDi5ZiGc7dqAZGY5Z5mP6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21dd3dff3-FRA
expires: Thu, 14 Jan 2021 00:56:12 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v2.4/%20108996534098542/picture?type=normal
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=108996534098542&height=100&width=100&ext=1607993771&hash=AeQT_Fpzm070asE9kx0

3 KB
3 KB

48ms
35ms

Image
image/jpeg

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=108996534098542&height=100&width=100&ext=1607993771&hash=AeQT_Fpzm070asE9kx0
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2fe582bafbceb4bc5a8af68877ea06cf5b392d359e149f758472145d31d3def5

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 4244182197
date: Sun, 15 Nov 2020 00:56:12 GMT
last-modified: Thu, 23 Apr 2020 14:22:02 GMT
x-needle-checksum: 1173976094
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
content-disposition: attachment
x-fb-config-version-olb-prod: 954
content-length: 3015

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002981962
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: UAXJIGE3MQw1c4gT6NP6OvLnstaJCjy97i3QlfKt2ZWB23zB75ivLOzIc6CLtWKaXsej3VgFgJ0RJbmdEq0P8w==
x-fb-trace-id: GN5cW+z/dzW
date: Sun, 15 Nov 2020 00:56:11 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=108996534098542&height=100&width=100&ext=1607993771&hash=AeQT_Fpzm070asE9kx0
x-fb-request-id: AsCM7j9MvujuuAJ_cNjXpJD
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2ed1cc457dee8a33dd39f003964fac17.jpg
onibusbrasil.com/storage/i/2020/11/12/t/ 9 KB
9 KB 56ms
47ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/12/t/2ed1cc457dee8a33dd39f003964fac17.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

becc2a0625e25f3fc4d89c3ba430de4988cafbbea34b857f8b08431b1783a2bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8816
cf-request-id: 066b00174f0000dff3700c6000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 12 Nov 2020 21:58:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4gFkPekqctrV1sk9gTcUJciMbT6FhYAFkp3AxrG9nu4N5Ijz%2Frv%2FpfR7CSeV3i0OTvhxXi4smWOQuWczbn8ViessGSuwqjG7Qs%2FO0G2sz7%2FgTtaS8d6HWP4HfiPs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21dd4dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 4553e0f035acc757572aace9f52e38bd.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 8 KB
9 KB 41ms
33ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/4553e0f035acc757572aace9f52e38bd.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac8ff1c211707f38ccbb56ad058a31b7c674d6d5047c00753ee5ae70855f7c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8509
cf-request-id: 066b00174f0000dff37a8e1000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 14 Nov 2020 12:18:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NCzo56JsFAFjaxW3dNyiY7KrCCgtZokP7cw1TPSlk0O%2BVgNy%2Bohb4GBuVFvjdzZ%2BWbJ0DABZrhNqAQ0is2TMzM3ZtZdo32YqxXSOljm1DIMA2iqJ0BebrzKOw%2Fgs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21dd6dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 13e405f407adade686e6ef6d13a8bb06.jpg
onibusbrasil.com/storage/i/2020/11/13/t/ 9 KB
10 KB 48ms
39ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/13/t/13e405f407adade686e6ef6d13a8bb06.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2c4275e09ff55a53d1d4376f67584172c2d750f7359f10500251c0a82c3a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 9722
cf-request-id: 066b00174f0000dff34cb78000000001
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 13 Nov 2020 20:10:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XDEaahsPIWbk9JlIZhSHbMrDYwuQ1oLNZ1JxBWyVt3lNFZp95I4r3%2BY%2B%2FV9%2FvoS%2B94vsfw%2FOGmT%2F%2Fc%2BF9UQHYsIHQVkojQ1jGMK5HjcIc0g1IpEOSqZmULLX8Ib7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21dd8dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 dc4c70f721c0527760f1b9d10d08f976.jpg
onibusbrasil.com/storage/i/2020/11/13/t/ 9 KB
9 KB 46ms
37ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/13/t/dc4c70f721c0527760f1b9d10d08f976.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3019c35ae2a834245e37d4458bb0839b8b6174a34a836cede689d571d4b87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 9131
cf-request-id: 066b00174f0000dff33219e000000001
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 13 Nov 2020 20:18:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7j5Mjmm1levZgKG6FPqShv69rsA0t%2BVH1wv9lWMKnLFgGGidap7nvAbtWH3hL7HGZjc7NAhCF9DJof3GDY7airCtfaQYrpikcDoPzS6Rg6YDzZBrb9xC8j3cae1E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21dd9dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 4c80ada0fa483ee41fbe2756fcf593c0.jpg
onibusbrasil.com/storage/i/2020/11/14/t/ 9 KB
9 KB 41ms
33ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/14/t/4c80ada0fa483ee41fbe2756fcf593c0.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9744db4e39d28b04081c1f385cfdef6198b16f870e8269f63b8f53fba3c408d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8708
cf-request-id: 066b0017500000dff36b94e000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 14 Nov 2020 12:13:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z01Mus2thWsvGdwSQdhIxAECgdY69fL2AFpw7LkVD7wm4Z15sqEi7ahpDPSNd08YKbBl6TFUyOJ5ACm9IhVp%2B6D4VkpncehtfybZYKx6yQOJxkPMaIymznMftISh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21ddadff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 9ec1800912d7ffdb0934ce50dfd4cbdd.jpg
onibusbrasil.com/storage/i/2020/11/13/t/ 8 KB
9 KB 43ms
35ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/13/t/9ec1800912d7ffdb0934ce50dfd4cbdd.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4346593bafc974bbcf643fde36394e63a105e37d8522cbc3fe1ec65fa5351ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8378
cf-request-id: 066b0017500000dff394b88000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 14 Nov 2020 02:00:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xopTjxnbP0HvAHxrdaLr4b5ACJcaUjsioQLdaag%2B03wscEK9mOwZSO%2B5FOi0Y5qc7qRnS%2Ftw%2BslyP9d0grSEiBh%2B9%2FBykNYzfrQkGwhefCuLfJBfNLaEUuAXWL2u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21ddcdff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 f9242c79196810f8014ca6e81179fd1e.jpg
onibusbrasil.com/storage/i/2020/11/12/t/ 8 KB
8 KB 45ms
37ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/12/t/f9242c79196810f8014ca6e81179fd1e.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b641128357c9bafd34f17f0619d4cdcd3fc514937343b27530182d706ccdb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 7711
cf-request-id: 066b0017500000dff30d003000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 12 Nov 2020 10:04:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cDQ%2FelW5kyuFHKr2d129taW41DCaUcufrjKB3qWh1GryJSVW2Pkby6btclK%2B6riBbnXerXWYD%2BxjqNlI6ybyyA997ATMHLlD%2FjobTRLFlPzSueKyIgPBY%2FIpp%2Bzk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21ddedff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 ee9cd5b5d29c3868f77b40b608f67b0f.jpg
sp1.onibusbrasil.com/i/2020/8/1/t/ 7 KB
7 KB 55ms
37ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp1.onibusbrasil.com/i/2020/8/1/t/ee9cd5b5d29c3868f77b40b608f67b0f.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c23935f0ff65660dac4bb1d9ff4c0ed8aca34e0ceeb3ed68b289be43d1d4c2b8

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
content-length: 6925
cf-request-id: 066b0017520000dff391af5000000001
last-modified: Sat, 01 Aug 2020 20:42:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1aPX20WzZjpjVB6ebP8EYHev%2FGVcRjrYMaoIq9odY1KWtY9t7MW82LFBnPrk5267ncBX0TUAiTgvZILReEQdQmFuvMVJ3zUgs2ghjOuWWlqjVje14UOiFMwEttiNG6Ze%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5f2502d21decdff3-FRA

GET
H2 200 b3da53c9adfad3fbb91d869b8122d570.jpg
onibusbrasil.com/storage/i/2020/11/11/t/ 9 KB
10 KB 45ms
37ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/11/t/b3da53c9adfad3fbb91d869b8122d570.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd673fb16500b7a4379366af3ba04c648a31c7e9a4710de436991d3b1a5f4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 99969
status: 200
x-server-powered-by: Engintron
content-length: 9403
cf-request-id: 066b0017510000dff30433c000000001
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 11 Nov 2020 18:18:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SMWWOYJuxMHRRzvELvGgZMsV4u7SuzXIAheyoPHxje1bJ9m2Nyz84qSrdmlFl%2FLKw0FiOnQIySPQrR86b5u6MpGNHrrQkI2aubgX%2B0udZkpnXbKDXYbuY0ojw2xx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21de0dff3-FRA
expires: Tue, 12 Jan 2021 21:10:02 GMT

GET
H2 200 f85a033d357ff2b5c8447637e349e4d0.jpg
brt.onibusbrasil.com/2013/11/15/t/ 7 KB
8 KB 49ms
29ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2013/11/15/t/f85a033d357ff2b5c8447637e349e4d0.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 01017162e68df56834052d35fe181b91fe97e577c5b41504939327eb4754c354

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F8Wq7BMgyuonoOvh1mo0hhJ8RlSWZ75nNR80w1tBjY7VZDxv4HSLeiSAFs7%2BAUhNJGPuX8wUixqNyNXUeYKri9mH4ZaVeSkmJ02TLbNsWe4TD8XddHVBEpGTKIGxhDNR3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d21df2dff3-FRA
cf-request-id: 066b0017530000dff30e370000000001

GET
H2 200 54c25b975535e37d7b9704d3f5e9927a.jpg
brt.onibusbrasil.com/2017/9/15/t/ 7 KB
7 KB 49ms
30ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2017/9/15/t/54c25b975535e37d7b9704d3f5e9927a.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 2efeff5b8f5593c6b152bac3c32d112c88e49fab5f6bd049f8974e8353e0771e

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dmWWu3k6ypFxqIIYfbX3ozSNp%2BIr6yZ5KqHzh1gzwG9NfrTlWAwpg7uyjT%2BVNKZdF4t%2B6W717eMAbUWpqxtmUtyGCgjM%2FB92BVge%2F%2BCaAgKtWxLGG5L0pVIDRzdEBpCgzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d21df0dff3-FRA
cf-request-id: 066b0017530000dff334821000000001

GET
H2 200 040a3a42e6f2faea606df64d35091382.jpg
brt.onibusbrasil.com/2014/8/29/t/ 7 KB
7 KB 54ms
35ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2014/8/29/t/040a3a42e6f2faea606df64d35091382.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 9b1de76f5dc746eb149286b72b6c82dedd108682b75d40a0ef80d80567f33773

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JFOUP5%2FJjYjQvzvoKurRUvZpmbxEE%2FvcBzaawD2ERfMf%2B9Q8jADcy8LO7deCgc%2BQd%2F87lSYCp8ShfCbof6ccE%2B6FVxAUSC94NyE6o0J34YIZPjoJdroDsdqSs%2BPahRq5hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d21deedff3-FRA
cf-request-id: 066b0017530000dff3290bd000000001

GET
H2 200 5b6747c5a925f8c714eea3c55f6f14b2.jpg
onibusbrasil.com/storage/i/2020/11/12/t/ 8 KB
8 KB 46ms
39ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/12/t/5b6747c5a925f8c714eea3c55f6f14b2.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee2e5504a283dc95a84f258d22012d9ca86bba48abd0c7eb6b94032ad968e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8231
cf-request-id: 066b0017510000dff35e18a000000001
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 13 Nov 2020 02:47:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w2a6xJ%2FzadrFXMu3G%2B8elS3tNBTyjCxt1aTPYCjTFWtMJ1C8lpCqtjUaVMOAOTgVp0DdXKJ8Bh97mqcbds0Pcv303mnf7zpl8c1zryOS%2Fc8dJlkKM8dBOwa%2BwWcx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21de1dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 178b82351c2b0ac5ac33803fde43b5dd.jpg
brt.onibusbrasil.com/2017/2/3/t/ 7 KB
7 KB 49ms
31ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2017/2/3/t/178b82351c2b0ac5ac33803fde43b5dd.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 453809ad55325adcbde076f341a41d037153777f78a716324f66bd061062eaff

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uMVkKzZ0QMkyfeSkgMc6O3ScejhkCJBF0OcfBULMAZgyrTzrNERuphli9lIQ5kRsItcv3f8YZf4gjpJON5b0K6U8XP7%2Fv%2B36BMkSJpU37zUnhjhF9i%2BrHRJB525c3lgTyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d21deddff3-FRA
cf-request-id: 066b0017520000dff36896f000000001

GET
H2 200 3cc217d45fc7c15c03f0b9f17af69a9f.jpg
sp1.onibusbrasil.com/i/2020/9/6/t/ 8 KB
9 KB 45ms
27ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp1.onibusbrasil.com/i/2020/9/6/t/3cc217d45fc7c15c03f0b9f17af69a9f.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 909bb0d9b2665983ac5c9885de7fd387872f588088da810e8ecfa154b16e51d6

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
content-length: 8510
cf-request-id: 066b0017520000dff31f8c1000000001
last-modified: Sun, 06 Sep 2020 20:33:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x73dJmXnDdE8LLkcaakzKo471dehTGmFqne5GePG62ZnnM%2F%2Feh5p7ThYqvyVheWiXIhHpXkrpCoRRcCJxqJNmQzgdXVP066gxFQsDA2CPsLfI9%2FW%2FcHCY5%2FIaD97T%2FmD8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5f2502d21debdff3-FRA

GET
H2 200 ea824317346375ee8e0f2011ef1e992a.jpg
onibusbrasil.com/storage/i/2020/11/10/t/ 10 KB
10 KB 48ms
42ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/10/t/ea824317346375ee8e0f2011ef1e992a.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7986c2dea702517ded8f16b6b37a968a0bd304f200341c7ff00eebfd58b702a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 9944
cf-request-id: 066b0017520000dff34cb7a000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 10 Nov 2020 14:45:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WpYrZTMFec5qdk3kvWVpSDwQyFK6H3KQU1mJ2MCds27SYOADjZE7qBiA31Ow6hRNgpIMpbJ1Td28zfvX8daks%2FhmCWOjC0u34bylSeHZ3thSuDshj%2F9Lw0IcoHIz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21de2dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 5c4aa48cef1d601f412a6f43a5ac9d14.jpg
brt.onibusbrasil.com/2020/3/16/t/ 8 KB
8 KB 21ms
21ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2020/3/16/t/5c4aa48cef1d601f412a6f43a5ac9d14.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 4ee364fa8ce2ebb1452cfdc78eb363f7c959fac396c38159884de4ee92f95433

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mb1UGm3sAbYwqvDze2kVBqGgRMlzTWcxfEjX6srT%2BKb7SUL4DpLVJF4BtjDEc7FGdSvOKm%2BcB36Z93SHF2kzRzMDtWqdmn4yDSi6l%2BbsCd3%2B2p46V4fWP7wg0mXF%2FTAkXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d22df8dff3-FRA
cf-request-id: 066b0017560000dff35f930000000001

GET
H2 200 dd25c0144377dea438ddbb3e9a2f52d8.jpg
brt.onibusbrasil.com/2014/8/18/t/ 7 KB
7 KB 15ms
10ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2014/8/18/t/dd25c0144377dea438ddbb3e9a2f52d8.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 79c3bb69ab56749822b45b08fe7059402dac6e0f0cac0958ce56c2ca5abdfb17

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0KmYQ%2FOPBH8k0jHmJ8XXK29bdpdfGb8Pu%2Fl6C5FEgrfYBMS7nVUs2gpC4S7O6nUw%2BZ1dDDZLGlzHCnxnpt8%2FT69F2t294LekjkSN1RJU%2FtepFBPMQ8UCP02S1tADtXrnkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d24e2edff3-FRA
cf-request-id: 066b0017710000dff343220000000001

GET
H2 200 cd499ae1369aab1a7a28486eaf4f1054.jpg
onibusbrasil.com/storage/i/2020/11/11/t/ 7 KB
8 KB 44ms
38ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/11/t/cd499ae1369aab1a7a28486eaf4f1054.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0fc50f8181ab0b661756ca331990bc0028ac43dba2e88f0f117cf33aeb72d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 7609
cf-request-id: 066b0017510000dff363afe000000001
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 11 Nov 2020 21:43:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zb%2Bf9ibVViBArbym5MTkTQfiE%2BoWY2ItPZy1kk1EekHoVmuYrqqNRd7DwsYyxqPp4xKAec1Xgv9JMwnH4PkWBVaRJU%2Fqdvp8JwiJLr0ofcU8E5xOjVXarnf9JYJR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21de4dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 df64a3d0c899768ee00d03bb00075922.jpg
brt.onibusbrasil.com/2014/8/23/t/ 7 KB
7 KB 15ms
10ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2014/8/23/t/df64a3d0c899768ee00d03bb00075922.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 5e6210bc95c1603eb3fc1a64e1b6d1cb5641c00f4766e8612dff7a346d363c48

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p9TxGQhTwDcnnpN%2B81SJQGqUHONyUT%2F%2BplWsGiSbgLFuLOIqqIhbN45VfIa05LAld0UHrIEIzDssdbsvkHgjTFHCMqvuqhnvi4%2FgOSv5tVIxIqRObsXkySTa1AA2rLJJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d24e2fdff3-FRA
cf-request-id: 066b0017710000dff3781f7000000001

GET
H2 200 b0b447135209c670f50edfb3e94f0197.jpg
brt.onibusbrasil.com/2019/3/1/t/ 9 KB
9 KB 15ms
10ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2019/3/1/t/b0b447135209c670f50edfb3e94f0197.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: e94958a2be5304f49a2045d29ff70433738c9b3ba081a502faed75261e9b22a4

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lvSHsIFXZckc36CNjmpPk8bRFJYHjSAj%2Fx0j0FLUYeE2SRMgeltuOJxGNsa1YdZP2edGR1rU7s1K4lgLujUG6WPy6JTvCkY0FqsLXV4iqsabmNox%2FakGH%2Blk3sLiJEmREQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d24e30dff3-FRA
cf-request-id: 066b0017710000dff38d29b000000001

GET
H2 200 09bdd159f4161862c6121167e756c5bc.jpg
onibusbrasil.com/storage/i/2020/11/11/t/ 7 KB
7 KB 47ms
42ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/11/t/09bdd159f4161862c6121167e756c5bc.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa2fce1a6e57d409be3f7184742be9c16944a46b82f6cc9cb8dfe53a7e87d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 7009
cf-request-id: 066b0017520000dff313be7000000001
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 11 Nov 2020 16:29:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VgqPxbRmf%2Bi73aaepRAHk53aaMjB%2BCFCti8SqgxWLd19RRIOqf%2BcUY1gyLrSRG9Irkm6Ff02GUqWbDwNQN0m4uMF%2FNkwYpzW2DISIC87%2FzJbglQxfwVY%2BDeiCPrK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21de6dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 2acc8275350f289c11e17be4dfbf6713.jpg
brt.onibusbrasil.com/2019/2/24/t/ 10 KB
11 KB 16ms
12ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2019/2/24/t/2acc8275350f289c11e17be4dfbf6713.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 1f11a3f0d49a240c0acc0c0efd3afbe7427927d9c96afebdc115b57de3799a1a

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6V6NVQnwwSGdby7sspifMtAX%2BjEyMJt8wPiLvNcnrr2kLn8ux0jCXQaKK4J3xkfv12DETKwABz8Z0eNR0QdkdD2Mxw3Lap9GtOqZT7YfhUW9sVS0L6rhI6rk7GG2Msj7ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d24e31dff3-FRA
cf-request-id: 066b0017710000dff3321a0000000001

GET
H2 200 bd6bb9d5822b2e878b88414607108253.jpg
onibusbrasil.com/storage/i/2020/11/7/t/ 8 KB
8 KB 48ms
43ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/7/t/bd6bb9d5822b2e878b88414607108253.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f61a8b9218ce8e7ee815c181584f760ea112e9734325dcbe25ee391140d44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 8049
cf-request-id: 066b0017520000dff374bfd000000001
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 07 Nov 2020 15:29:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OM4H5oXa4yrvqaxN2TmujsnhiwJoFDtNgSXdCHolFEe1QgQhafpZb6hsU0iFcwEKHTQiOilYl%2BKiemAqu7IiZhaaYXM%2FJDA3jizfJ0WYxsFtS3SbAB2fMI9FtOhK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21de8dff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 cb866924eca03f58285ed3c0e6a60381.jpg
onibusbrasil.com/storage/i/2020/11/9/t/ 11 KB
11 KB 44ms
38ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/storage/i/2020/11/9/t/cb866924eca03f58285ed3c0e6a60381.jpg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2476aa6244305393866faec0b47ad76e1df2681aea6180bafe90a524612b89df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16
status: 200
x-server-powered-by: Engintron
content-length: 10874
cf-request-id: 066b0017520000dff367052000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 10 Nov 2020 00:36:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TOFbe%2FVRVXEleq7UmQlWi6slq9PXKzoTSFCv8LjeRNr5WPMm4ELdJy4NjxJxaHJ4uWze4gHCZ7%2F5FkxP3e0ab%2Fr2PQWkmUf02Njh9%2BiSEHSRfZonM5jF0X8uIvBw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d21deadff3-FRA
expires: Thu, 14 Jan 2021 00:55:55 GMT

GET
H2 200 77eb8afc70bc8d02d62e7fb17b654c6f.jpg
brt.onibusbrasil.com/2020/6/6/t/ 8 KB
8 KB 15ms
11ms Image
image/jpeg 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brt.onibusbrasil.com/2020/6/6/t/77eb8afc70bc8d02d62e7fb17b654c6f.jpg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 03455ba02a410523a0ab5bd49caa073a7ee935d7113e2fe372dc096db04bf202

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HVNeQDVndqrryaoAtVF6iAAXDkoJ6vv0XbiWc5wy%2B6nRJGbPhzO7P8rjSk2FHCAvIUJOXzjj8KZbzj8iKJHCu3aejQMkC%2BgZkrZ4h%2Fk2N6QMSu1A%2FhUmopodp0pSUaSzOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
obep: HIT
cache-control: max-age=14400
cf-ray: 5f2502d24e32dff3-FRA
cf-request-id: 066b0017720000dff36b950000000001

GET
H2 200 libs-200610.js Show response
onibusbrasil.com/js/ 647 KB
184 KB 63ms
50ms Script
application/javascript 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onibusbrasil.com/js/libs-200610.js

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c56f010db128c2f77ec6982e466f6577c418232b164c3bfc2899ddf7254f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 663136
cf-polished: origSize=662668
status: 200
x-server-powered-by: Engintron
cf-bgj: minify
cf-request-id: 066b00173b0000dff3488c2000000001
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 10 Jun 2020 07:33:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yUq590TrHPnV28DjZPnV7LC1IKnCtQfJAQMMsJhdbLxCrt%2FEep9%2Bc5ZOJOD3dnIVyVKTtKTp0PrPLoniu4FWzEJvaqtbxmjQFGl0lZSCmZ2eCMMk3cYMGqSYsT9l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5f2502d1fda9dff3-FRA
expires: Mon, 07 Dec 2020 08:43:54 GMT

GET
H2 200 bg-slidebar.png
onibusbrasil.com/img/ 64 KB
65 KB 13ms
11ms Image
image/png 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onibusbrasil.com/img/bg-slidebar.png
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/css/theme-001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82012bea7ec75ec183e280bd80c048886cb1859ef3ca6dcc2cd5858568235a53

Request headers

Referer: https://onibusbrasil.com/css/theme-001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 933319
status: 200
content-length: 65753
cf-request-id: 066b0017730000dff37a8e5000000001
pragma: public
last-modified: Wed, 02 May 2018 02:28:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0AY9qeM%2FBmxaAdia2MxxECqEDQINszJaZvn7qsb6J%2FbnDkcmttJBVWI5Je3rgZY0%2FA68Ey1bMQt9SxyPQGznajjiHBeMkva5N9ElhA%2FZLZ03p0JLbvki%2B1XUtOIV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d24e34dff3-FRA
expires: Sun, 03 Jan 2021 05:40:52 GMT

GET
H2 200 Material-Design-Iconic-Font.woff2
onibusbrasil.com/fonts/ 37 KB
38 KB 13ms
12ms Font
font/woff2 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onibusbrasil.com/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/css/libs-001.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://onibusbrasil.com
Referer: https://onibusbrasil.com/css/libs-001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 773859
status: 200
x-server-powered-by: Engintron
content-length: 38384
cf-request-id: 066b0017720000dff30d005000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 22 Jan 2018 22:26:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k3FHklld3qGVn%2FA3htZwaPgUWv5AxbKOZyUrZHbpfDHMDVr%2BcvKlLuXQ91aXrQ%2Fxt%2F%2BzlDWJkNh2BMhDThTJPBzjxWs1GDdf5SSua0JLGAZFUspu2Z6MEc7glKp6"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d25e35dff3-FRA
expires: Tue, 05 Jan 2021 01:58:32 GMT

GET
H2 200 fontawesome-webfont.woff2
onibusbrasil.com/fonts/ 75 KB
76 KB 14ms
13ms Font
font/woff2 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onibusbrasil.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/css/libs-001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://onibusbrasil.com
Referer: https://onibusbrasil.com/css/libs-001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 978757
status: 200
content-length: 77160
cf-request-id: 066b0017720000dff32cbec000000001
pragma: public
last-modified: Mon, 22 Jan 2018 22:26:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8NFw%2BTK%2BOMIfggsLxOsh9okeSp5BeNTPvxbrSt8oB9NAvqVvBt9GwTc59dRljKbH9RfCXdlac6CBlxVbnV2i0Lxat9hWsIOQZL7zAtNaJSpXKN2n18NywKZZZUk7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d25e37dff3-FRA
expires: Sat, 02 Jan 2021 17:03:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120360188-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6024
date: Sat, 14 Nov 2020 23:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 15 Nov 2020 01:15:48 GMT

GET
H2 200 prev.png
onibusbrasil.com/img/ 1 KB
2 KB 13ms
11ms Image
image/png 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/img/prev.png

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/css/theme-001.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/css/theme-001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 786651
status: 200
x-server-powered-by: Engintron
content-length: 1360
cf-request-id: 066b0018c10000dff3719e7000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 22 Jan 2018 22:26:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=opMluQswPOiTGPHPruj4084IIvie%2Fp9qqSojaFaKAH%2BmwVUjTZKKsazNnEALwPFPpnGw45GKCrVqkgks%2F6CdsIa0ovsg8DedmWvJ0PHDbMmK13ZqIY96bM%2FTfdU4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d46824dff3-FRA
expires: Mon, 04 Jan 2021 22:25:21 GMT

GET
H2 200 next.png
onibusbrasil.com/img/ 1 KB
2 KB 11ms
10ms Image
image/png 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onibusbrasil.com/img/next.png

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/css/theme-001.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/css/theme-001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 786651
status: 200
x-server-powered-by: Engintron
content-length: 1350
cf-request-id: 066b0018c10000dff30434c000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 22 Jan 2018 22:26:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kVTAOHZkmWLzNkVezxKnY4q6cNpUufnVrXZqQlMBsdcJdn4sYHI%2BzPnaAd37A8wIriF1qjN9zoa68r%2ByWIPsKD3Wqcr3%2BRgq%2FKU2mOiObgg1v9Kgd9oSw2qurfMv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d46825dff3-FRA
expires: Mon, 04 Jan 2021 22:25:21 GMT

GET
H2 200 loading.gif
onibusbrasil.com/img/ 8 KB
9 KB 13ms
12ms Image
image/gif 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onibusbrasil.com/img/loading.gif
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/css/theme-001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Referer: https://onibusbrasil.com/css/theme-001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 910525
status: 200
content-length: 8476
cf-request-id: 066b0018c10000dff3321ad000000001
pragma: public
last-modified: Mon, 22 Jan 2018 22:26:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3gf8z1un1CjZSDDX2RfodzrDfcF7fhtx8Ypn5Tz6aKyKP0K41abIeLdJ4RILmqN9YHfsthsp5tlGF91Oc8R6MJiEeDMBELZVb3TvueZmexmCK2IFiGU2XmDiOGye"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d46827dff3-FRA
expires: Sun, 03 Jan 2021 12:00:47 GMT

GET
H2 200 close.png
onibusbrasil.com/img/ 280 B
737 B 11ms
11ms Image
image/png 2606:4700:3031::681b:8c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onibusbrasil.com/img/close.png
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/css/theme-001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Referer: https://onibusbrasil.com/css/theme-001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 944337
status: 200
content-length: 280
cf-request-id: 066b0018c20000dff313bf5000000001
pragma: public
last-modified: Mon, 22 Jan 2018 22:26:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L4f26RAD0MAPJvMCDY1U1MO9ToW%2BpvZ5DUEMvk%2FiVnflhmDksJ6cs7Z2m2040gtHQnk9B42ZsMlyYTyt4TCDTmYZOJTrzCGpsqdnDcO0GAky5Oeo%2Fwx3bCr5NVcw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 5f2502d46828dff3-FRA
expires: Sun, 03 Jan 2021 02:37:15 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 stream
analytics2.m2.ai/ 0
0 86ms
29ms Other
text/plain 18.196.191.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics2.m2.ai/stream?beacon=test
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.onibusbrasil.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.191.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-191-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://onibusbrasil.com
access-control-allow-credentials: true

GET
H2 200 / Show response
analytics2.m2.ai/ 141 B
383 B 80ms
27ms XHR
application/json 18.196.191.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics2.m2.ai/?device=desktop&publisher=22120510954

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.onibusbrasil.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.191.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-191-129.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

d9e5ebfce4de6ed2c83cb224567b6dea1023ee5d588491f16fc8226d02f55542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
status: 200
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://onibusbrasil.com
access-control-allow-credentials: true
vary: Origin
content-length: 141
x-xss-protection: 1; mode=block

POST
H2 200 stream Show response
analytics2.m2.ai/ 2 B
297 B 74ms
28ms XHR
text/plain 18.196.191.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics2.m2.ai/stream?beacon=immediate

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.onibusbrasil.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.191.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-191-129.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
status: 200
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://onibusbrasil.com
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
387 B 45ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=906333072&t=pageview&_s=1&dl=https%3A%2F%2Fonibusbrasil.com%2F&ul=en-us&de=UTF-8&dt=OB%20-%20%C3%94nibus%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=668578323&gjid=190671413&cid=1785370547.1605401772&tid=UA-120360188-1&_gid=343050800.1605401772&_r=1&gtm=2oub41&z=1890987136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://onibusbrasil.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tc Show response
analytics2.m2.ai/ 62 B
302 B 33ms
33ms XHR
application/json 18.196.191.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics2.m2.ai/tc

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.onibusbrasil.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.191.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-191-129.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

cea685b23a9a25aaefe07d6c5337858806d641991b9abcef43e815a53ee62288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
status: 200
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://onibusbrasil.com
access-control-allow-credentials: true
vary: Origin
content-length: 62
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.onibusbrasil.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a79a26274c60253bdb0a153a7a2f1d60e9b0fec21dd9ceb9a1187c3ba5a3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "694 / 940 of 1000 / last-modified: 1605309537"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18109
x-xss-protection: 0
expires: Sun, 15 Nov 2020 00:56:12 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
970 B 36ms
17ms Script
text/javascript 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en-US

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.onibusbrasil.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4b846fe223b23fe04006500676830dd2645da38ae235bc26b2a70eb646b7dfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Sun, 15 Nov 2020 00:56:12 GMT

GET
H2 200 pubads_impl_2020111001.js Show response
securepubads.g.doubleclick.net/gpt/ 276 KB
98 KB 95ms
34ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99726
x-xss-protection: 0
last-modified: Tue, 10 Nov 2020 09:44:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Nov 2020 00:56:12 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/ 335 KB
131 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b4b2ca6272d6a145c9d5e85a0adf9413875ff9e231a92eabe9f6e947dc9354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://onibusbrasil.com
Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1530
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133476
x-xss-protection: 0
last-modified: Mon, 09 Nov 2020 05:27:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Nov 2021 00:30:42 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 4399 0
0 60ms
46ms Document
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&co=aHR0cHM6Ly9vbmlidXNicmFzaWwuY29tOjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=normal&cb=1k0ghpj0keid

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I4HBNfwS26hp8DFDWcZtbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&co=aHR0cHM6Ly9vbmlidXNicmFzaWwuY29tOjQ0Mw..&hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&size=normal&cb=1k0ghpj0keid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onibusbrasil.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onibusbrasil.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 15 Nov 2020 00:56:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-I4HBNfwS26hp8DFDWcZtbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10802
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=onibusbrasil.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Nov 2020 00:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 35ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onibusbrasil.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Nov 2020 00:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 349ms
315ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1892570936213996&correlator=157218408036346&output=ldjh&impl=fif&eid=21068727%2C21068735%2C21067192%2C21067447%2C21068030%2C21068418%2C21065724&vrg=2020111001&gdpr=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201115&iu_parts=22120510954%2Conibusbrasil.com_banner&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=m2_pageview%3D7807-201022-584%25401%26m2_session%3D7807-201022-584%25401%26m2_config%3D7807-201022-584%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605401772&dt=1605401772628&dlt=1605401771799&idt=790&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=90&adks=3088541759&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fonibusbrasil.com%2F&dssz=11&icsg=32939&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1110x90&msz=728x90&ga_vid=1785370547.1605401772&ga_sid=1605401773&ga_hid=906333072&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

d0a6ef33dfec5b9e197a92ff5e055f1a48564ca89872112206352f9e660920ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10550
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onibusbrasil.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
38ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
11 KB 368ms
335ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1892570936213996&correlator=3236941228974146&output=ldjh&impl=fif&eid=21068727%2C21068735%2C21067192%2C21067447%2C21068030%2C21068418%2C21065724&vrg=2020111001&gdpr=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201115&iu_parts=22120510954%2Conibusbrasil.com_mid_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&prev_scp=m2_config%3D7807-201022-584%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605401772&dt=1605401772640&dlt=1605401771799&idt=790&frm=20&biw=1600&bih=1200&oid=3&adxs=523&adys=958&adks=764958350&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fonibusbrasil.com%2F&dssz=11&icsg=32939&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=564x280&msz=300x250&ga_vid=1785370547.1605401772&ga_sid=1605401773&ga_hid=906333072&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

b75c77055beede750e7b8f255c7507273cc91df84707b38435ece6ccdc856921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11349
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onibusbrasil.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
16 KB 445ms
412ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1892570936213996&correlator=3677950266537532&output=ldjh&impl=fif&eid=21068727%2C21068735%2C21067192%2C21067447%2C21068030%2C21068418%2C21065724&vrg=2020111001&gdpr=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201115&iu_parts=22120510954%2Conibusbrasil.com_mid_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C728x90%7C728x250&prev_scp=m2_config%3D7807-201022-584%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605401772&dt=1605401772645&dlt=1605401771799&idt=790&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=3156&adks=3846512118&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fonibusbrasil.com%2F&dssz=11&icsg=32939&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1110x250&msz=300x250&ga_vid=1785370547.1605401772&ga_sid=1605401773&ga_hid=906333072&fws=0&ohw=0&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ee34285ac9b719b6bc83d9e9e47bc4dd0f3a4a604f9c2433bdcb38e4b333ec7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onibusbrasil.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 379ms
346ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1892570936213996&correlator=2247818968634648&output=ldjh&impl=fif&eid=21068727%2C21068735%2C21067192%2C21067447%2C21068030%2C21068418%2C21065724&vrg=2020111001&gdpr=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201115&iu_parts=22120510954%2Conibusbrasil.com_side_ad&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=m2_config%3D7807-201022-584%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605401772&dt=1605401772649&dlt=1605401771799&idt=790&frm=20&biw=1600&bih=1200&oid=3&adxs=1030&adys=629&adks=2608658286&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fonibusbrasil.com%2F&dssz=11&icsg=32939&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=350x250&msz=300x250&ga_vid=1785370547.1605401772&ga_sid=1605401773&ga_hid=906333072&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

fae10fa9fb8b129c5ee20f55470bbaa16b91c8776c2d9163af02d5aed48e18a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11448
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onibusbrasil.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
25 KB 368ms
336ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1892570936213996&correlator=47617053323981&output=ldjh&impl=fif&eid=21068727%2C21068735%2C21067192%2C21067447%2C21068030%2C21068418%2C21065724&vrg=2020111001&gdpr=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201115&iu_parts=22120510954%2Conibusbrasil.com_home_side_ad&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x600&prev_scp=m2_config%3D7807-201022-584%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605401772&dt=1605401772654&dlt=1605401771799&idt=790&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=2321&adks=3180763129&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fonibusbrasil.com%2F&dssz=11&icsg=32939&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=350x600&msz=160x600&ga_vid=1785370547.1605401772&ga_sid=1605401773&ga_hid=906333072&fws=0&ohw=0&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

36acd7bb476a4bee2beb495b949536997d48d3c5e9a05c8bf7c25df5577ff774

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9662236460166522071/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9662236460166522071/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWPjNOrg-0CFTLhuwgdhG0FIA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9662236460166522071/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9662236460166522071/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9662236460166522071/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWPjNOrg-0CFTLhuwgdhG0FIA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9662236460166522071/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24881
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 15 Nov 2020 00:56:13 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onibusbrasil.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
25 KB 398ms
367ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1892570936213996&correlator=2369875765692904&output=ldjh&impl=fif&eid=21068727%2C21068735%2C21067192%2C21067447%2C21068030%2C21068418%2C21065724&vrg=2020111001&gdpr=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201115&iu_parts=22120510954%2Conibusbrasil.com_anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C1x1&prev_scp=m2_config%3D7807-201022-584%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605401772&dt=1605401772657&dlt=1605401771799&idt=790&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1510&adks=2097013878&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fonibusbrasil.com%2F&dssz=11&icsg=32939&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4466&msz=1600x-1&ga_vid=1785370547.1605401772&ga_sid=1605401773&ga_hid=906333072&fws=512&ohw=0&btvi=3&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

aa067ade04ad1ff0441aa76b48d34ef6bb19272799ab294dae2b1e5dd6ed2c02

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10112385526212708493/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10112385526212708493/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLuIjNOrg-0CFcLHuwgdJm8B8A&gqi=&layout=/sadbundle/%24csp%253Der3%24/10112385526212708493/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10112385526212708493/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10112385526212708493/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLuIjNOrg-0CFcLHuwgdJm8B8A&gqi=&layout=/sadbundle/%24csp%253Der3%24/10112385526212708493/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24916
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 15 Nov 2020 00:56:13 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onibusbrasil.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 7325 0
0 23ms
23ms Document
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&cb=t0okwmo5tb8i

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LvNzsI7CRv2sar23GYSjdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&cb=t0okwmo5tb8i
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onibusbrasil.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onibusbrasil.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 15 Nov 2020 00:56:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-LvNzsI7CRv2sar23GYSjdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1172
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame F2A0 180 KB
51 KB 37ms
5ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame F2A0 13 KB
5 KB 54ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame F2A0 90 KB
27 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame F2A0 3 KB
1 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38375
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame F2A0 41 KB
13 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
DATA 200
OK truncated
/ Frame F2A0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db3631b165b258f36c64fd4880ab6203d8a0653f40efdd261b096f6f41f94654

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9518704366395726274
tpc.googlesyndication.com/simgad/ Frame F2A0 16 KB
16 KB 37ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9518704366395726274?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnOAipV9gsc0BoAD7wowmUpIVzRtg

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657ebf6a375f9258019f8d5944b11223eadc3332ba59e5049c0b7fd8200a11ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 17:45:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Nov 2020 22:21:04 GMT
server: sffe
age: 457858
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16122
x-xss-protection: 0
expires: Tue, 09 Nov 2021 17:45:15 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F2A0 3 KB
3 KB 37ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 21:09:26 GMT
x-content-type-options: nosniff
age: 13607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
server: cafe
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 21:09:26 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F2A0 344 B
402 B 36ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
age: 48164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
server: cafe
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 11:33:29 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F2A0 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVu5xtJJYTQwdwfuNjM8QUGojdOIYDG_AO-F78utwGKKJWJJSgb8zhc86Mx4vrb5g7uP50
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F2A0 0
0 47ms
47ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-i92rHywX-T5LfPX7_UP6OSgwAHRiPuPYMqBjcL5DIXdo6fZAhABIPCpwXZg9ZXOgeAEoAHAlO_8A8gBAuACAKgDAcgDCKoE8gFP0HiQVQSvKGkTCioek98WuBhvAHjFpiBgWmn7xHyo_qGJrwYYH0qohdlrVmbJQZPFqwXCMZCHKaoWrfQoEL3txYWeoy7TQyjfWcnc9wa5L2JBRkO6_AGVU3rWUOJRvuLaTsRADKjEK8EMb3hxR4efxowAeUOnrKXbk8gYoRmoZP4tQ8iGo_QWBOkP7N-eEDmf7v9b_AZxhNPjpYYe4gIrDfhe4D_Nc6L_YDqTAHe8lJUkt26BPpEY0kMm9T-mgXQHO3hfx4iSLjN2ySlFEejkV1NsXAbcziuOe5Sg2VmrkQKYmD9UcPJUkik6kcF1S0wqLMAEnM7pqOIC4AQBkgUECAQYAZIFBAgFGASgBgKAB6jrkAOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ9fgE0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi03OTY4MTg4NzUyODA2MzQ2gAoDyAsB2BMMshcaChgIARIUcHViLTYxOTAwOTYzMzg5Nzk4ODY&sigh=wuaZ_bCscjM&tpd=AGWhJmuCVBpyUcp6gwrjmOXUh9r-nNFa6E3jXbxCEbYu3fyL6w
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 43ms
17ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f062f6dd5644b70c6bbcfa70291dc9e2db7f0d6495381b74b7a25376d63c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Nov 2020 00:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6524
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame E6C6 180 KB
50 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6C6 13 KB
5 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6C6 90 KB
27 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6C6 3 KB
1 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38375
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6C6 41 KB
13 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E6C6 5 KB
1 KB 49ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 15 Nov 2020 00:14:37 GMT
server: ESF
date: Sun, 15 Nov 2020 00:56:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Nov 2020 00:56:13 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E6C6 5 KB
687 B 50ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Nov 2020 23:39:41 GMT
server: ESF
date: Sun, 15 Nov 2020 00:56:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Nov 2020 00:56:13 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E6C6 3 KB
3 KB 32ms
24ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 21:09:26 GMT
x-content-type-options: nosniff
age: 13607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
server: cafe
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 21:09:26 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E6C6 344 B
811 B 14ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
age: 48164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
server: cafe
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame E6C6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61616bd704a0d8cfc332017910519051fcb77fa4f0349fec611650ffea0b4ff

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2253862790643701118/ Frame E6C6 23 KB
24 KB 123ms
115ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2253862790643701118/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIzgIQrwEYASABLQAAAD8wzgI4rwFFAACAPw&rs=AOga4qkMnWpztssc9pAML-WASF9k5yVWRA

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a77b77383df3b0d7af5bdc7a823d9a717eca0f890f584596c2f7936c4a588d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Jan 2020 14:33:19 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23950
x-xss-protection: 0
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/924839448970135228/ Frame E6C6 16 KB
16 KB 125ms
123ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/924839448970135228/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qnH7707mwNHXvTPHQj__SSFi4PB0w

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df48d5f9f7ec787972f99497f99a00c9c297b46b2750fbd160e508646892d4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Jan 2020 14:33:19 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16697
x-xss-protection: 0
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E6C6 0
0 44ms
36ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYvVIrHywX8KPLp2YlQfyoYqYA9v6-fBfj46lzd8L6NWvs5MTEAEg8KnBdmD1lc6B4ASgAd_12sMDyAEGqQIRJ-Q3hmGyPuACAKgDAcgDCqoE8gFP0Bmh6m7SJ39bqVV3m9ETbHrD3QM9gAWcySVoJ8xVT5DPKi7X5mROfbq6smX3P6krwv2yZty1UxEo_oZEhsvZTWAIJ0CPGBU7HhBFt9Kx1RMISWryScbRxr10-4KvQkz0ZuHm1VcjYXpDKOTrqTMxilzLqrXX0jtiwvLKagRhI2BQKoAMI8WKQBBEXqchF9bA85JNMN9NpFBRb69Np7XOsli4vrJLz6MQQNPx1GB2K9YO2xRAaQy3nfBoaoAa2GpC4MaUCBN1S9ZYi1oCdmMBjE8kzVeF60D8ja9IqOP2ttKo7wsIIbuYsQh0qfVhswWbU8AEjInN6q8C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB4mKpTyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQs5oK0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi03OTY4MTg4NzUyODA2MzQ2gAoDyAsB2BMMiBQEshcaChgIARIUcHViLTYxOTAwOTYzMzg5Nzk4ODY&sigh=S6dOwcCEsFo&template_id=492&tpd=AGWhJmt38eVDXM9iLQCrUcmwsXUMqZb0oEz1BmldEA4aCTUkTQ
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame AC94 180 KB
50 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AC94 13 KB
5 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AC94 90 KB
28 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AC94 3 KB
1 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38375
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AC94 41 KB
13 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38380
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame AC94 5 KB
687 B 32ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Nov 2020 23:03:15 GMT
server: ESF
date: Sun, 15 Nov 2020 00:56:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Nov 2020 00:56:13 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame AC94 5 KB
687 B 31ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Nov 2020 23:46:32 GMT
server: ESF
date: Sun, 15 Nov 2020 00:56:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Nov 2020 00:56:13 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AC94 3 KB
3 KB 44ms
22ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 21:09:26 GMT
x-content-type-options: nosniff
age: 13607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
server: cafe
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 21:09:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AC94 344 B
439 B 44ms
23ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
age: 48164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
server: cafe
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame AC94 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f03e501c2ac5028f0a92ea880b02c4c186a1752dada47616ebc640e0ad44071

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/886985984197516931/ Frame AC94 26 KB
26 KB 94ms
77ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/886985984197516931/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qkBbdDHh_zxlcy5vrRx_VzMyA69Aw

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

816d3646becf7bef483f27dbd51bd83b1705d5f32fa517826adfebe7c6c11cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Jun 2019 13:10:06 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26418
x-xss-protection: 0
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7238359216372219255/ Frame AC94 4 KB
4 KB 52ms
35ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7238359216372219255/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qmQrxcO8n9gRHyKEKXRtpd-UY76AA

Requested by

Host: onibusbrasil.com
URL: https://onibusbrasil.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b20ee85077fff671248d900bf6b73c8ee002cd63c96abe7e8405f189415be0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jun 2020 12:05:00 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4217
x-xss-protection: 0
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC94 0
0 53ms
37ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu5XnrHywX9WWLrbc7_UPoPWdcNv6-fBfxvjjwsAJ6NWvs5MTEAEg8KnBdmD1lc6B4ASgAd_12sMDyAEGqQIRJ-Q3hmGyPuACAKgDAcgDCqoE-wFP0KyvzVdyYUkRf6nTwknAa2gIgzSX0Bvq8N2KQTW-lXOSOIGr9_7c2bo8AtNiGbH2K0dNqTjYkxFJaABH_6QF_MYYpsVWJ7dLjyvdKKIVAhrt-QUwPkCmLx35uI1fmxd1PiAE00e2mNjZr09WmN2FOXZHVmezxL1wb-SyEC-_p1mp8pRFhGWbRbRJyD3wui355qs7pji9TQiQ38LOGs-q4kxRohyiqSHzQ_U2NT7AL4-l0qINK12GxvrEarro6zxj57D-lxTL01QA3HrATV7FDzL3DJJdIM0rD4WOb8m6DGNt_skgFgdAqIuukrEZwCkFgNLP28YVY9JqkMAEjInN6q8C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB4mKpTyoB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCXuQvSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTc5NjgxODg3NTI4MDYzNDaACgPICwHYEwyIFASyFxoKGAgBEhRwdWItNjE5MDA5NjMzODk3OTg4Ng&sigh=1sSIeruApIE&template_id=492&tpd=AGWhJmtZELHKF96xh5RBUOlx96ITbQ3gxG3qt9fFK1VGopQpFg
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame AC94 0
0 30ms
14ms Image
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOm24aJbKqmZgQow1JxvqGH3w7RInYlLForesSyHM_HuH6u49Ig-phsW9hOz8PVUqSO19d
Requested by: Host: onibusbrasil.com
URL: https://onibusbrasil.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 39E4 0
0 53ms
38ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onibusbrasil.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onibusbrasil.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 15 Nov 2020 00:56:12 GMT
expires: Mon, 15 Nov 2021 00:56:12 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 54ms
38ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
expires: Sun, 15 Nov 2020 00:56:13 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sun, 15 Nov 2020 00:56:13 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E6C6 11 KB
11 KB 65ms
51ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://onibusbrasil.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 09:05:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 143446
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 13 Nov 2021 09:05:27 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E6C6 11 KB
11 KB 60ms
51ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://onibusbrasil.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 17:20:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 113750
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 13 Nov 2021 17:20:23 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AC94 11 KB
11 KB 54ms
51ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://onibusbrasil.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 17:20:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 113750
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 13 Nov 2021 17:20:23 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AC94 11 KB
11 KB 54ms
51ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://onibusbrasil.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 09:05:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 143446
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 13 Nov 2021 09:05:27 GMT

GET
H3-Q050 200 container.html
5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F702 0
0 48ms
48ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onibusbrasil.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onibusbrasil.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 15 Nov 2020 00:56:12 GMT
expires: Mon, 15 Nov 2021 00:56:12 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 16ms
14ms Fetch
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=onibusbrasil.com&host=onibusbrasil.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 840D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onibusbrasil.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onibusbrasil.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 15 Nov 2020 00:56:12 GMT
expires: Mon, 15 Nov 2021 00:56:12 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F2A0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E6C6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 93EB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onibusbrasil.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onibusbrasil.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sun, 15 Nov 2020 00:01:56 GMT
expires: Mon, 15 Nov 2021 00:01:56 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3257
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame AC94
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 9518704366395726274
tpc.googlesyndication.com/simgad/ Frame F2A0 16 KB
16 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9518704366395726274?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnOAipV9gsc0BoAD7wowmUpIVzRtg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657ebf6a375f9258019f8d5944b11223eadc3332ba59e5049c0b7fd8200a11ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 17:45:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Nov 2020 22:21:04 GMT
server: sffe
age: 457858
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16122
x-xss-protection: 0
expires: Tue, 09 Nov 2021 17:45:15 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F2A0 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 21:09:26 GMT
x-content-type-options: nosniff
age: 13607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
server: cafe
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 21:09:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F2A0 344 B
439 B 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
age: 48164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
server: cafe
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2253862790643701118/ Frame E6C6 23 KB
23 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a77b77383df3b0d7af5bdc7a823d9a717eca0f890f584596c2f7936c4a588d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
age: 0
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23950
x-xss-protection: 0
last-modified: Thu, 16 Jan 2020 14:33:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/924839448970135228/ Frame E6C6 16 KB
16 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df48d5f9f7ec787972f99497f99a00c9c297b46b2750fbd160e508646892d4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
age: 0
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16697
x-xss-protection: 0
last-modified: Thu, 16 Jan 2020 14:33:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E6C6 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 21:09:26 GMT
x-content-type-options: nosniff
age: 13607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
server: cafe
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 21:09:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E6C6 344 B
439 B 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
age: 48164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
server: cafe
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/886985984197516931/ Frame AC94 26 KB
26 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

816d3646becf7bef483f27dbd51bd83b1705d5f32fa517826adfebe7c6c11cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
age: 0
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26418
x-xss-protection: 0
last-modified: Tue, 25 Jun 2019 13:10:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7238359216372219255/ Frame AC94 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b20ee85077fff671248d900bf6b73c8ee002cd63c96abe7e8405f189415be0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
age: 0
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4217
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 12:05:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Nov 2021 00:56:13 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AC94 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 21:09:26 GMT
x-content-type-options: nosniff
age: 13607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
server: cafe
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 21:09:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AC94 344 B
369 B 8ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
age: 48164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
server: cafe
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 15 Nov 2020 11:33:29 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111001&jk=1892570936213996&bg=!DwylDCzNAAUoamvQKFgV1s0TWk-EkwIAAAC-UgAAABtoAQcKARYDcd6Ds54-iQxqATKbuIZyB8l5xk2NKumqI3hDEYLDcCnmJk5whuzbeXSEnRFavEp1XjZZ230Z5vCQ5fJQ3tds1A9BDRVFgthNW2EH8kvTEYVqhOcZPcdqIMg3YJzFTlutUvB-HaGAt1hPf1QuzWXyvLtOaDGRBifaiE5zGn1-AcvGw1n55DovvX9ruONTdqn7gCOTr2d5lVLsYqN8ugaMteh1Injn-Z2AyKLg_H_E46iREmayzl614dnSkbEsbB_lBL025pdqbCiPK7rYcMqrrJ0ysOgvaeddttAiWqFh2DbPORBWgjho0O3Qe-8CMoIdURfM7FYT7UI_7LJ_jbtGTUkYMZnfBIKfy3xajqEDnnWKzTALa5kBuV0AqbFIZDn77CyNz96txL6tfw85jdIqcSdNRAY8nXpImTZgIiEf0kczr1N8kfYRm0btX0mpnb9IKP4QQljxTIyf74UhlqxTKp3CXK6dPM7YSx-uTwIdDDzT9rhjuQmYebvJgpyTxPug_9BEGMvnhc2Ft1oZHJv7Dqmw9xT4YUkcCOLMEBxRiOJPdTgamw_hUbfAk1AvbVHwDbx_-6SZabZ4mGbn8wg5C-AED33zl7OTNvWkPtD914y_Dot5kbKf21pq9Hbnx1A2CsA0WSldVjVNnZyzgAEnloFl1szDtRP8LgVWNGknUBlAytV0CYT5wXaNHHHVRlYOstoIzXHOInc3akPrrqgE-3EBN1gBctSJldKZrbXSxG0Hfu5YfW1UlwoFVmzHpp_KVxC4uu6J5T9mUEp0KIdlVdqdLJdd2Z4ZlAODgBxKVDCDTJa15IPSX0-CpIJez-l8iXnDbAQdOkVqffxqBfHixcb5q6eu-k5g6gwIoORPHpycCVzqGgWmAbssZFzdBsuJKFb-ezP0CH_a84PiRH5dGc9XWgPtdLlaYFxl9ae5Ri4M9KeLh8mFkvm7fJxikGp0aw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 00:56:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F2A0 42 B
94 B 17ms
16ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXERMh-pA_ZIdFyZvzo-HSn3nqsLX162lo6AIvyknXIdo29MJLOSpE01dO5H9Ejvy08Bnn91i5whjt__bMa52Geh3nVjVIWLCm0aEnC_lnhApSNEmLtbEFgVwbrQ&sai=AMfl-YSnr2cbkQx0buake2ODmsXlqQmKI_ljGZ29aCDiyidKp6vO3y3B3Goduk9-cWnmctlY79m99yJ3j_3F67uKPpSYNPm2avqOJfwZYhN2URYFHqYQJwz4Oj0SeoLsShzp&sig=Cg0ArKJSzO4KX7p5Kt94EAE&cid=CAASPeRoQiKfOHBGmIAtjkRpL3zT1DW0ruvP0TXWAqV-JUXkJkMDOf0eQSP2Uz3BVHKJ2WhFGSeFwwzK6cKjcI0&id=ampim&o=320,90&d=960,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=371&tls=1372&g=100&h=100&tt=1372&r=v&avms=ampa&adk=3088541759

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 00:56:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E6C6 42 B
66 B 26ms
26ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscDISZDf9LBHMNkZI1T_3FchhcRq_5Gbvy8t3xmpwgB7tcP-pMbHkc_wrFR1daAq58AqQ6IIFx6aXRSCb3CDJ6srlmMcV8rCSbaN3K5PLTUT_siGqIepYR4QCMfjC9HQEuAonhqwuW7MqDeeuikaLw-w&sai=AMfl-YTJ4DeGdvDiujjOIVWYAXcTuMAsG6N3cqYOLwoZprv9NQ2LVbnRUN-nMJ-jjMqydebz8znuxIcOhD5E6mZ0GU_c9KBRswqI6sRy0XeO7-Cwv1IRx0js2biPZUREGjhg&sig=Cg0ArKJSzDfpDppzHTdlEAE&cid=CAASPeRoJa1EPzZ8i73C1Q-WsX-53Sn5r_idLvD4zCdIwtpKeAVh-qop3RZkX47hjOfMEPXYM6t9kxOyJ4yEgPw&id=ampim&o=505,958&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=307&tls=1308&g=86.42857074737549&h=86.42857074737549&tt=1308&r=v&avms=ampa&adk=764958350

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 00:56:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AC94 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXHdD9RdEWF17wUiV6LnF0Vha0W8GQ-oPxFn5hxNqe42_8aqURYM0zVVwB1yZQUgRQfYP-zoFPNu90EeGDRqEhvciFFSVsuoXu__juYFuiqgYCtKmX_0oD7BbtNaQwIoSm1-k1VguyNlq7ZXaIFMFRBA&sai=AMfl-YRpML3p00sWpJctfZWQLHKEFHMAt9CV_IPMbPXNt3UVclf7XP-gF4-vzUqW6khSpDDod8DMxdTkBNVtaCduDp_08IwmnwHx2KiWiBte8K158HL6spohP8i_nSt1Yr8&sig=Cg0ArKJSzIkqI6POv_A8EAE&cid=CAASPeRoE17kp6-TRLPWkEdgNy5DVyBV2pQuWbje3mjPaY8HTaLLW-cQGcDA6xspTZwn2iBlwwEUrhkDY2NplOU&id=ampim&o=1030,629&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=284&tls=1286&g=100&h=100&tt=1286&r=v&avms=ampa&adk=2608658286

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onibusbrasil.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Nov 2020 00:56:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onibusbrasil.com/	1970-01-19 13:58:08	Name: pg_pv_time_1 Value: 414
onibusbrasil.com/	1970-01-19 14:11:05	Name: pg_bot_reason Value: wbdr
onibusbrasil.com/	1970-01-19 13:58:08	Name: pg_tc_response_time Value: 161
onibusbrasil.com/	1970-01-19 14:39:53	Name: pg_bot_percent Value: 99.99
onibusbrasil.com/	1970-01-19 13:58:08	Name: pg_bot_model Value: 1
onibusbrasil.com/	1970-01-19 14:11:05	Name: pg_ua Value: Mozilla/5.0 (Macintosh Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
onibusbrasil.com/	1969-12-31 23:59:59	Name: pg_pl Value: 13
onibusbrasil.com/	1970-01-19 13:58:08	Name: pg_tc Value: sample
onibusbrasil.com/	1970-01-19 13:56:45	Name: pg_session_id Value: 7458e09a-3e5f-46cd-8aa5-30a075dbdf54
onibusbrasil.com/	1970-01-19 22:42:17	Name: pg_mm2_cookie_a Value: 7458e09a-3e5f-46cd-8aa5-30a075dbdf54
onibusbrasil.com/	1970-01-19 14:39:53	Name: pg_ip Value: 185.156.175.107
onibusbrasil.com/	1969-12-31 23:59:59	Name: pg_geo Value: {"country":"CH","region":"ZH","ip":"185.156.175.107"}
onibusbrasil.com/	1969-12-31 23:59:59	Name: pg_analytics Value: disabled
.onibusbrasil.com/	1970-01-19 13:56:41	Name: _gat_gtag_UA_120360188_1 Value: 1
.onibusbrasil.com/	1970-01-19 13:58:08	Name: _gid Value: GA1.2.343050800.1605401772
onibusbrasil.com/	1970-01-19 13:58:08	Name: pg_quick_check Value: true
.onibusbrasil.com/	1970-01-20 07:27:53	Name: _ga Value: GA1.2.1785370547.1605401772
onibusbrasil.com/	1970-01-19 13:56:45	Name: pg_session_depth Value: 1
.onibusbrasil.com/	1970-01-19 14:39:53	Name: __cfduid Value: d2426756a45cf260980708230bd5914f01605401771
onibusbrasil.com/	1970-01-19 14:39:53	Name: pg_custom_timeout Value:
.onibusbrasil.com/	1970-01-19 13:56:48	Name: ob4_session Value: eyJpdiI6IkJDK2liakIwTmQ0WFI4dTVGdHp4VXc9PSIsInZhbHVlIjoiajZTcDFJNW8rQVwvbVZOSFJkYUR4NHR5UnlWaTg3c3R1cWJsWnVMRytqN1RjbWo2eFlVSHJaQWxQakpUSkt1cFMiLCJtYWMiOiJkZDI3NjE0OWQ0MzVmYTk3YmEwMTIxY2E2OTY2OGNhYTU0ZjA5OWEwZTNlNTBhMGNhNGUxZTBjYTE2NGFkYWIzIn0%3D
.onibusbrasil.com/	1970-01-19 13:56:48	Name: XSRF-TOKEN Value: eyJpdiI6IkYrTm9WYUQrMU5LNlNtMnl1dGpDbWc9PSIsInZhbHVlIjoiWmZWWnJnaWZRcE9vTEtBZnpPd1wvMEpKVE95YjJPOXBnaksxbWtpblppbGd4am9QbXJzOUpzZUNEM1VuYVRBNVgiLCJtYWMiOiIxOTZiMTE4MTFiYzQ1NmVkNDBjZGE2OTczM2NiZjRiODUzMDhkNDFjYjBhZWU0MmFhNDk4M2I0ZTQ3YTFhODlkIn0%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://onibusbrasil.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://onibusbrasil.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://onibusbrasil.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ea4d56f56ce1a2022fd7a027010daae.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
analytics2.m2.ai
brt.onibusbrasil.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
m2d.m2.ai
onibusbrasil.com
pagead2.googlesyndication.com
platform-lookaside.fbsbx.com
securepubads.g.doubleclick.net
sp1.onibusbrasil.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
18.196.191.129
216.58.207.66
2606:4700:3031::681b:8c3a
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:802::2001
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:81d::2003
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
54.239.192.92
01017162e68df56834052d35fe181b91fe97e577c5b41504939327eb4754c354
03455ba02a410523a0ab5bd49caa073a7ee935d7113e2fe372dc096db04bf202
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06a79a26274c60253bdb0a153a7a2f1d60e9b0fec21dd9ceb9a1187c3ba5a3cd
0b20ee85077fff671248d900bf6b73c8ee002cd63c96abe7e8405f189415be0e
0cd673fb16500b7a4379366af3ba04c648a31c7e9a4710de436991d3b1a5f4f9
0e93984ce194bd4aabf272e1056694b0c057f7df036d82f79e6bb4db6fc01656
1254f47fda9cf5c338f650018f210c22cdb31b2d007ae5ebed6d818dd1daf72e
135ef0ad977ebdc657e5a8e841c6a31cc4d9e49ea7d3e47298e99beea9f69ee4
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1f11a3f0d49a240c0acc0c0efd3afbe7427927d9c96afebdc115b57de3799a1a
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
22f062f6dd5644b70c6bbcfa70291dc9e2db7f0d6495381b74b7a25376d63c11
2476aa6244305393866faec0b47ad76e1df2681aea6180bafe90a524612b89df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2efeff5b8f5593c6b152bac3c32d112c88e49fab5f6bd049f8974e8353e0771e
2fe582bafbceb4bc5a8af68877ea06cf5b392d359e149f758472145d31d3def5
36acd7bb476a4bee2beb495b949536997d48d3c5e9a05c8bf7c25df5577ff774
396171a809c1929d754f948bf3d4344399f73822008f0b170fd196c09b6f1cc8
3b641128357c9bafd34f17f0619d4cdcd3fc514937343b27530182d706ccdb6f
426f61abc23d6e3d3828bae17092c8db3301629ac8190174fbfa37f3c76f80a0
4346593bafc974bbcf643fde36394e63a105e37d8522cbc3fe1ec65fa5351ca2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453809ad55325adcbde076f341a41d037153777f78a716324f66bd061062eaff
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
4c8bab4b33b835f7366eb3d14bda2adc9652e0f17e3e10aa18e4274369d67a5b
4ee364fa8ce2ebb1452cfdc78eb363f7c959fac396c38159884de4ee92f95433
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e
5c2c4275e09ff55a53d1d4376f67584172c2d750f7359f10500251c0a82c3a4b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5e6210bc95c1603eb3fc1a64e1b6d1cb5641c00f4766e8612dff7a346d363c48
5fb686f3af593d4a5d61575a65682ebaa6a5ec362b757b3ed593a69ab425b7ce
63f61a8b9218ce8e7ee815c181584f760ea112e9734325dcbe25ee391140d44f
657ebf6a375f9258019f8d5944b11223eadc3332ba59e5049c0b7fd8200a11ee
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69c56f010db128c2f77ec6982e466f6577c418232b164c3bfc2899ddf7254f17
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2e9a05372d2ff3512b66debcadaa3fb0d1b9be0ef3193559c03535b59bd993
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
769a4a180b318e0e69fb8cba4a292bbad227f99236f0dea50603e0d2524a3305
7986c2dea702517ded8f16b6b37a968a0bd304f200341c7ff00eebfd58b702a2
79c3bb69ab56749822b45b08fe7059402dac6e0f0cac0958ce56c2ca5abdfb17
7fa2fce1a6e57d409be3f7184742be9c16944a46b82f6cc9cb8dfe53a7e87d8b
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
816d3646becf7bef483f27dbd51bd83b1705d5f32fa517826adfebe7c6c11cfd
82012bea7ec75ec183e280bd80c048886cb1859ef3ca6dcc2cd5858568235a53
878553bd3c405aa0a175973e069c25a0d18df46442c191ab5d265e2ea8327351
8e24e9c5ef1cec032c5eddd145fa09cd4259912a0e51f4055e0e64a35d0d2d94
8eacec47783317c9e9e04ca2dab99b6044b793e4114d0491bc8c4e414c9f9e10
8f03e501c2ac5028f0a92ea880b02c4c186a1752dada47616ebc640e0ad44071
909bb0d9b2665983ac5c9885de7fd387872f588088da810e8ecfa154b16e51d6
9744db4e39d28b04081c1f385cfdef6198b16f870e8269f63b8f53fba3c408d5
9b1de76f5dc746eb149286b72b6c82dedd108682b75d40a0ef80d80567f33773
9c35f6fd3d9a9209a55cc4507785c3400a9f9872645e273f2bd3ffd85417629e
a0738ea93f16187f5279e792b88c1c880033b2b1b0abd3813b16097dbac2b185
a182b93249bd6795664a084041a389bc845c29b2b3e565bdca6604128b7bc66f
a1ce4751f1c5154f124652da1afe3d42a39f40c305c1919b60a13d8067cd8409
a2f5037b70a506030c369a574344e67e39672563c105ad2c9329bae38fcabe2e
a586a13c00fc41d14b297e15d079b256122ed578cdd585328f2820aad801a65f
a77b77383df3b0d7af5bdc7a823d9a717eca0f890f584596c2f7936c4a588d1d
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
aa067ade04ad1ff0441aa76b48d34ef6bb19272799ab294dae2b1e5dd6ed2c02
aa6e58c29ac39841e6f596dff2688d20acc39047e007b4a28ea6c9b727a20102
ac8ff1c211707f38ccbb56ad058a31b7c674d6d5047c00753ee5ae70855f7c50
af3019c35ae2a834245e37d4458bb0839b8b6174a34a836cede689d571d4b87d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a1209b0766ecf30dd090bc1d27e2e84770e4c32fa7b47d5f05cb0ac4b55972
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61616bd704a0d8cfc332017910519051fcb77fa4f0349fec611650ffea0b4ff
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b75c77055beede750e7b8f255c7507273cc91df84707b38435ece6ccdc856921
b7dc72474da8ca27739e09dbb9427b96171106257ca461b3d50ff976805d120a
becc2a0625e25f3fc4d89c3ba430de4988cafbbea34b857f8b08431b1783a2bc
c23935f0ff65660dac4bb1d9ff4c0ed8aca34e0ceeb3ed68b289be43d1d4c2b8
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cea685b23a9a25aaefe07d6c5337858806d641991b9abcef43e815a53ee62288
d0a6ef33dfec5b9e197a92ff5e055f1a48564ca89872112206352f9e660920ea
d9e5ebfce4de6ed2c83cb224567b6dea1023ee5d588491f16fc8226d02f55542
db3631b165b258f36c64fd4880ab6203d8a0653f40efdd261b096f6f41f94654
df48d5f9f7ec787972f99497f99a00c9c297b46b2750fbd160e508646892d4d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e78bb1b1f18b39b513798370107b26f74a0cce1ef5324966092ae3177ef98dc0
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
e94958a2be5304f49a2045d29ff70433738c9b3ba081a502faed75261e9b22a4
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ee34285ac9b719b6bc83d9e9e47bc4dd0f3a4a604f9c2433bdcb38e4b333ec7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fc50f8181ab0b661756ca331990bc0028ac43dba2e88f0f117cf33aeb72d00
f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198
f4b846fe223b23fe04006500676830dd2645da38ae235bc26b2a70eb646b7dfe
f8b4b2ca6272d6a145c9d5e85a0adf9413875ff9e231a92eabe9f6e947dc9354
fae10fa9fb8b129c5ee20f55470bbaa16b91c8776c2d9163af02d5aed48e18a2
fee2e5504a283dc95a84f258d22012d9ca86bba48abd0c7eb6b94032ad968e83

onibusbrasil.com Open in urlscan Pro 2606:4700:3031::681b:8c3a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

143 Requests

100 %HTTPS

82 %IPv6

14 Domains

22 Subdomains

17 IPs

3 Countries

1986 kBTransfer

5086 kBSize

22 Cookies

3 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onibusbrasil.com Open in urlscan Pro
2606:4700:3031::681b:8c3a Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

100 %
HTTPS

82 %
IPv6

14
Domains

22
Subdomains

17
IPs

3
Countries

1986 kB
Transfer

5086 kB
Size

22
Cookies

143 HTTP transactions
5 data transactions