minhaloja.boticario.com.br Open in urlscan Pro
143.204.98.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minhaloja.boticario.com.br/
Submission: On December 23 via manual (December 23rd 2021, 2:57:12 pm UTC) from BR — Scanned from DE

Summary HTTP 89 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 89 HTTP transactions. The main IP is 143.204.98.13, located in United States and belongs to AMAZON-02, US. The main domain is minhaloja.boticario.com.br.
TLS certificate: Issued by Amazon on November 26th 2021. Valid for: a year.

This is the only time minhaloja.boticario.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	143.204.98.13 143.204.98.13	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	143.204.98.10 143.204.98.10	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1b9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
89	19

38 143.204.98.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net

minhaloja.boticario.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-10.fra50.r.cloudfront.net

gb-assets.grupoboticario.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1b9f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-global.configcat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

meucatalogodigitalresources.grupoboticario.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	boticario.com.br minhaloja.boticario.com.br	1 MB
15	gstatic.com fonts.gstatic.com www.gstatic.com	568 KB
7	google.com www.google.com	84 KB
6	cookielaw.org cdn.cookielaw.org	104 KB
4	google-analytics.com www.google-analytics.com	54 KB
4	grupoboticario.digital gb-assets.grupoboticario.digital meucatalogodigitalresources.grupoboticario.digital	62 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
2	configcat.com cdn-global.configcat.com	4 KB
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	16 KB
1	doubleclick.net stats.g.doubleclick.net	452 B
1	googletagmanager.com www.googletagmanager.com	63 KB
1	onetrust.com geolocation.onetrust.com	388 B
0	google.co.uk Failed www.google.co.uk Failed
89	15

	Domain	Requested by
38	minhaloja.boticario.com.br	minhaloja.boticario.com.br
9	www.gstatic.com	minhaloja.boticario.com.br www.google.com www.gstatic.com
7	www.google.com	minhaloja.boticario.com.br www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com
6	cdn.cookielaw.org	minhaloja.boticario.com.br cdn.cookielaw.org
4	www.google-analytics.com	minhaloja.boticario.com.br
4	fonts.googleapis.com	minhaloja.boticario.com.br
3	gb-assets.grupoboticario.digital	minhaloja.boticario.com.br
2	cdn-global.configcat.com	minhaloja.boticario.com.br
1	vars.hotjar.com	minhaloja.boticario.com.br
1	script.hotjar.com	minhaloja.boticario.com.br
1	bam.nr-data.net	minhaloja.boticario.com.br
1	static.hotjar.com	minhaloja.boticario.com.br
1	js-agent.newrelic.com	minhaloja.boticario.com.br
1	stats.g.doubleclick.net	minhaloja.boticario.com.br
1	meucatalogodigitalresources.grupoboticario.digital	minhaloja.boticario.com.br
1	www.googletagmanager.com	minhaloja.boticario.com.br
1	geolocation.onetrust.com	minhaloja.boticario.com.br
0	www.google.co.uk Failed	minhaloja.boticario.com.br
89	19

This site contains links to these domains. Also see Links.

Domain
privacidade.grupoboticario.com.br

Subject Issuer	Validity	Valid
*.boticario.com.br Amazon	`2021-11-26` - `2022-12-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.grupoboticario.digital Amazon	`2021-02-04` - `2022-03-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.configcat.com AlphaSSL CA - SHA256 - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://minhaloja.boticario.com.br/
Frame ID: A325B7307B6D11CBD0F33D870614EA96
Requests: 72 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=109dm0q0v5n9
Frame ID: 678E2BABA6F8C3E6E62CC19B4DB203A0
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Frame ID: 7952F23B2CCF9A42A2E52A0EBB8BFB1E
Requests: 12 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 07123FCBE97CB15DC22F4E7D315EF7B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O Boticário | Minha Loja Digital

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

89
Requests

99 %
HTTPS

56 %
IPv6

15
Domains

19
Subdomains

19
IPs

3
Countries

2087 kB
Transfer

6041 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://privacidade.grupoboticario.com.br/
Title: Política de privacidade

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
minhaloja.boticario.com.br/ 3 KB
3 KB 512ms
438ms Document
text/html 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d4995bdb0d79766a30b0c3af9ba395424f11a67b0a0dcde618c210ba2b67f3df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Wed, 22 Dec 2021 13:17:20 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: same-origin
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
service-worker-allowed: /
content-encoding: gzip
date: Thu, 23 Dec 2021 14:57:07 GMT
cache-control: max-age=300, public
etag: W/"6b9c01986aa681d685438f098e4d97f5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: O7zgrNlX_bsSIHhnfIWsjZRUP5UAUtUNX5ExYJUrRCpe6LzQ-xYOlw==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 47ms
30ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BXRr8anumVFsMvgN5QlueA==
age: 8347
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Fri, 17 Dec 2021 17:08:36 GMT
server: cloudflare
etag: 0x8D9C17FDD6FB88D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 52c8446c-501e-0127-6d63-f404fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2270c34ffc68f5-FRA

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9714289219fcd069b4b97027f6cc40309ff4b22aa46070c4c03e77ca0df7b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 14:50:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 14:57:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 14:57:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
485 B 40ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@500;700&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a883974729df810eb42dda5ee43ba10e8a9be598ed5a97610cfa56358991e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 14:49:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 14:57:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 14:57:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
706 B 47ms
25ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ed1c09a270e3ec711b4aaf5b05d2cb99d62c25360e798a1434711bd397de575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:51:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 14:57:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 14:57:07 GMT

GET
H2 200 MaisonNeueExt.css
gb-assets.grupoboticario.digital/eam/font/ 586 B
996 B 31ms
8ms Stylesheet
text/css 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gb-assets.grupoboticario.digital/eam/font/MaisonNeueExt.css
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1582818ac1ba9ee326fa08cdb4db4791a2bf031aaf976a8e121ac535b594c398

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: WrBWy07eUZsh2LrUoSv4F0NiFKk7NZXx
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 20:46:18 GMT
server: AmazonS3
age: 14978
etag: "19e3943c5cbbc9a825de521ca27fe18a"
x-cache: Hit from cloudfront
content-type: text/css
date: Thu, 23 Dec 2021 14:49:50 GMT
x-amz-meta-version-id: XSuhmhsEC3wkBYbURCtRjU1TPBW7XswB
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 586
x-amz-cf-id: VJL5qcLap38UkBYKjNA0gqZj059E1y3PhKpHrIJrTMu4w2sx-4TTwg==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
503 B 48ms
26ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 13:44:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 14:57:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 14:57:07 GMT

GET
H2 200 reset.css
minhaloja.boticario.com.br/container/latest/css/ 1005 B
3 KB 8ms
8ms Stylesheet
text/css 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/css/reset.css

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

121e8b47d5e772c09d51347f5ceff9edf192b637d35d454b6fb69acbb3b366af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:19 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"365d8e12df781834ff2eabf790a8c382"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 59oa4g6uMiHkEviH4VhiiNGsfuxvucTgIaYPaeqd1ep5HL-BWwWMbQ==

GET
H2 200 normalize.css
minhaloja.boticario.com.br/container/latest/css/ 9 KB
5 KB 9ms
9ms Stylesheet
text/css 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/css/normalize.css

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e66647558738216efd2c6a0460f380175b08b7c8407dbbebde8e3f7bbe1eeefb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:19 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"e1874f392ad93753772d2f8a65dedc6d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: al6zDNZXi9SQS3zztZTXpZb2ZecpVPU4rKIsOddyVHvC-lrA9OVAGw==

GET
H2 200 main.bundle.5a8123f787e0a4950994.js Show response
minhaloja.boticario.com.br/container/latest/js/ 9 KB
6 KB 8ms
8ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/main.bundle.5a8123f787e0a4950994.js?a9abaf2c7acf8ae3beb6

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

11d6ee17bd470d906704e12f6cfe99d1c87519aa9b52239aff003646fa5e6190

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:37 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"5991ee190ca963cdd6ae0243b39417aa"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3jDRYbxr3ZGeayIgrcIT_zCLQREgB_07bxH6TThs2ShKyA2jQ_UqSg==

GET
H2 200 newRelicSnippet.js Show response
minhaloja.boticario.com.br/container/latest/scripts/ 27 KB
12 KB 10ms
9ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

da9ddaf5cac3f0e3e7a3b7df692dd604a9579d5a58e8f0eb08cc4e71581cbf6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:38 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"f41e2d42ee9366c7fa9d2f2a479fdf44"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6UHBjiLGJFplUjvKzFIvCTSE_TXFqZ7KUtcG1MaZ4YNaZnVMKIpxvQ==

GET
H2 200 5c7a925d-2987-4be9-a60b-fc346dae1f61.json Show response
cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ 3 KB
2 KB 34ms
21ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/5c7a925d-2987-4be9-a60b-fc346dae1f61.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af7f2a7319a700fa7d79c2ee318a8f468b39325b04b8740f963a2678932beeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TsaOYtk1a75+WvHucPBJGg==
age: 437
vary: Accept-Encoding
content-length: 1307
x-ms-lease-status: unlocked
last-modified: Wed, 22 Sep 2021 12:58:20 GMT
server: cloudflare
etag: 0x8D97DC8A7A69726
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b1a20eba-a01e-005b-3b14-b6df9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2270c39e9f5c0e-FRA
expires: Thu, 23 Dec 2021 18:57:07 GMT

GET
H2 200 20.bundle.3e6a3d2e9c34190533de.js Show response
minhaloja.boticario.com.br/container/latest/js/ 162 KB
47 KB 10ms
10ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/20.bundle.3e6a3d2e9c34190533de.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ee8a8114c7658b7865e50235668f485cb48a22439d8f9afd987eb2a3f9ff1359

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:22 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"e5e20c024c65ed774352af296474f875"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: One_xxYEjKQ5bjEkS58ulnFWIL2XdHHUMiEubSGr1NXNUiOuNHLFHA==

GET
H2 200 remoteEntry.js Show response
minhaloja.boticario.com.br/admin/latest/ 10 KB
7 KB 421ms
421ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/remoteEntry.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0fc5b4dedeb4acc1a01efc2b226aa9a7904a82b9a4cab6e2b90dd26a4068856e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:21:00 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"4885cc14c8ba00cdbbaca1de3fb98b56"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: no-store, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-id: aEoiQLiljg3_YpFg2fSLb4GHWQP8rgPaH2x-HyaDszCKltBzd3X_Cw==

GET
H2 200 remoteEntry.js Show response
minhaloja.boticario.com.br/vitrine/latest/ 8 KB
6 KB 426ms
426ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/remoteEntry.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

394f74a2fd40f8a7d48ab0fef108547ce5b4580f4e87ed22cd69f76e6415f2e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:55 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"e2b92fc20ac420bfca16400489953a0f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: no-store, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-id: tvNEuV8YJz94iVSWbxjp8c5BcLG8pb0N9mk0d75d9sfAo7E3EhPZzA==

GET
H2 200 354.bundle.69ba24080f07000ff039.js Show response
minhaloja.boticario.com.br/container/latest/js/ 23 KB
8 KB 14ms
14ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/354.bundle.69ba24080f07000ff039.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7f34893a704d4a71da0fa274dd428284f6fb17b549008ae11148b851435a3e51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"2654cf521e826cddb21f01d06bf5e41c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ruYcfJZBfYPGi6PID0Zb37QiPOH_dpUtLKGz1jp4OFsAViDW8wx7AQ==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
388 B 42ms
25ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c2270c3dddf4e92-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 20ms
20ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 5669376
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:37 GMT
server: cloudflare
etag: 0x8D983BB67EEBDFE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 646ab96e-a01e-00d8-5b6c-c47f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2270c3f9a068f5-FRA

GET
H2 200 pt.json Show response
cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ab330c12-9ad3-4177-9183-63541ae111ae/ 38 KB
12 KB 19ms
19ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5c7a925d-2987-4be9-a60b-fc346dae1f61/ab330c12-9ad3-4177-9183-63541ae111ae/pt.json

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

858d3ae73f132b8f3d872db375db917a266b904a671ef12213fe898b038d9237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s5rLtE5nBT0RlXFZPJ+G/g==
age: 437
vary: Accept-Encoding
content-length: 12228
x-ms-lease-status: unlocked
last-modified: Wed, 22 Sep 2021 12:58:23 GMT
server: cloudflare
etag: 0x8D97DC8A953ADD6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: eb94c73a-201e-0145-65bc-cb4322000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2270c448675c0e-FRA
expires: Thu, 23 Dec 2021 18:57:07 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 10 KB
3 KB 16ms
16ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFloatingFlat.json

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9rK3Ikd9KsAnky96tLlwvw==
age: 437
vary: Accept-Encoding
content-length: 2675
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:28 GMT
server: cloudflare
etag: 0x8D983BB62C7DDA4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ba238190-e01e-00b9-4e0c-f63be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c2270c478fe5c0e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 22ms
21ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 4872518
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a790b2cd-001e-0116-45bc-cb5f2d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c2270c479005c0e-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 294.bundle.db5a5817d696cd923f92.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 7 KB
5 KB 8ms
8ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/294.bundle.db5a5817d696cd923f92.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

437ba48e15c6a06a669c284df1c9516ca2678f6aaae8e080a26a3662c0891c03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:44 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"eaf67ee7b7d4506295dc159c56606594"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wANzwpU6knWJ7EmwYfJY5G9-YFRGSoYc-0qGCznKCrix-hiRQfxjdQ==

GET
H2 200 935.bundle.7cddea9ad86acda3f1f6.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 121 KB
42 KB 9ms
9ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/935.bundle.7cddea9ad86acda3f1f6.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e07b00827f5f6d2c71523bac1292216711543a067a8d0f2532454ba28266cfcb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:52 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"73e5f7497a2659bee49d2195e7a07b2f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: edRpk7kVQkSGJNwdadxj70Asy439MDlu77My6CpOFip3_VUquLqvTg==

GET
H2 200 216.bundle.7b0e68737d14c69187ab.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 11 KB
6 KB 13ms
13ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/216.bundle.7b0e68737d14c69187ab.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f54a6119d3615df97b64f039557b186019f21742edd3915754aaf88aa7b4e2e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:42 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"8b919cf09863b223ac6557d72a8027d7"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SKRuwCdJt01ALPMIS2lc19AaFqoCkVMAf2UWWefBAnDqWFRLjORtyg==

GET
H2 200 961.bundle.7f03cc7bc617a1dd06c7.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 4 KB
4 KB 13ms
13ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/961.bundle.7f03cc7bc617a1dd06c7.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d723c4ceb0f73b7ebd59aa950a0324f05b8d7d109faf1f27e3b84f47c7d60e0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:54 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"c23db646efd40be3aac63a42db660fe7"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lZjJQzGsBzi3ykQ4QnbMb64qRBfZ1vZkKir375l1C140q2qowdQqwQ==

GET
H2 200 163.bundle.92211029fba5215177b0.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 37 KB
16 KB 13ms
13ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/163.bundle.92211029fba5215177b0.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2d9decf32d1f341945c160f048ab3fc63f1d0c6df7f745dd0f49cdfc3117b5b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:42 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"abb567f08eb6961816e060d91679cc94"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ItfZF9_MTtBjHBgv-LEEQTls6_lfdvlJJZstkqgUuZHezi4hIRu1WA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
63 KB 63ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PTX3XVW&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d00fa4e870bfaf3c239ff7b982ca1f164d781e8fbd0eff5730d1cbb74bded2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63831
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 14:57:07 GMT

GET
H2 200 938.bundle.73d6e2ffbf16aeeef39b.js Show response
minhaloja.boticario.com.br/container/latest/js/ 641 B
3 KB 9ms
9ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/container/latest/js/938.bundle.73d6e2ffbf16aeeef39b.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bbffe137df9de30504c9a813fff9ee7c6b60b2e802daf9aeb7e3d476ac90614a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:25:40 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 91888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 641
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:17:34 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "abdffcd62a0de5ceb88da3962097dcff"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: -QM6kjQnMMpBBVa6xHyuk6IKAepao23xpOmKjOabfkhBxu3JoUAC6g==

GET
H2 200 6802.bundle.ae4335c4b622ec099c60.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 59 KB
21 KB 9ms
8ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/6802.bundle.ae4335c4b622ec099c60.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ff92102b6f813e294c4bbd27c6b2c526f69a5d13636eaecdcd94e92fffc2552

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89008
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:49 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"4990e4205189ca6326be5f2c04fc7120"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0CrsYykOEXi5Nr7lIvzbQMxoqYQ0kbK3HKYgsy5FD7c3uRAM59IYjA==

GET
H2 200 5262.bundle.1d9fd27a7c8de7e1da71.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 72 KB
12 KB 9ms
9ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/5262.bundle.1d9fd27a7c8de7e1da71.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e1d3f2ecd8f883d83fb05bca8f430a39877676475b620e6db6eccf61c5fa8daf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:42 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"682355a3a40f677f6ce9e5245bfec437"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MtRfwmZeYMkvo4opwlIBO7erOzMA5HOFzq4A3Od22bXVKXSXxFEohQ==

GET
H2 200 3356.bundle.3acb13eb1c89517d2205.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 231 KB
66 KB 11ms
11ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/3356.bundle.3acb13eb1c89517d2205.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb9950bf5f0a01a67b38064c58d15a8aff6e674e4f3c494733ffc861fe815912

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:37 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"7ac2ee58b82a09d56403ec81565eb0a5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7nUYYLQ6Yoa0Gl2avrEveNNp1ZZRLrjUt5EG8d2Ierht2bC_tlvmGg==

GET
H2 200 3665.bundle.5c51d88d95d8da096ec9.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 82 KB
23 KB 14ms
12ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/3665.bundle.5c51d88d95d8da096ec9.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d285fae14a8b969bb0d4e5f10ea88e6ec60610d5090818b1ade3e244a03fc832

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:38 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"4d16d9973d3dc30ae6bd2819d6cbc6d5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GxbGUCxNzEzLRRK5xa0EdoBc-8vmCvluO4rhNrKv8k7B9uhCnSmyOw==

OPTIONS
H2 204 config_v5.json
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ Frame 0
0 37ms
15ms Preflight
text/plain 2606:4700:10::6816:1b9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-configcat-useragent
Origin: https://minhaloja.boticario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 23 Dec 2021 14:57:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language
access-control-expose-headers: Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c2270c7188405f5-FRA

GET
H2 200 config_v5.json Show response
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ 22 KB
4 KB 18ms
18ms XHR
application/json 2606:4700:10::6816:1b9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1b9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b

Request headers

X-ConfigCat-UserAgent: ConfigCat-JS/a-4.5.0
Cache-Control: no-cache
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Dec 2021 22:44:54 GMT
server: cloudflare
etag: W/"61c258e6-56c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
cf-ray: 6c2270c738b705f5-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language

GET
H2 200 1762.bundle.d9db2952256f89e1cb19.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 285 KB
73 KB 12ms
11ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/1762.bundle.d9db2952256f89e1cb19.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4f99354072168678ad38aeb06685a45f79a18b3136378ad6680625cd60d97cd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:31 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"578f2032a104f6b97d129facf35c77e4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zfh6-VZWy6nUQz3ND_eRuawjQO_xWe6bRpR-40Q8qjc2b7-fk4rHpA==

GET
H2 200 2688.bundle.20297ca23e09a6fe705e.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 14 KB
6 KB 19ms
18ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/2688.bundle.20297ca23e09a6fe705e.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

18f52f0fa5c52403fdb0afaf3827b883e079d6c4137aa725a4111de217cbd696

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:35 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"2bca7dcc36c5545769a6b385c5a9a715"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FJiMqZQmdIrerUxDzBkjiryZkNW-n3WTzSwk6Jig-t40mk8rnTFfcw==

GET
H2 200 3082.bundle.f82168288f4d5084ba3b.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 8 KB
5 KB 17ms
17ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/3082.bundle.f82168288f4d5084ba3b.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

850f66e3a3525eeadd67a295859122a1ec870b53376d34281e1a88ef06e4d225

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:36 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"d93884b14522b9b8aa2bde87611da0f8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Tlzl7U0BJ3fuU7ku1K-o_fdTmPdtVgX6FqQx47VRwLaHWY5lFdU0XA==

GET
H2 200 386.bundle.a8a9ae35abd20a5a86d6.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 60 KB
22 KB 19ms
18ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/386.bundle.a8a9ae35abd20a5a86d6.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e55d635023217556467008ffd60527fab5337cb0620cd985c18de654dc8d0f99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91700
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:46 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"ae131cf40c7a721f9454d45d268973ac"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vhdP9nH2EN0VQ1zWcxpBmojRNIqgOSkkkh8YRxRpykjkeOoG9Jt7iw==

GET
H2 200 385.bundle.6231c8d8b583b567d165.js Show response
minhaloja.boticario.com.br/vitrine/latest/js/ 2 MB
335 KB 21ms
20ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/vitrine/latest/js/385.bundle.6231c8d8b583b567d165.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

07a5d470d342b317c9184b20856080b4a083f463293971ec7751f0be48039f8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:19:45 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"ecb61910e5f3d8fbfbb1cbe8fb9a943d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Qx8mptOwnFswa-xDUfg6o-CKs3_r2g3FXH-13d6FkGgONPcpmrlRJQ==

GET
H2 200 6455.bundle.2f7412c1d35ce8bb5369.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 15 KB
7 KB 31ms
31ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/6455.bundle.2f7412c1d35ce8bb5369.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

36cd8ebd7e467fa9ec7416eba5abc3e912e7154dfb17eecf62db02ca53348abb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87547
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:47 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"d801dc9311ed287bb9c660179065f642"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0Q4_UOoA0oaeD6yMiSY7m52J4IA_6CVI7XQaOi2KGSu3OumvSXcCAA==

GET
H2 200 544.bundle.2221a7f33cd17a48d97b.js Show response
minhaloja.boticario.com.br/admin/latest/js/ 27 KB
9 KB 32ms
31ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://minhaloja.boticario.com.br/admin/latest/js/544.bundle.2221a7f33cd17a48d97b.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e35d3121e39bb7d96a8fbe1bd46b1ea79c1ce954c5e1d6cf3fb6f8117dfa7599

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71732
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:43 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: W/"cde2588563fa843a8b307bba9314e1f8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XJurD2FkVt5dKyI6xG_49dfNjuZt_ts0LumIt7y8TmGzzJsr87FiQA==

GET
H2 200 desk_pattern_bot.jpg
meucatalogodigitalresources.grupoboticario.digital/assets/images/ 57 KB
57 KB 444ms
397ms Image
image/jpeg 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meucatalogodigitalresources.grupoboticario.digital/assets/images/desk_pattern_bot.jpg
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 582b1075b04787e0090c0d6585b647018b4a203a04cb693fe8f4f99b1a0fd1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:09 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 15:08:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "c2b36391a971727278cbf1059ce6ab06"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 57992
x-amz-cf-id: 9607jQaBgpCiQv8CZwIyO9Jyp5JpvgwnXQcsnLWHtzXavgNoA6SDAw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6961
date: Thu, 23 Dec 2021 13:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Dec 2021 15:01:06 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ 18 KB
19 KB 45ms
19ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v9/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c540c2421660f25afa9edabf188e3409753d3d94dc01a4fd6662df787a2767f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 11:27:39 GMT
x-content-type-options: nosniff
age: 98968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18940
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:52:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 11:27:39 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v9/ 18 KB
18 KB 47ms
21ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v9/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

392f196c197758bafbfb4a917625b5a20a84cd7977433a134140f9c6f745058f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:12:51 GMT
x-content-type-options: nosniff
age: 143056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18096
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:52:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 23:12:51 GMT

GET
H2 200 rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ 18 KB
18 KB 41ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 20:14:44 GMT
x-content-type-options: nosniff
age: 67343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18296
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 20:14:44 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
994 B 54ms
17ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58341529f6331985c1d3f44df3124f3e047a7403a5077f3311dbeae51a57846c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 14:57:07 GMT

GET
H2 200 pack-phones.jpg
minhaloja.boticario.com.br/admin/latest/ 92 KB
94 KB 13ms
13ms Image
image/jpeg 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/pack-phones.jpg

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d9658bca2195c58f043af25ae6d94e676a34b1d0a6fc524e28fb68bb40922733

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 17:09:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 78451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 94144
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:21:00 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "64d80cb5fa30576c10e38e420100f8e8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: OsSSjYg0zT9jwBXK9Cx6Zu8HDAokfMuPhVFbBhi8knalr8TYX7GixA==

GET
H2 200 anfora.svg
gb-assets.grupoboticario.digital/boticario/image/ 2 KB
2 KB 10ms
9ms Image
image/svg+xml 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gb-assets.grupoboticario.digital/boticario/image/anfora.svg
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 672a9ad399cc43bb9249f7e53bac67a0dff2c85fe47edc6309d38117bbbfd63b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 036mmZVsxq955Ey29PI2Kpa2bdqr2ArY
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:49:53 GMT
server: AmazonS3
age: 5115
etag: W/"f30938de71b8eb608a92dea0758c43d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
date: Thu, 23 Dec 2021 14:49:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jvL93IthqfFVmoik0NvecjboTCrPB1nrsRAvz5trFat0rs0bg-IH8A==

GET
H2 200 logo-black.svg
gb-assets.grupoboticario.digital/eam/logo/ 4 KB
2 KB 11ms
10ms Image
image/svg+xml 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gb-assets.grupoboticario.digital/eam/logo/logo-black.svg
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d92282204c7d00a22f29a05fb6f52dda15db1f76f80a6ed0d91ca95b52bddf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xx7LQ_lQKmlr_QTDAYwiZgGCQo0V2RPl
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:51:35 GMT
server: AmazonS3
age: 5115
etag: W/"6457864a700b1283ef56e437f7989cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
date: Thu, 23 Dec 2021 14:49:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4B6yERu4FgymmUCh4Ktxf4qk9-Xm0EQ2WRutX1mjrqw3EdUnGK_FJw==

GET
H2 200 bot-highlight-estoque.png
minhaloja.boticario.com.br/admin/latest/ 23 KB
26 KB 16ms
14ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-estoque.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8cdf15484b8fac7ba673ff0c21b82efc89484d4a1d6b5a71b5074dcca3fff87f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23818
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "1b6ea699a4de39800ff661f0921460f5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: u1cappnKF6j6oNCd96_vaBAGQ-gBEZrafqIUS28R3vl6CSx81zIajA==

GET
H2 200 bot-highlight-filtro.png
minhaloja.boticario.com.br/admin/latest/ 32 KB
34 KB 19ms
17ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-filtro.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f269023a49d89d46d2fab43a6a8f014112775912a166a91ad34296f802281b1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 32564
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "40f46f382008507325e7bda7a77efaec"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: U0zIUEzrkvrvsY398k6M-6bEolv2gazhZ5WoSAfVm92oWEaqj4bfmQ==

GET
H2 200 bot-highlight-pedidos.png
minhaloja.boticario.com.br/admin/latest/ 25 KB
27 KB 26ms
24ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-pedidos.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

095e9d3805dae1c743e5c9d8405467d0b333547d4228d45d349921a6c588fd24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25385
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "7a3df3e8032e8b8a6b775788c5b43d77"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 6BadoRVfWQJdbdHI4b9jXbQqOGPPZQWTEnpmZmRPaoO8Df9uLrDePQ==

GET
H2 200 bot-item-1.png
minhaloja.boticario.com.br/admin/latest/ 6 KB
8 KB 20ms
18ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-1.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb685b96686de6581ceab6d5651013085e9fd8cbdce3c19931efc5186e625de6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5845
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "dace377229ea1e5cdba3a958ec2d7a85"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: KdmsYtvVjfEBusHpOF7CBjJAC3QbGpMPmKHn_dhF5zEvzCYIyFHpsw==

GET
H2 200 bot-item-2.png
minhaloja.boticario.com.br/admin/latest/ 2 KB
4 KB 20ms
19ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-2.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0f99f0ee4b5a89a6d1478e40a0624b299db2aa8abe07af223bf0a56f62e3c377

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2235
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "2215382bb78bd51954e691dd9cb6e7ee"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: RSzOdufBjBHmdp3iOnsAVJdid7YfQGYR-xIOdT0JwUkY0wZUfMA8gw==

GET
H2 200 bot-item-3.png
minhaloja.boticario.com.br/admin/latest/ 3 KB
5 KB 21ms
20ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-3.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4640b89ad8c3d0b2f461f0a2fdc32f92bea359847930664af0d5d0534e1c04a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:11 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 54477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3058
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "57861ec17f1553d79e6163bb11fd526f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Hw54Jmrc5S9_q38zoa0Ihj5UyG-rX8Rt7Arbyon20pm6CKs1iItW5g==

GET
H2 200 bot-item-4.png
minhaloja.boticario.com.br/admin/latest/ 4 KB
6 KB 28ms
27ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-item-4.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

54bb80435ce3ae2318083218742a1812eb896a9f723eeca7d969d648c40bb039

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:11 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 54477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4062
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "2242e2e4105fa71c7972c070dbe45e52"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: jI3_ibGNcsScXexZFXaf7T7zYwjDbDF19UaIf2NRugl737G8n-F97g==

GET
H2 200 bot-highlight-pwa.png
minhaloja.boticario.com.br/admin/latest/ 14 KB
16 KB 28ms
27ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-pwa.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8df17bf92140c0d62dced6b505f313f18cc791ef8724b650fd22edad73f409d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13947
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "40b99a5c441c889570b449444cccf40a"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: IPpK605N5HkHNJz8_N81r3In2HQ5b_ZcxnmIYFYZyuBq1m5wdDTPHg==

GET
H2 200 bot-highlight-informacoes.png
minhaloja.boticario.com.br/admin/latest/ 20 KB
22 KB 30ms
29ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-informacoes.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8b3131e6870e949cadfc22b61edc1c9fa1aec159e5a5269d223af01310620773

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:11 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 54477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20322
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "4bae0fd3cf2824490ed1b41b89bc4287"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: aywGN4__v2sXgH329vUiCPSwNpkMynFIxHjabMsp9YYcUgn9OllEZA==

GET
H2 200 bot-highlight-promocao.png
minhaloja.boticario.com.br/admin/latest/ 38 KB
40 KB 31ms
30ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-promocao.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

07a7abe9a9b0f78881290bbf7ccdc79bb726010ea4d133e78dbdbed922d897c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 23:49:12 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 54476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 39105
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:25 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "9eeaae744545df663bacfdec7355f06b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: nyGNLVVnTPXtygAtYZhRVohD_Dqja9KSCAeqVo5mfrJ7PU6Dum4pjA==

GET
H2 200 bot-highlight-zoom.png
minhaloja.boticario.com.br/admin/latest/ 23 KB
25 KB 32ms
31ms Image
image/png 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minhaloja.boticario.com.br/admin/latest/bot-highlight-zoom.png

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-13.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0c0a47ff752b5b8a8dca61bcaf2bd3f37e0c199cf1dc78c7839085ebce0e04c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minhaloja.boticario.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 19:01:37 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23377
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: same-origin
last-modified: Wed, 22 Dec 2021 13:20:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "7d58e6ae449e6d8868d88289ec6e4bd3"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=604800, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.e-boticario.com.br *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br *.hybrid.ai *.frontend.weborama.fr *.adnxs.com *.bestssp.com *.onaudience.com *.hybrid.ai *.admixer.net *.onaudience.com *.adriver.ru *.openx.net *.betweendigital.com *.yandex.ru *.doubleclick.net *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com *.github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' *.eudora.com.br *.prismic.io *.microsoftonline.com *.microsoft.com *.boticario.com.br *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.google.com *.google.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com *.github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.ouiparis.com *.ouiparis.com.br *.hybrid.ai *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net *.github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: elwXKPBc7OAFK11cTPtQqN5ep_JT1dGLN1pWzdyN-4GuNrFAxGkB_w==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T7T2928&t=gtm9&cid=783337912.1640271428

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bd676cab9220ff0e8cae87b2a0733be9c22c4b13c60d5314c638e7d4caac389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34980
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 14:57:07 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://minhaloja.boticario.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 14:31:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
452 B 44ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-158569306-2&cid=783337912.1640271428&jid=1466447323&gjid=1921127370&_gid=878500109.1640271428&_u=aGDAgEADQAAAAE~&z=970779448

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Dec 2021 14:57:08 GMT
content-type: text/plain
access-control-allow-origin: https://minhaloja.boticario.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=114080312&t=pageview&_s=1&dl=https%3A%2F%2Fminhaloja.boticario.com.br%2F&ul=en-us&de=UTF-8&dt=O%20Botic%C3%A1rio%20%7C%20Minha%20Loja%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=1466447323&gjid=1921127370&cid=783337912.1640271428&tid=UA-158569306-2&_gid=878500109.1640271428&gtm=2wgc10PTX3XVW&cd4=boticario&cd7=0ebf36-023-af5-1b3-4ad2c507ac5f&cd9=revendedor&cd15=web&z=1083051178

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 19:32:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69885
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 678E 40 KB
20 KB 49ms
33ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=109dm0q0v5n9

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cded725ef4cb4717440ef87bbd92231dccffe2e4504b9c285938658d61f1d853

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g8DpqggQ7iowVsjpbzvh1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Dec 2021 14:57:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-g8DpqggQ7iowVsjpbzvh1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20783
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
33ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=783337912.1640271428&jid=1466447323&_u=aGDAgEADQAAAAE~&z=227637646

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 14:57:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.co.uk/ads/ 0
0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 678E 51 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=109dm0q0v5n9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 14:31:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 678E 348 KB
136 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 14:31:00 GMT

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
16 KB 25ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1209.min.js
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: d4wwExyN0N4Ag7LHjGXgHn7eRha876Bt
content-encoding: gzip
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
x-amz-request-id: QQ4FS7V4RPFE46MS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15799
x-amz-id-2: ewB1A1tIEAtnm2v4G7x83yG7vXnNNwgUr2BOXI5GWRslKllsaYudiFL1cQPle38sUrpSJEqH6T0=
x-served-by: cache-fra19124-FRA
last-modified: Thu, 20 May 2021 23:21:19 GMT
server: AmazonS3
x-timer: S1640271428.197147,VS0,VE0
date: Thu, 23 Dec 2021 14:57:08 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 51

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 678E 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5&co=aHR0cHM6Ly9taW5oYWxvamEuYm90aWNhcmlvLmNvbS5icjo0NDM.&hl=de&type=image&v=VZKEDW9wslPbEc9RmzMqaOAP&theme=light&size=invisible&badge=bottomright&cb=109dm0q0v5n9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 14:57:08 GMT

GET
H2 200 hotjar-1745554.js Show response
static.hotjar.com/c/ 9 KB
3 KB 62ms
41ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1745554.js?sv=7

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

5c1f18bffa486f29df6730b9e9c9edb6e07ff76bc9f7e9ee6cfb8be7eaf7ddf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/7e4139bc7d1ff4e3d7fc9749267b17ae
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: v2DIaq4coZxtLicUF5RRwW4s3_fOpmri68w4EOWVGIuqxNLQpOKVag==
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=114080312&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminhaloja.boticario.com.br%2F&ul=en-us&de=UTF-8&dt=O%20Botic%C3%A1rio%20%7C%20Minha%20Loja%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=scrolling&el=25&_u=aGDAgEADQAAAAE~&jid=&gjid=&cid=783337912.1640271428&tid=UA-158569306-2&_gid=878500109.1640271428&gtm=2wgc10PTX3XVW&cd4=boticario&cd7=0ebf36-023-af5-1b3-4ad2c507ac5f&cd9=revendedor&cd15=web&z=1089850049

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 19:32:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69886
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7952 7 KB
1 KB 28ms
28ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f6ee6c21b41cae1c6850ad9b172c83ef238b42729d5e34126da6f4344a850ca5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KdG0ckHA8PpHPLFXju56/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Dec 2021 14:57:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-KdG0ckHA8PpHPLFXju56/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK NRJS-d142cb7d067b4c9c598 Show response
bam.nr-data.net/1/ 57 B
322 B 443ms
110ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-d142cb7d067b4c9c598?a=514334442&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=1712&ck=1&ref=https://minhaloja.boticario.com.br/&be=588&fe=1643&dc=598&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1640271426533,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:53,%22c%22:53,%22s%22:59,%22ce%22:75,%22rq%22:75,%22rp%22:512,%22rpe%22:513,%22dl%22:515,%22di%22:593,%22ds%22:598,%22de%22:598,%22dc%22:1643,%22l%22:1643,%22le%22:1644%7D,%22navigation%22:%7B%7D%7D&fp=793&fcp=793&jsonp=NREUM.setToken
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 modules.6d5409da698bc5e020b1.js Show response
script.hotjar.com/ 228 KB
60 KB 29ms
9ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6d5409da698bc5e020b1.js

Requested by

Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 16:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168422
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61259
access-control-allow-origin: *
last-modified: Tue, 21 Dec 2021 16:09:54 GMT
etag: "a250696209ae851dce97a4101057f333"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: X1Q3pvIdEWfznws5jxXMbnFr-4L1CwPhVjl5xO5ApUmHKd2qFHB5-A==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 7952 51 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 14:31:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 7952 348 KB
136 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 14:31:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7952 37 KB
22 KB 101ms
100ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3e0d3ac60eed9ba93b48649ebed7a2a5bb4c5b5425223c2aa0455c14edbc887

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 23 Dec 2021 14:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22578
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 14:57:08 GMT

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 0712 2 KB
1 KB 25ms
7ms Document
text/html 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: minhaloja.boticario.com.br
URL: https://minhaloja.boticario.com.br/container/latest/scripts/newRelicSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BdGbvTJSvg9p3iuCxUGS9_b8a7NTqPSFLFBjroF6tUTXaF1kX5-bMQ==
age: 1811042

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 7952 11 KB
11 KB 8ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 06:31:11 GMT
x-content-type-options: nosniff
age: 548757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 24 Dec 2021 06:31:11 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7952 600 B
624 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 19:52:10 GMT
x-content-type-options: nosniff
age: 155098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 28 Dec 2021 19:52:10 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7952 530 B
554 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 05:44:53 GMT
x-content-type-options: nosniff
age: 119535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 29 Dec 2021 05:44:53 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7952 665 B
689 B 9ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 11:26:47 GMT
x-content-type-options: nosniff
age: 99021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 29 Dec 2021 11:26:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7952 15 KB
15 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 185943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7952 15 KB
15 KB 26ms
12ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 06:37:10 GMT
x-content-type-options: nosniff
age: 548398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 06:37:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7952 15 KB
15 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 06:37:08 GMT
x-content-type-options: nosniff
age: 548400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 06:37:08 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 7952 39 KB
39 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq25JTwSUEhdC3Iw_PoRTuEOol6TWq6uHGNGJVPh5o91Y_5X5I1U5klOc-b_mQW-RR_R2P-TdaKBkEydxrfhnrlr3gMt7IRNDibE0yI13ON6jTOrPdeRsy2f8sUNykMsyPuJ7II1i9RNT2utruN5ziUbXjCsyuZQE23QyDGWVORQL8fgjH2cfYzB6f_7D30B0zNSZJR1wzfUUeRZpYBPSPFNSpfOVTg&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

408e5c7a3b9da26d5d951741f8b8db5a3ce7a51ff6b546ad4fa61d5b36ccd08a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Leoe7oZAAAAACyDwF4Q4kLm08evbEee2_9Trxp5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:57:08 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40320
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 14:57:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.co.uk
URL: https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=783337912.1640271428&jid=1466447323&_u=aGDAgEADQAAAAE~&z=227637646

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:57:03	Name: _GRECAPTCHA Value: 09ABBMTcPHy14NlEulidYnOUjkKfR8_TfIYmas7zCmmZmrq-lIPLcS-89FenPmPY2ZDeX_-aGJyTP1ZYu2VXA4qCE
.minhaloja.boticario.com.br/	1970-01-20 08:23:27	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Dec+23+2021+14%3A57%3A07+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&hosts=&consentId=1dc1f73a-daff-4cf6-aa4e-9bb624cc8243&interactionCount=0&landingPath=https%3A%2F%2Fminhaloja.boticario.com.br%2F&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.boticario.com.br/	1970-01-20 01:47:27	Name: _gcl_au Value: 1.1.1083142516.1640271428
.boticario.com.br/	1970-01-20 17:09:03	Name: _ga Value: GA1.3.783337912.1640271428
.boticario.com.br/	1970-01-19 23:39:17	Name: _gid Value: GA1.3.878500109.1640271428
.boticario.com.br/	1970-01-19 23:37:51	Name: _dc_gtm_UA-158569306-2 Value: 1
.boticario.com.br/	1970-01-20 08:23:27	Name: _hjSessionUser_1745554 Value: eyJpZCI6ImMxMmFmM2VlLWI1MTQtNTNmZi04ZWFkLTExNGI2OTRhYTljMiIsImNyZWF0ZWQiOjE2NDAyNzE0MjgzNjIsImV4aXN0aW5nIjpmYWxzZX0=
.boticario.com.br/	1970-01-19 23:37:53	Name: _hjFirstSeen Value: 1
.boticario.com.br/	1970-01-19 23:37:53	Name: _hjSession_1745554 Value: eyJpZCI6IjlkODJkOThkLWFmNTItNGFmZS1hOWQ4LTE3YzFhNjdmNjdiZiIsImNyZWF0ZWQiOjE2NDAyNzE0MjgzODl9
minhaloja.boticario.com.br/	1970-01-19 23:37:51	Name: _hjIncludedInSessionSample Value: 0
.boticario.com.br/	1970-01-19 23:37:53	Name: _hjAbsoluteSessionInProgress Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d64a785dddc21173

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://minhaloja.boticario.com.br/ Message: Refused to load the image 'https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-158569306-2&cid=783337912.1640271428&jid=1466447323&_u=aGDAgEADQAAAAE~&z=227637646' because it violates the following Content Security Policy directive: "img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com *.prismic.io pipelines.actions.githubusercontent.com data: blob:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: ; img-src 'self' s3.us-east-1.amazonaws.com .e-boticario.com.br .cookielaw.org .hotjar.com .hotjar.io .eudora.com.br .hybrid.ai .frontend.weborama.fr .adnxs.com .bestssp.com .onaudience.com .hybrid.ai .admixer.net .onaudience.com .adriver.ru .openx.net .betweendigital.com .yandex.ru .doubleclick.net .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .boticario.com.br .oboticario.com.br .googleapis.com .google.com .google.com.br .googleapis.com .grupoboticario.digital .grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com .google-analytics.com .s3.amazonaws.com .googletagmanager.com .facebook.com .pinterest.com .github.com .prismic.io pipelines.actions.githubusercontent.com data: blob: ; connect-src 'self' .eudora.com.br .prismic.io .microsoftonline.com .microsoft.com .boticario.com.br .documentforce.com .force.com .salesforce.com .salesforceliveagent.com .oboticario.com.br .google.com .google.com.br .grupoboticario.digital .grupoboticario.com.br cdn.cookielaw.org .hotjar.com analytics.strapi.io wss://.hotjar.com .hotjar.io .google-analytics.com .googleapis.com .onetrust.com .s3.amazonaws.com .g.doubleclick.net .googletagmanager.com .configcat.com .nr-data.net .pinterest.com .tiktok.com .github.com pipelines.actions.githubusercontent.com dmomoufq3m.execute-api.us-east-1.amazonaws.com blob:; script-src 'self' .grupoboticario.digital .grupoboticario.com.br .ouiparis.com .ouiparis.com.br .hybrid.ai .force.com .documentforce.com .salesforce.com .salesforceliveagent.com .newrelic.com .hotjar.com .hotjar.io .onetrust.com .g.doubleclick.net .google.com .googleapis.com .gstatic.com .googletagmanager.com .configcat.com .nr-data.net .google-analytics.com cdn.cookielaw.org .google-analytics.com cdn.cookielaw.org cdn.tiny.cloud .dwin1.com .googleadservices.com .facebook.net .facebook.com .cloudfront.net .pinimg.com .shoptarget.com.br .tiktok.com .linximpulse.net .shopback.com .chaordicsystems.com .shopconvert.com.br .shopback.net .github.com pipelines.actions.githubusercontent.com https://polyfill.io dmomoufq3m.execute-api.us-east-1.amazonaws.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn-global.configcat.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
gb-assets.grupoboticario.digital
geolocation.onetrust.com
js-agent.newrelic.com
meucatalogodigitalresources.grupoboticario.digital
minhaloja.boticario.com.br
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
www.google.co.uk
143.204.98.10
143.204.98.115
143.204.98.13
143.204.98.39
143.204.98.69
143.204.98.82
151.101.194.137
162.247.242.18
2606:4700:10::6814:b944
2606:4700:10::6816:1b9f
2606:4700::6810:9540
2a00:1450:4001:803::200e
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:400c:c0c::9b
07a5d470d342b317c9184b20856080b4a083f463293971ec7751f0be48039f8f
07a7abe9a9b0f78881290bbf7ccdc79bb726010ea4d133e78dbdbed922d897c9
095e9d3805dae1c743e5c9d8405467d0b333547d4228d45d349921a6c588fd24
0c0a47ff752b5b8a8dca61bcaf2bd3f37e0c199cf1dc78c7839085ebce0e04c5
0d92282204c7d00a22f29a05fb6f52dda15db1f76f80a6ed0d91ca95b52bddf8
0ed1c09a270e3ec711b4aaf5b05d2cb99d62c25360e798a1434711bd397de575
0f99f0ee4b5a89a6d1478e40a0624b299db2aa8abe07af223bf0a56f62e3c377
0fc5b4dedeb4acc1a01efc2b226aa9a7904a82b9a4cab6e2b90dd26a4068856e
11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b
11d6ee17bd470d906704e12f6cfe99d1c87519aa9b52239aff003646fa5e6190
121e8b47d5e772c09d51347f5ceff9edf192b637d35d454b6fb69acbb3b366af
1582818ac1ba9ee326fa08cdb4db4791a2bf031aaf976a8e121ac535b594c398
18f52f0fa5c52403fdb0afaf3827b883e079d6c4137aa725a4111de217cbd696
1bd676cab9220ff0e8cae87b2a0733be9c22c4b13c60d5314c638e7d4caac389
1d00fa4e870bfaf3c239ff7b982ca1f164d781e8fbd0eff5730d1cbb74bded2b
24508b82a87ed41e1dbec0e55a404055cab488d5417d0a0352adb1551ff98aa0
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
2d9decf32d1f341945c160f048ab3fc63f1d0c6df7f745dd0f49cdfc3117b5b4
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
36cd8ebd7e467fa9ec7416eba5abc3e912e7154dfb17eecf62db02ca53348abb
392f196c197758bafbfb4a917625b5a20a84cd7977433a134140f9c6f745058f
394f74a2fd40f8a7d48ab0fef108547ce5b4580f4e87ed22cd69f76e6415f2e4
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408e5c7a3b9da26d5d951741f8b8db5a3ce7a51ff6b546ad4fa61d5b36ccd08a
437ba48e15c6a06a669c284df1c9516ca2678f6aaae8e080a26a3662c0891c03
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4640b89ad8c3d0b2f461f0a2fdc32f92bea359847930664af0d5d0534e1c04a4
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4f99354072168678ad38aeb06685a45f79a18b3136378ad6680625cd60d97cd0
54bb80435ce3ae2318083218742a1812eb896a9f723eeca7d969d648c40bb039
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
582b1075b04787e0090c0d6585b647018b4a203a04cb693fe8f4f99b1a0fd1ce
58341529f6331985c1d3f44df3124f3e047a7403a5077f3311dbeae51a57846c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1f18bffa486f29df6730b9e9c9edb6e07ff76bc9f7e9ee6cfb8be7eaf7ddf7
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
672a9ad399cc43bb9249f7e53bac67a0dff2c85fe47edc6309d38117bbbfd63b
6af7f2a7319a700fa7d79c2ee318a8f468b39325b04b8740f963a2678932beeb
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
7f34893a704d4a71da0fa274dd428284f6fb17b549008ae11148b851435a3e51
7ff92102b6f813e294c4bbd27c6b2c526f69a5d13636eaecdcd94e92fffc2552
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850f66e3a3525eeadd67a295859122a1ec870b53376d34281e1a88ef06e4d225
858d3ae73f132b8f3d872db375db917a266b904a671ef12213fe898b038d9237
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a883974729df810eb42dda5ee43ba10e8a9be598ed5a97610cfa56358991e8d
8b3131e6870e949cadfc22b61edc1c9fa1aec159e5a5269d223af01310620773
8cdf15484b8fac7ba673ff0c21b82efc89484d4a1d6b5a71b5074dcca3fff87f
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
8df17bf92140c0d62dced6b505f313f18cc791ef8724b650fd22edad73f409d1
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bbffe137df9de30504c9a813fff9ee7c6b60b2e802daf9aeb7e3d476ac90614a
c540c2421660f25afa9edabf188e3409753d3d94dc01a4fd6662df787a2767f3
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
cded725ef4cb4717440ef87bbd92231dccffe2e4504b9c285938658d61f1d853
d285fae14a8b969bb0d4e5f10ea88e6ec60610d5090818b1ade3e244a03fc832
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d4995bdb0d79766a30b0c3af9ba395424f11a67b0a0dcde618c210ba2b67f3df
d723c4ceb0f73b7ebd59aa950a0324f05b8d7d109faf1f27e3b84f47c7d60e0b
d9658bca2195c58f043af25ae6d94e676a34b1d0a6fc524e28fb68bb40922733
da9ddaf5cac3f0e3e7a3b7df692dd604a9579d5a58e8f0eb08cc4e71581cbf6d
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e07b00827f5f6d2c71523bac1292216711543a067a8d0f2532454ba28266cfcb
e1d3f2ecd8f883d83fb05bca8f430a39877676475b620e6db6eccf61c5fa8daf
e35d3121e39bb7d96a8fbe1bd46b1ea79c1ce954c5e1d6cf3fb6f8117dfa7599
e3e0d3ac60eed9ba93b48649ebed7a2a5bb4c5b5425223c2aa0455c14edbc887
e55d635023217556467008ffd60527fab5337cb0620cd985c18de654dc8d0f99
e66647558738216efd2c6a0460f380175b08b7c8407dbbebde8e3f7bbe1eeefb
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ee8a8114c7658b7865e50235668f485cb48a22439d8f9afd987eb2a3f9ff1359
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f269023a49d89d46d2fab43a6a8f014112775912a166a91ad34296f802281b1a
f54a6119d3615df97b64f039557b186019f21742edd3915754aaf88aa7b4e2e9
f6ee6c21b41cae1c6850ad9b172c83ef238b42729d5e34126da6f4344a850ca5
f9714289219fcd069b4b97027f6cc40309ff4b22aa46070c4c03e77ca0df7b05
fb685b96686de6581ceab6d5651013085e9fd8cbdce3c19931efc5186e625de6
fb9950bf5f0a01a67b38064c58d15a8aff6e674e4f3c494733ffc861fe815912

minhaloja.boticario.com.br Open in urlscan Pro 143.204.98.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

99 %HTTPS

56 %IPv6

15 Domains

19 Subdomains

19 IPs

3 Countries

2087 kBTransfer

6041 kBSize

12 Cookies

1 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

minhaloja.boticario.com.br Open in urlscan Pro
143.204.98.13 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

99 %
HTTPS

56 %
IPv6

15
Domains

19
Subdomains

19
IPs

3
Countries

2087 kB
Transfer

6041 kB
Size

12
Cookies

89 HTTP transactions
1 data transactions