Submitted URL: http://gestaodefretes.com/
Effective URL: https://gestaodefretes.com/
Submission Tags: suspect
Submission: On September 02 via api from BR — Scanned from US

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 23 HTTP transactions. The main IP is 104.16.36.105, located in and belongs to CLOUDFLARENET, US. The main domain is gestaodefretes.com.
TLS certificate: Issued by WE1 on August 31st 2024. Valid for: 3 months.
This is the only time gestaodefretes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 104.16.36.105 13335 (CLOUDFLAR...)
1 104.17.124.183 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 142.250.65.202 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:21d... 16509 (AMAZON-02)
23 7
Domain Requested by
13 gestaodefretes.com gestaodefretes.com
4 fonts.gstatic.com fonts.googleapis.com
3 d1muf25xaso8hp.cloudfront.net gestaodefretes.com
1 fonts.googleapis.com gestaodefretes.com
1 cdnjs.cloudflare.com gestaodefretes.com
1 febfde3013e9c16aa813b5094e933399.cdn.bubble.io gestaodefretes.com
23 6

This site contains no links.

Subject Issuer Validity Valid
gestaodefretes.com
WE1
2024-08-31 -
2024-11-29
3 months crt.sh
bubble.io
Cloudflare Inc ECC CA-3
2023-11-16 -
2024-11-15
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
upload.video.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.gstatic.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh

This page contains 1 frames:

Primary Page: https://gestaodefretes.com/
Frame ID: 2E6264ECAF0894A3158B07E4ED59A3E5
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Login

Page URL History Show full URLs

  1. http://gestaodefretes.com/ HTTP 307
    https://gestaodefretes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1290 kB
Transfer

5463 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gestaodefretes.com/ HTTP 307
    https://gestaodefretes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gestaodefretes.com/
Redirect Chain
  • http://gestaodefretes.com/
  • https://gestaodefretes.com/
13 KB
5 KB
Document
General
Full URL
https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
13f37d3d8e241aaf36c4785e02707d77d03458d8d3545dbc6c32d13044c50102
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8bcfb74bc9b97c8d-EWR
content-encoding
br
content-security-policy
frame-ancestors 'none';
content-type
text/html
date
Mon, 02 Sep 2024 18:55:44 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.083 unit-seconds used
x-bubble-perf
{"total":81.4,"percents":{"top":{"bubble_cpu":44.4,"block":55.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":48.3,"appserver_cache_misses_time":0,"redis":69.1,"fiber_queue":4.6,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":50,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":76,"fiber_queue":65,"blocks":64},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":5424723}}
x-frame-options
DENY
x-powered-by
Express

Redirect headers

Location
https://gestaodefretes.com/
Non-Authoritative-Reason
HttpsUpgrades
early.js
gestaodefretes.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/
24 KB
9 KB
Script
General
Full URL
https://gestaodefretes.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://gestaodefretes.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":59.8,"percents":{"top":{"bubble_cpu":11.6,"block":86.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.2,"appserver_cache_misses_time":0,"redis":9.6,"fiber_queue":1.1,"capacity_wait":10.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041703}}
age
14959365
x-powered-by
Express
x-bubble-capacity-used
0.016 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8bcfb74e5d4f7c8d-EWR
x-bubble-capacity-limit
0 ms slower
run.css
gestaodefretes.com/package/run_css/85685d17a351f01d58a5c958c05af10b47e75b52a26f57d0f2a4bd4a00816fef/romaneio-69241/live/index/xfalse/xfalse/
74 KB
14 KB
Stylesheet
General
Full URL
https://gestaodefretes.com/package/run_css/85685d17a351f01d58a5c958c05af10b47e75b52a26f57d0f2a4bd4a00816fef/romaneio-69241/live/index/xfalse/xfalse/run.css
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
255a62aec2ecbb452bc5635c9ba6d7836961048582911597d2c1e5f35f3f9b4d

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":117.2,"percents":{"top":{"bubble_cpu":17.6,"block":80.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.7},"sub":{"pp_userdb":5.1,"pp_wait_userdb":0,"http_request":0,"serverjson":7.6,"appserver_cache_misses_time":0,"redis":14,"fiber_queue":2.4,"capacity_wait":2}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":31,"fiber_queue":40,"blocks":39},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":9086902}}
age
86739
cf-polished
origSize=96809
x-powered-by
Express
x-bubble-capacity-used
0.14 unit-seconds used
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8bcfb74e5d4c7c8d-EWR
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
gestaodefretes.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/
88 KB
32 KB
Script
General
Full URL
https://gestaodefretes.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://gestaodefretes.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":116.5,"percents":{"top":{"bubble_cpu":7.7,"block":92.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":7.7,"pp_wait_userdb":0,"http_request":0,"serverjson":3.9,"appserver_cache_misses_time":0,"redis":17.4,"fiber_queue":1.4,"capacity_wait":1.5}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":8346854}}
age
14959365
x-powered-by
Express
x-bubble-capacity-used
0.128 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8bcfb74e5d517c8d-EWR
x-bubble-capacity-limit
0 ms slower
run.js
gestaodefretes.com/package/run_js/a1c0ba610410b99b67d52c9f7f8d0a07985f2cc036606acbc2f386c7bc795da5/xtrue/x29/
3 MB
803 KB
Script
General
Full URL
https://gestaodefretes.com/package/run_js/a1c0ba610410b99b67d52c9f7f8d0a07985f2cc036606acbc2f386c7bc795da5/xtrue/x29/run.js
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a958460a4450ee46131cf5c9ab0257869af55b54ce4251a3ac9b548825dd4854

Request headers

Referer
https://gestaodefretes.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":97,"percents":{"top":{"bubble_cpu":42.7,"block":51.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":5.3,"appserver_cache_misses_time":0,"redis":18.8,"fiber_queue":1.4,"capacity_wait":6.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6215910}}
age
254692
x-powered-by
Express
x-bubble-capacity-used
0.096 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8bcfb74e5d547c8d-EWR
x-bubble-capacity-limit
0 ms slower
static.js
gestaodefretes.com/package/static_js/f8c2e7c51709df79298590ed7961f9fc4212172fa47c195984766e12d094855a/romaneio-69241/live/index/xnull/xfalse/xfalse/xtrue/
763 KB
112 KB
Script
General
Full URL
https://gestaodefretes.com/package/static_js/f8c2e7c51709df79298590ed7961f9fc4212172fa47c195984766e12d094855a/romaneio-69241/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d3ef8152f2e1b4edc1b404309c35a7592a210610310460549af8273fc7393406

Request headers

Referer
https://gestaodefretes.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":242.9,"percents":{"top":{"bubble_cpu":6.9,"block":92.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":1.2,"pp_wait_userdb":0,"http_request":0,"serverjson":10,"appserver_cache_misses_time":0,"redis":16,"fiber_queue":1.3,"capacity_wait":1}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":14,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":37,"fiber_queue":35,"blocks":34},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":3529230}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.054 unit-seconds used
timing-allow-origin
*
cf-ray
8bcfb74e5d577c8d-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
dynamic.js
gestaodefretes.com/package/dynamic_js/5a2ce214b369c0e5681bae3c063a84296c21d2b58542da0b1541917806ec62c8/romaneio-69241/live/index/xnull/xtrue/xtrue/pt_br/xfalse/xfalse/
124 KB
26 KB
Script
General
Full URL
https://gestaodefretes.com/package/dynamic_js/5a2ce214b369c0e5681bae3c063a84296c21d2b58542da0b1541917806ec62c8/romaneio-69241/live/index/xnull/xtrue/xtrue/pt_br/xfalse/xfalse/dynamic.js
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ddee773814159a07c963df1869a7fe1a9c17c883b444586ac5b19662cb59ca1e

Request headers

Referer
https://gestaodefretes.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":172.9,"percents":{"top":{"bubble_cpu":7.7,"block":92,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":1.7,"pp_wait_userdb":0,"http_request":0,"serverjson":2.9,"appserver_cache_misses_time":0,"redis":11,"fiber_queue":0.8,"capacity_wait":1.4}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":4,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":18,"fiber_queue":22,"blocks":21},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":3000044}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.046 unit-seconds used
timing-allow-origin
*
cf-ray
8bcfb74e5d5a7c8d-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
html2canvas.min.js
febfde3013e9c16aa813b5094e933399.cdn.bubble.io/f1630879866171x810997382950775000/
198 KB
47 KB
Script
General
Full URL
https://febfde3013e9c16aa813b5094e933399.cdn.bubble.io/f1630879866171x810997382950775000/html2canvas.min.js
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.124.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774f624e3f3c92fed9b4ae0b633c24dc57cf5edc9bddfde0e07a6c41ccb1ccc9

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
x-amz-version-id
Rt9jE2w5G.LSfbk4KbCBlCGcJ66ykSQt
cf-cache-status
HIT
x-amz-request-id
8TNRBAHDVD6VYT1D
x-amz-meta-app-version
live
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6UH3//sJf40N+ejSRFVwBabeOSRkmvmPSVnkRzAG0ga6jBrRH6Rl3oa6uQlhaSmLyDJUnZJz9xg=
x-amz-meta-appname
meta
last-modified
Sun, 05 Sep 2021 22:11:07 GMT
server
cloudflare
etag
W/"ce0708a1df0e67c77e4cfe0a0e5076d8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=86400
cf-ray
8bcfb74e894842a1-EWR
html2pdf.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.3/
469 KB
111 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.3/html2pdf.bundle.min.js
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f62661839cf9823e089ba2ff061a105d83b053caa3b67260dab56ea438fbc5a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1037779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
112878
last-modified
Sun, 25 Apr 2021 14:25:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60857bd2-7555a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvLNbzzsf8J%2B7kmf3a%2BoqGg%2BVJ42%2BvhuIiuf%2BwaeiRRkueSRRAnZ1%2BJYISh6DVm2vV6JfdLQiUVO4XANJ8uo9%2Frd0qn42eQ43rwNun04HKzcgVlDmRL%2FiaBF28r12dJDWs5V%2FJXH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bcfb75059766a4f-EWR
expires
Sat, 23 Aug 2025 18:55:44 GMT
css
fonts.googleapis.com/
26 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:regular%7CLato:900%7COpen+Sans:300%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CRoboto:700
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f10.1e100.net
Software
ESF /
Resource Hash
5dcf5a98134a2b9475f3187b3e3bc3880516b4351548d0b975a29683387f4a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Sep 2024 18:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Sep 2024 18:55:44 GMT
data
gestaodefretes.com/api/1.1/init/
283 B
1021 B
XHR
General
Full URL
https://gestaodefretes.com/api/1.1/init/data?location=https%3A%2F%2Fgestaodefretes.com%2F
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
42cbc2509520b666e830124ee45d012c484577a28aea8276350ea05cf5d48136

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Mon, 02 Sep 2024 18:55:44 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":32.2,"percents":{"top":{"bubble_cpu":28.1,"block":67.1,"capacity_rl":0,"other_pause":0,"pre_fiber":3.7},"sub":{"pp_userdb":9.3,"pp_wait_userdb":0,"http_request":0,"serverjson":22.8,"appserver_cache_misses_time":0,"redis":42.8,"fiber_queue":3.7,"capacity_wait":7.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":21,"blocks":20},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7358528}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.113 unit-seconds used
cf-ray
8bcfb74ed9d732dc-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular%7CLato:900%7COpen+Sans:300%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CRoboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Fri, 30 Aug 2024 13:12:06 GMT
x-content-type-options
nosniff
age
279819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13980
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 13:12:06 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular%7CLato:900%7COpen+Sans:300%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CRoboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Fri, 30 Aug 2024 08:33:07 GMT
x-content-type-options
nosniff
age
296558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13724
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:20:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 08:33:07 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/
42 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular%7CLato:900%7COpen+Sans:300%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CRoboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Fri, 30 Aug 2024 07:59:45 GMT
x-content-type-options
nosniff
age
298560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43068
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 07:59:45 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Content-Type
image/gif
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular%7CLato:900%7COpen+Sans:300%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CRoboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gestaodefretes.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 29 Aug 2024 20:48:26 GMT
x-content-type-options
nosniff
age
338839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 20:48:26 GMT
hi
gestaodefretes.com/user/
57 B
857 B
XHR
General
Full URL
https://gestaodefretes.com/user/hi
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
297d79d14d30fa1a5c2195d887599f7c9ccf89248ab5795aef5e728a7a376cfb

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1725303344991x332063482963598900
X-Bubble-Fiber-ID
1725303345133x188183806648509300
X-Bubble-PL
1725303344250x1764
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://gestaodefretes.com/
cache-control
no-cache
Referer
https://gestaodefretes.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Mon, 02 Sep 2024 18:55:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":168.3,"percents":{"top":{"bubble_cpu":2.8,"block":92.4,"capacity_rl":0,"other_pause":0,"pre_fiber":4.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":13.7,"appserver_cache_misses_time":0,"redis":51.5,"fiber_queue":13.1,"capacity_wait":20.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":710286}}
server
cloudflare
x-bubble-appname
romaneio-69241
x-powered-by
Express
x-bubble-request-took
168
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.011 unit-seconds used
cf-ray
8bcfb7531d3632dc-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
34.3 ms slower
https%3A%2F%2Ffebfde3013e9c16aa813b5094e933399.cdn.bubble.io%2Ff1725139449247x355098470109180800%2FLOGO%2520CURTA%2520VAZADA.png
d1muf25xaso8hp.cloudfront.net/
3 KB
3 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Ffebfde3013e9c16aa813b5094e933399.cdn.bubble.io%2Ff1725139449247x355098470109180800%2FLOGO%2520CURTA%2520VAZADA.png?w=96&h=50&auto=compress&dpr=1&fit=max
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:f400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
b6ef42a227d3a672de3edd3649a756cb23e8bf7e4b4fd88609f947452c6a7de5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 01 Sep 2024 08:00:24 GMT
via
1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
163866
x-cache
Hit from cloudfront
x-imgix-id
4de5ac6a5a7c6a96187a4835128d03f9219643e0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2706
x-served-by
cache-chi-kigq8000088-CHI, cache-iad-kcgs7200132-IAD
last-modified
Sat, 31 Aug 2024 21:24:39 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Pp158JUXaa8Mm1VOA2pkj660s8-qbwU3YmVWQFX1-n-tELY9vZQGkw==
https%3A%2F%2Ffebfde3013e9c16aa813b5094e933399.cdn.bubble.io%2Ff1724859020785x439137219020816260%2Flogo%2520GEst%25C3%25A3o%2520Frete.png
d1muf25xaso8hp.cloudfront.net/
32 KB
33 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Ffebfde3013e9c16aa813b5094e933399.cdn.bubble.io%2Ff1724859020785x439137219020816260%2Flogo%2520GEst%25C3%25A3o%2520Frete.png?w=768&h=588&auto=compress&dpr=1&fit=max
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:f400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
639b4efb7421794375510e30d99a3d8a8893171e2675f3da8ec1b29afa8f198f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 31 Aug 2024 17:40:14 GMT
via
1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
444323
x-cache
Hit from cloudfront
x-imgix-id
3196688c9d73f40800731f2023909e67e5ece3c9
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33176
x-served-by
cache-chi-klot8100152-CHI, cache-iad-kjyo7100032-IAD
last-modified
Wed, 28 Aug 2024 15:30:22 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Gm5cLZWNAkdQsLHtYcLaytg7_M_Hujg6B1eMiohTFSsU-aeySr2lpw==
https%3A%2F%2Ffebfde3013e9c16aa813b5094e933399.cdn.bubble.io%2Ff1725139699716x135723738128784350%2FLOGO%2520CURTA%2520BOI%2520%25281%2529.png
d1muf25xaso8hp.cloudfront.net/
4 KB
5 KB
Other
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Ffebfde3013e9c16aa813b5094e933399.cdn.bubble.io%2Ff1725139699716x135723738128784350%2FLOGO%2520CURTA%2520BOI%2520%25281%2529.png?w=128&h=&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:f400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
851e9b988479e6643902ccc43ade8601895e2da37b145389a8d72319ad68dc61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gestaodefretes.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 01 Sep 2024 01:30:08 GMT
via
1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
163634
x-cache
Hit from cloudfront
x-imgix-id
d7ba6da685ce23d329a587536f1d72bd92571f01
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4413
x-served-by
cache-chi-klot8100154-CHI, cache-iad-kjyo7100105-IAD
last-modified
Sat, 31 Aug 2024 21:28:31 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EorYaBwiA2_l123gzbjFYspk0CrFJ_6hCqTFuYN1uzIceOa_w9N2SQ==
m
gestaodefretes.com/user/
4 B
656 B
XHR
General
Full URL
https://gestaodefretes.com/user/m
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Fiber-ID
1725303345259x185630635706901540
X-Bubble-PL
1725303344250x1764
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://gestaodefretes.com/
cache-control
no-cache
Referer
https://gestaodefretes.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Mon, 02 Sep 2024 18:55:45 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":18,"percents":{"top":{"bubble_cpu":32.7,"block":60.7,"capacity_rl":0,"other_pause":0,"pre_fiber":4.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":25.2,"fiber_queue":4.3,"capacity_wait":11.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":885380}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.014 unit-seconds used
cf-ray
8bcfb753edcd32dc-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
apm
gestaodefretes.com/user/
4 B
725 B
XHR
General
Full URL
https://gestaodefretes.com/user/apm
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Fiber-ID
1725303346795x835943716516105000
X-Bubble-PL
1725303344250x1764
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://gestaodefretes.com/
cache-control
no-cache
Referer
https://gestaodefretes.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Mon, 02 Sep 2024 18:55:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":11.9,"percents":{"top":{"bubble_cpu":36.2,"block":56.4,"capacity_rl":0,"other_pause":0,"pre_fiber":7.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":38.3,"fiber_queue":4.7,"capacity_wait":14.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":645295}}
server
cloudflare
x-bubble-appname
romaneio-69241
x-powered-by
Express
x-bubble-request-took
12
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.01 unit-seconds used
cf-ray
8bcfb75d8de832dc-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
frg
gestaodefretes.com/
4 B
725 B
XHR
General
Full URL
https://gestaodefretes.com/frg
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Fiber-ID
1725303348261x859819191319656400
X-Bubble-PL
1725303344250x1764
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://gestaodefretes.com/
cache-control
no-cache
Referer
https://gestaodefretes.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Mon, 02 Sep 2024 18:55:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":12.4,"percents":{"top":{"bubble_cpu":31.6,"block":63.9,"capacity_rl":0,"other_pause":0,"pre_fiber":6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":40.5,"fiber_queue":5.7,"capacity_wait":15.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":587057}}
server
cloudflare
x-bubble-appname
romaneio-69241
x-powered-by
Express
x-bubble-request-took
13
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.009 unit-seconds used
cf-ray
8bcfb766ae7132dc-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
frg
gestaodefretes.com/
4 B
772 B
XHR
General
Full URL
https://gestaodefretes.com/frg
Requested by
Host: gestaodefretes.com
URL: https://gestaodefretes.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Client-Commit-Timestamp
1725046870000
X-Bubble-Fiber-ID
1725303348386x835616573675952900
X-Bubble-PL
1725303344250x1764
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
X-Bubble-Client-Version
4b98c43fd6e92d8cf5f79c3fe1700b8c318ae960
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://gestaodefretes.com/
cache-control
no-cache
Referer
https://gestaodefretes.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Mon, 02 Sep 2024 18:55:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":318.6,"percents":{"top":{"bubble_cpu":2.5,"block":97.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":1.5,"appserver_cache_misses_time":0,"redis":3.1,"fiber_queue":0.3,"capacity_wait":0.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1195726}}
server
cloudflare
x-bubble-appname
romaneio-69241
x-powered-by
Express
x-bubble-request-took
318
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.018 unit-seconds used
cf-ray
8bcfb7677f0532dc-EWR
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| bubble_session_uid object| headers_source_maps function| make_proxy function| appquery function| Lib function| load_error_function object| load_error_log function| disableLoadErrorFunction object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name function| $ function| jQuery function| Lib_post_load string| bubble_bundle_name function| clearImmediate function| setImmediate object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket number| server_time_offset object| client_db object| safe_require object| __algolia object| testing function| authenticate_as object| document_ready_key function| gapListener function| display_page function| switch_page object| preloaded object| __code__ function| Inputmask number| bubble_version object| optional_modules object| plugins object| bubble_run_derived object| translation_data object| language_data string| application_language object| app function| everything_ready function| wait_for_everything function| html2canvas function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| html2pdf number| render_end_timestamp boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded

3 Cookies

Domain/Path Name / Value
.gestaodefretes.com/ Name: romaneio-69241_live_u2main
Value: bus|1725303344211x881552235566476200|1725303344220x797751028662562800
.gestaodefretes.com/ Name: romaneio-69241_live_u2main.sig
Value: jibVis3txjeHWweCKVqXnrsHeZg
.gestaodefretes.com/ Name: romaneio-69241_u1main
Value: 1725303344211x881552235566476200

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://gestaodefretes.com/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d1muf25xaso8hp.cloudfront.net
febfde3013e9c16aa813b5094e933399.cdn.bubble.io
fonts.googleapis.com
fonts.gstatic.com
gestaodefretes.com
104.16.36.105
104.17.124.183
104.17.25.14
142.250.65.202
2600:9000:21da:f400:1c:37e5:3f40:21
2607:f8b0:4006:820::2003
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
13f37d3d8e241aaf36c4785e02707d77d03458d8d3545dbc6c32d13044c50102
255a62aec2ecbb452bc5635c9ba6d7836961048582911597d2c1e5f35f3f9b4d
297d79d14d30fa1a5c2195d887599f7c9ccf89248ab5795aef5e728a7a376cfb
2f62661839cf9823e089ba2ff061a105d83b053caa3b67260dab56ea438fbc5a
42cbc2509520b666e830124ee45d012c484577a28aea8276350ea05cf5d48136
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
5dcf5a98134a2b9475f3187b3e3bc3880516b4351548d0b975a29683387f4a08
639b4efb7421794375510e30d99a3d8a8893171e2675f3da8ec1b29afa8f198f
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
774f624e3f3c92fed9b4ae0b633c24dc57cf5edc9bddfde0e07a6c41ccb1ccc9
851e9b988479e6643902ccc43ade8601895e2da37b145389a8d72319ad68dc61
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a958460a4450ee46131cf5c9ab0257869af55b54ce4251a3ac9b548825dd4854
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6ef42a227d3a672de3edd3649a756cb23e8bf7e4b4fd88609f947452c6a7de5
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
d3ef8152f2e1b4edc1b404309c35a7592a210610310460549af8273fc7393406
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
ddee773814159a07c963df1869a7fe1a9c17c883b444586ac5b19662cb59ca1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629