urlscan.io logo urlscan.io
SecurityTrails logo

tracking.totalexpress.com.br Open in urlscan Pro
184.25.50.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tracking.totalexpress.com.br/tracking/0
Effective URL: https://tracking.totalexpress.com.br/
Submission Tags: falconsandbox
Submission: On September 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 15 domains to perform 58 HTTP transactions. The main IP is 184.25.50.152, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is tracking.totalexpress.com.br.
TLS certificate: Issued by R3 on August 10th 2021. Valid for: 3 months.
This is the only time tracking.totalexpress.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 184.25.50.152 20940 (AKAMAI-ASN1)
7 18.66.112.24 16509 (AMAZON-02)
2 54.84.143.242 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 18.66.112.125 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
16 54.205.74.249 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.13.27 54113 (FASTLY)
2 162.247.243.146 13335 (CLOUDFLAR...)
58 24
2    184.25.50.152 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-50-152.deploy.static.akamaitechnologies.com
tracking.totalexpress.com.br
7    18.66.112.24 (United States)

ASN16509 (AMAZON-02, US)
static.totalexpress.com.br
2    54.84.143.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-143-242.compute-1.amazonaws.com
www11.directtalk.com.br
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
686eb51b.akstat.io
3    18.66.112.125 (United States)

ASN16509 (AMAZON-02, US)
totalexpress.com.br
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
fonts.gstatic.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
www.gstatic.com
16    54.205.74.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-74-249.compute-1.amazonaws.com
dtbot.directtalk.com.br
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Domain Requested by
16 dtbot.directtalk.com.br www11.directtalk.com.br
dtbot.directtalk.com.br
7 static.totalexpress.com.br tracking.totalexpress.com.br
static.totalexpress.com.br
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com tracking.totalexpress.com.br
www.gstatic.com
3 totalexpress.com.br tracking.totalexpress.com.br
totalexpress.com.br
2 bam-cell.nr-data.net js-agent.newrelic.com
2 www.google.de tracking.totalexpress.com.br
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www11.directtalk.com.br tracking.totalexpress.com.br
www11.directtalk.com.br
2 tracking.totalexpress.com.br 1 redirects
1 686eb51b.akstat.io s.go-mpulse.net
1 js-agent.newrelic.com tracking.totalexpress.com.br
1 fonts.googleapis.com dtbot.directtalk.com.br
1 fonts.gstatic.com www.google.com
1 maxcdn.bootstrapcdn.com www11.directtalk.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 c.go-mpulse.net s.go-mpulse.net
1 www.googleadservices.com www.googletagmanager.com
1 s.go-mpulse.net tracking.totalexpress.com.br
1 www.googletagmanager.com tracking.totalexpress.com.br
58 21

This site contains links to these domains. Also see Links.

Domain
totalexpress.com.br
Subject Issuer Validity Valid
ics.totalexpress.com.br
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
*.totalexpress.com.br
Go Daddy Secure Certificate Authority - G2		 2020-11-09 -
2021-12-11		 a year crt.sh
*.directtalk.com.br
GlobalSign RSA OV SSL CA 2018		 2021-02-22 -
2022-03-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://tracking.totalexpress.com.br/
Frame ID: D44DB88AB10AA87F008A2A79D7E6AC10
Requests: 30 HTTP requests in this frame

Frame: https://totalexpress.com.br/iframe-login/
Frame ID: 9093689AF06E163FFBECC246EF33B149
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&co=aHR0cHM6Ly90cmFja2luZy50b3RhbGV4cHJlc3MuY29tLmJyOjQ0Mw..&hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=normal&cb=tvv33o7gulmt
Frame ID: 24B9054D2E9D37912D24260884A27FB4
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&cb=4t7fe01g3zmr
Frame ID: E104A4F941D179A692ECF8311EAE838C
Requests: 3 HTTP requests in this frame

Frame: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Frame ID: 9ECD52F780CB3E82F682E704EE9EDE19
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Total Express- Tracking

Page URL History Show full URLs

  1. https://tracking.totalexpress.com.br/tracking/0 HTTP 302
    https://tracking.totalexpress.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

58
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

21
Subdomains

24
IPs

3
Countries

1565 kB
Transfer

2956 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tracking.totalexpress.com.br/tracking/0 HTTP 302
    https://tracking.totalexpress.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tracking.totalexpress.com.br/
Redirect Chain
  • https://tracking.totalexpress.com.br/tracking/0
  • https://tracking.totalexpress.com.br/
25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.50.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-50-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87137507d3613f14cffc3948598a6f6e6937e1e4de4855ee921bbf36f0d2f4c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tracking.totalexpress.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AWSALB=zUhUgmRl3qTy8F2GKuFKH5dVqBVv9UDq+r4BIclJYxjq9Uu1Byo/JMyn+qy5/ngzJG/rjGHOBzA1AXrUJHzJGWjp3pIAZuvLurfYe81h49erDZ977/ccuhxEBdAF; AWSALBCORS=zUhUgmRl3qTy8F2GKuFKH5dVqBVv9UDq+r4BIclJYxjq9Uu1Byo/JMyn+qy5/ngzJG/rjGHOBzA1AXrUJHzJGWjp3pIAZuvLurfYe81h49erDZ977/ccuhxEBdAF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-encoding
gzip
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
x-akamai-transformed
9 7069 0 pmb=mRUM,1
expires
Mon, 06 Sep 2021 08:17:06 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 06 Sep 2021 08:17:06 GMT
content-length
8933
set-cookie
AWSALB=IYJ7tEhNfYrXSBcHSjoEqGIPA0O7JDd7jyy9dgcFKtodE1D6lCGUYxgjcvz4sW7DtCAyS30QK95+U6mqS0MQONv9wddSNPkGpkxSoiGlRHb63cF7Po1CJm0nGXTR; Expires=Mon, 13 Sep 2021 08:17:06 GMT; Path=/ AWSALBCORS=IYJ7tEhNfYrXSBcHSjoEqGIPA0O7JDd7jyy9dgcFKtodE1D6lCGUYxgjcvz4sW7DtCAyS30QK95+U6mqS0MQONv9wddSNPkGpkxSoiGlRHb63cF7Po1CJm0nGXTR; Expires=Mon, 13 Sep 2021 08:17:06 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6ImJyRDQreUwrV2lYRlB3NENibUxiQUE9PSIsInZhbHVlIjoiTEY4dWhVK1BGa2xHNk5IczF1TkNjRDgyQzQrM3hBYmdHeFdvQW9ZdTVWY3JBZ1ZzczlkcDNcL0dxVWJwWlNGSHAxM20yMEpIbWFzK1lpWExvclpYOW1IdTZZdEdzK0FUTlh4b1ZTbVpRV256QmNhSmVHZkFUQVYrMWU5U1BMM2g5IiwibWFjIjoiZWJkZDg0ZDZhMWIwYmZiMzZmZTBhNGUxYzM0Yjg4NGFmNzE4NDA5MWVkNTk1OTVhNGQyY2I5YWFhNDE3NWZiZSJ9; expires=Mon, 06-Sep-2021 10:17:06 GMT; Max-Age=7200; path=/ rastreio_session=eyJpdiI6Ijk2ZjJuXC9CNHAyMVwvOWhjOHpHK0NCUT09IiwidmFsdWUiOiJcLzVvSUtDdXF1anh3UTYxME4xMVBLaUs5Z09rSmJ5czJTeGJzQ01yVnY5bWwxaUVBTEdkQ2JiejQrOVZ6Z2RtYmlMYVRWRGU2K1U1MW1LMStqZkJjVXRZNEZPWU9kaXYyNkE1RXA1Yk1uSkhqNlFsXC9peXJ4allzVmdBV0dVWTlnIiwibWFjIjoiZGRkNjljMDc0NTc1OTNmZTU3ZjJlNjc4ZTYxYjk2NTQ3NjM0ZDc2Y2NiNGQ4NzFhOTExMjU1MGQzYjFhYzY5NCJ9; expires=Mon, 06-Sep-2021 10:17:06 GMT; Max-Age=7200; path=/; httponly
server-timing
cdn-cache; desc=MISS edge; dur=755 origin; dur=46

Redirect headers

content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
location
https://tracking.totalexpress.com.br
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
expires
Mon, 06 Sep 2021 08:17:05 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 06 Sep 2021 08:17:05 GMT
set-cookie
AWSALB=zUhUgmRl3qTy8F2GKuFKH5dVqBVv9UDq+r4BIclJYxjq9Uu1Byo/JMyn+qy5/ngzJG/rjGHOBzA1AXrUJHzJGWjp3pIAZuvLurfYe81h49erDZ977/ccuhxEBdAF; Expires=Mon, 13 Sep 2021 08:17:05 GMT; Path=/ AWSALBCORS=zUhUgmRl3qTy8F2GKuFKH5dVqBVv9UDq+r4BIclJYxjq9Uu1Byo/JMyn+qy5/ngzJG/rjGHOBzA1AXrUJHzJGWjp3pIAZuvLurfYe81h49erDZ977/ccuhxEBdAF; Expires=Mon, 13 Sep 2021 08:17:05 GMT; Path=/; SameSite=None; Secure
server-timing
cdn-cache; desc=MISS edge; dur=1218 origin; dur=37
style.min.css
static.totalexpress.com.br/site-tracking/site/ 		264 KB
265 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.totalexpress.com.br/site-tracking/site/style.min.css
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2f7eff2996bb84dd00b02b188723e7d7aa33d972742579ee099cb0c6309cdce

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 15:54:48 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 20:53:17 GMT
server
AmazonS3
age
58939
etag
"45c4ff41e2d35f7ad9295aadac368ca8"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
270672
x-amz-cf-id
U0rMUbPMQ2Ue-oAZ5CWANdwXBs2naQxsUndii1iank9SKA1U1oKSjg==
steps-encomenda.css
static.totalexpress.com.br/site-tracking/site/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.totalexpress.com.br/site-tracking/site/steps-encomenda.css
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94de7a402608571a3b834173d9d410288cf34f09cf001b4f440dbdc5bc90c1be

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 11:41:50 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 20:53:18 GMT
server
AmazonS3
age
74117
etag
"ac94e1798447d3b2d4d6eb5b920edd60"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
3939
x-amz-cf-id
en7KXJbqSdWJIeyut5awBzw4HYeM2OLzB9mO-7pql-Kt-aar_rieXw==
logo-total-express-slogan.svg
static.totalexpress.com.br/site-tracking/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.totalexpress.com.br/site-tracking/img/logo-total-express-slogan.svg
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1af96f10dab798a887de88b9cd72b0d0d573b099f178e8bb60021997b9792de1

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 10:32:57 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 14:37:55 GMT
server
AmazonS3
age
78250
etag
"99ef065ed36070fb520d60eecff0a70d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
17459
x-amz-cf-id
3RDgB3iw28Ll5JMaWGo1VN1BUlWE-uVBSij0So0LzcLS_5jL58a2fg==
jquery.js
static.totalexpress.com.br/site-tracking/site/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.totalexpress.com.br/site-tracking/site/jquery.js
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29626ecdc34286521ccb073211d00747e93a36039d84ee2b692a71c0aec51828

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 10:32:55 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 20:53:15 GMT
server
AmazonS3
age
78252
etag
"26249f4c8a410c919f3ecdc4ff08a3cb"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
89258
x-amz-cf-id
s0j32-gPm1e29Kvx9oqnh2yogC45bKyirKZg67EUDbbTtwkMt2wsDw==
imask.js
static.totalexpress.com.br/site-tracking/site/ 		61 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.totalexpress.com.br/site-tracking/site/imask.js
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26a33d7669a55ceb05ec640ace4ff1b3b3c977e068d396871288dff84720e677

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 18:03:38 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 20:53:19 GMT
server
AmazonS3
age
51209
etag
"d94be758d01685da3973d2d666540402"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
62412
x-amz-cf-id
YAYFoy3acYDDWfUvUDfxnfR1lwhe__rhDh0GG7X6SP7GwcgpSuTM9A==
bootstrap.js
static.totalexpress.com.br/site-tracking/site/ 		82 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.totalexpress.com.br/site-tracking/site/bootstrap.js
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f16512db72b19fa8db4b7924c796608c696b77d2db65208227403c1778ce14

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 13:24:25 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 20:53:19 GMT
server
AmazonS3
age
67962
etag
"6aeff46f1b43487fdd1ac38a7d4fb3eb"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
83675
x-amz-cf-id
YYLg8TZ_TRKmAUnBIpA-Iw4upNfQM9s9E9K-WlQHiGe9jhQRDZoB8w==
widget.min.js
www11.directtalk.com.br/clientes_P05/custom/TotalExpress/area_aberta/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www11.directtalk.com.br/clientes_P05/custom/TotalExpress/area_aberta/widget.min.js
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.143.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-143-242.compute-1.amazonaws.com
Software
/
Resource Hash
79ada0a17901c68f5253352a620a65ae2e6a77231086998294f8049f63a0037b
Security Headers
Name Value
Strict-Transport-Security : max-age=900; includeSubDomains

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 06 Sep 2021 08:17:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jan 2020 14:10:11 GMT
ETag
"87406bfc76d7d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Strict-Transport-Security
: max-age=900; includeSubDomains
Accept-Ranges
bytes
Content-Length
993
api.js
www.google.com/recaptcha/ 		853 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=pt-BR
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f64ec58601cd4519cd6564ec70447f557b74dee6ee681aa5d3eeba914f0337a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
559
x-xss-protection
1; mode=block
expires
Mon, 06 Sep 2021 08:17:06 GMT
gtm.js
www.googletagmanager.com/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KV4577B
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0809b5e4ac4a2a02efdf3d9dd3fee077f8db5f5ee898375e49cbe150b6837f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43064
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Sep 2021 08:17:06 GMT
48UEA-VZPK4-UARLK-9SR63-X7M68
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/48UEA-VZPK4-UARLK-9SR63-X7M68
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:06 GMT
content-encoding
br
last-modified
Fri, 03 Sep 2021 03:53:54 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
/
totalexpress.com.br/iframe-login/ Frame 9093 		833 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalexpress.com.br/iframe-login/
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) PHP/7.2.24 / PHP/7.2.24
Resource Hash
f99f5152917161ad17d573b35f6f8f18b82e5302936e28b3f78252d14c5709fc

Request headers

:method
GET
:authority
totalexpress.com.br
:scheme
https
:path
/iframe-login/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tracking.totalexpress.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://tracking.totalexpress.com.br/

Response headers

content-type
text/html; charset=UTF-8
content-length
833
date
Mon, 06 Sep 2021 08:17:08 GMT
server
Apache/2.4.41 (Amazon) PHP/7.2.24
x-powered-by
PHP/7.2.24
link
<https://totalexpress.com.br/wp-json/>; rel="https://api.w.org/" <https://totalexpress.com.br/wp-json/wp/v2/pages/2428>; rel="alternate"; type="application/json" <https://totalexpress.com.br/?p=2428>; rel=shortlink
x-cache
Miss from cloudfront
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
_VR_i_6wjdZ_dDt8O9MXVCOKdI5mh-xC8AO595SgKX9CQOTFX-Pw4A==
RobotoRegular.otf
static.totalexpress.com.br/site-tracking/fonts/ 		155 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.totalexpress.com.br/site-tracking/fonts/RobotoRegular.otf?d3abb520fbc5a5a4bf911724c694d8ee
Requested by
Host: static.totalexpress.com.br
URL: https://static.totalexpress.com.br/site-tracking/site/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9970a36c2e5c04cf9c9d9eec556d1e82563021aac3ec2513039aa86bb01ee3e

Request headers

Origin
https://tracking.totalexpress.com.br
Referer
https://static.totalexpress.com.br/site-tracking/site/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 15:54:12 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 14:39:59 GMT
server
AmazonS3
age
58976
etag
"d3abb520fbc5a5a4bf911724c694d8ee"
access-control-allow-methods
GET, POST, PUT, DELETE, HEAD
content-type
application/vnd.oasis.opendocument.formula-template
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
158452
x-amz-cf-id
tp4MnNMrvYqgISWvJoqIw4ADFTQZAaAiTIX06NUk7eXvmNDHKS0L0A==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV4577B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5107
date
Mon, 06 Sep 2021 06:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 06 Sep 2021 08:52:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV4577B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14079
x-xss-protection
0
server
cafe
etag
18326714422570925345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 08:17:07 GMT
config.json
c.go-mpulse.net/api/ 		957 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=48UEA-VZPK4-UARLK-9SR63-X7M68&d=tracking.totalexpress.com.br&t=5436387&v=1.720.0&sl=0&si=f69bee53-abfd-470a-af10-660eb3ac3f9f-qz070g&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=711134
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/48UEA-VZPK4-UARLK-9SR63-X7M68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4a7ef3a0a4a32e7be96a039a9ea1485cf4185d6371a9ddea364e66a4dc2b1976

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 06 Sep 2021 08:17:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
527
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1846850083&t=pageview&_s=1&dl=https%3A%2F%2Ftracking.totalexpress.com.br%2F&ul=en-us&de=UTF-8&dt=Total%20Express-%20Tracking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1578422609&gjid=1523526613&cid=1684019254.1630916227&tid=UA-63160336-2&_gid=409024501.1630916227&_r=1&gtm=2wg910KV4577B&z=153000418
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 08:17:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tracking.totalexpress.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/866187978/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/866187978/?random=1630916227222&cv=9&fst=1630916227222&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftracking.totalexpress.com.br%2F&tiba=Total%20Express-%20Tracking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f2f3053b7cdb621e8fd0b0690397c105c09885e53116a7fb43f3b0d056f67df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 08:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
998
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-63160336-2&cid=1684019254.1630916227&jid=1578422609&gjid=1523526613&_gid=409024501.1630916227&_u=YEBAAEAAAAAAAC~&z=136807194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 06 Sep 2021 08:17:07 GMT
content-type
text/plain
access-control-allow-origin
https://tracking.totalexpress.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/866187978/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/866187978/?random=1630916227222&cv=9&fst=1630915200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2Ftracking.totalexpress.com.br%2F&tiba=Total%20Express-%20Tracking&async=1&fmt=3&is_vtc=1&random=3549922113&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 08:17:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/866187978/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/866187978/?random=1630916227222&cv=9&fst=1630915200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2Ftracking.totalexpress.com.br%2F&tiba=Total%20Express-%20Tracking&async=1&fmt=3&is_vtc=1&random=3549922113&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 08:17:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63160336-2&cid=1684019254.1630916227&jid=1578422609&_u=YEBAAEAAAAAAAC~&z=1394578435
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 08:17:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63160336-2&cid=1684019254.1630916227&jid=1578422609&_u=YEBAAEAAAAAAAC~&z=1394578435
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 08:17:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
www11.directtalk.com.br/clientes/custom/TotalExpress/area_aberta/ 		1 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www11.directtalk.com.br/clientes/custom/TotalExpress/area_aberta/style.css
Requested by
Host: www11.directtalk.com.br
URL: https://www11.directtalk.com.br/clientes_P05/custom/TotalExpress/area_aberta/widget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.143.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-143-242.compute-1.amazonaws.com
Software
/
Resource Hash
b6bfa3d2195928f4615d7a7908d8a382f5ad8b9eca9a7bf9f1242926a8670a6b
Security Headers
Name Value
Strict-Transport-Security : max-age=900; includeSubDomains

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 06 Sep 2021 08:17:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Oct 2020 17:27:27 GMT
ETag
"46e4239b4fadd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Strict-Transport-Security
: max-age=900; includeSubDomains
Accept-Ranges
bytes
Content-Length
632
dtbot.js
dtbot.directtalk.com.br/1.0/staticbot/dist/js/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/dtbot.js?token=31f9746c-6046-4204-88b0-d8c69759e715&widget=true&top=40&text=Alguma%20d%C3%BAvida%3F&textcolor=ffffff&bgcolor=4E1D3A&from=bottomRight
Requested by
Host: www11.directtalk.com.br
URL: https://www11.directtalk.com.br/clientes_P05/custom/TotalExpress/area_aberta/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
19ace9baa72a2f7adf2df9bf36f6ddbdf5330d3d38ec423416ed3c08935efcfa
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:07 GMT
content-encoding
gzip
etag
"8062c4162e9fd71:0"
last-modified
Wed, 01 Sep 2021 12:37:13 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
15343
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=pt-BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28dd55c9adc2134075aeaaae892d916c0474b3bd10e26acd7a0dde8dbbac5dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tracking.totalexpress.com.br
Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 23:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136917
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 23:43:39 GMT
anchor
www.google.com/recaptcha/api2/ Frame 24B9 		40 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&co=aHR0cHM6Ly90cmFja2luZy50b3RhbGV4cHJlc3MuY29tLmJyOjQ0Mw..&hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=normal&cb=tvv33o7gulmt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__pt_br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6e084b4589a45e18cff144f196d260bf86879abd61f4b0400fc8f6cd341488a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jprb6LBiXyIJ9bm91rG74A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&co=aHR0cHM6Ly90cmFja2luZy50b3RhbGV4cHJlc3MuY29tLmJyOjQ0Mw..&hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=normal&cb=tvv33o7gulmt
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tracking.totalexpress.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://tracking.totalexpress.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 06 Sep 2021 08:17:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-Jprb6LBiXyIJ9bm91rG74A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21182
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www11.directtalk.com.br
URL: https://www11.directtalk.com.br/clientes/custom/TotalExpress/area_aberta/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www11.directtalk.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
2808861
cdn-cachedat
2021-07-24 08:09:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
40b2c5e257c44c41b18e54bb6d5c182e
cf-ray
68a64256bd67073e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 24B9 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&co=aHR0cHM6Ly90cmFja2luZy50b3RhbGV4cHJlc3MuY29tLmJyOjQ0Mw..&hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=normal&cb=tvv33o7gulmt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 07:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 07:51:48 GMT
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 24B9 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&co=aHR0cHM6Ly90cmFja2luZy50b3RhbGV4cHJlc3MuY29tLmJyOjQ0Mw..&hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=normal&cb=tvv33o7gulmt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28dd55c9adc2134075aeaaae892d916c0474b3bd10e26acd7a0dde8dbbac5dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 23:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136917
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 23:43:39 GMT
truncated
/ Frame 24B9 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 24B9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 24B9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:00:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
220604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Fri, 10 Sep 2021 19:00:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24B9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&co=aHR0cHM6Ly90cmFja2luZy50b3RhbGV4cHJlc3MuY29tLmJyOjQ0Mw..&hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=normal&cb=tvv33o7gulmt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 11:21:30 GMT
x-content-type-options
nosniff
age
248137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 11:21:30 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 24B9 		105 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3574d0e558ae58c7d773349e7d5a31979a2b18d22f12d90cd24d7573058e3ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&co=aHR0cHM6Ly90cmFja2luZy50b3RhbGV4cHJlc3MuY29tLmJyOjQ0Mw..&hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=normal&cb=tvv33o7gulmt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
1; mode=block
expires
Mon, 06 Sep 2021 08:17:07 GMT
bframe
www.google.com/recaptcha/api2/ Frame E104 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&cb=4t7fe01g3zmr
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__pt_br.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c280eb5211d7c685c6644fe0943ddea9e3cd5f117427041df8706ed93466152e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5nBCeB5bHAC92eeikwTQFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&cb=4t7fe01g3zmr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tracking.totalexpress.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://tracking.totalexpress.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 06 Sep 2021 08:17:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-5nBCeB5bHAC92eeikwTQFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1114
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
dtbot.directtalk.com.br/1.0/staticbot/dist/ Frame 9ECD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/dtbot.js?token=31f9746c-6046-4204-88b0-d8c69759e715&widget=true&top=40&text=Alguma%20d%C3%BAvida%3F&textcolor=ffffff&bgcolor=4E1D3A&from=bottomRight
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
37a3af6c47026865624f369765515d8267bb4ccedbe1cde957e1f63112cc242e
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

:method
GET
:authority
dtbot.directtalk.com.br
:scheme
https
:path
/1.0/staticbot/dist/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tracking.totalexpress.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://tracking.totalexpress.com.br/

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-type
text/html
content-length
988
cache-control
max-age=60
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 12:37:13 GMT
accept-ranges
bytes
etag
"1335eb162e9fd71:0"
vary
Accept-Encoding
server
x-powered-by
strict-transport-security
max-age=900; includeSubDomains
access-control-allow-origin
https://cdn-bot.hiplatform.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame E104 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&cb=4t7fe01g3zmr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 07:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 07:51:48 GMT
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame E104 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LePkvwUAAAAAJa1AIi8Tn1yG6hUS9RBIphP5M9Z&cb=4t7fe01g3zmr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28dd55c9adc2134075aeaaae892d916c0474b3bd10e26acd7a0dde8dbbac5dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 23:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136917
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 23:43:39 GMT
style.css
dtbot.directtalk.com.br/1.0/staticbot/dist/css/ Frame 9ECD 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/css/style.css
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
c8c6e3d072fb1e200580139d448256bc93a1e0464f020950be1359bf42b71888
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"04598122e9fd71:0"
last-modified
Wed, 01 Sep 2021 12:37:06 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
text/css
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
5339
babel-polyfill.min.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/babel-polyfill.min.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
41cfee28748874aa3d153d69d9270064c96b9ab3e7474de25ddda47c758922f2
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
34537
iframeResizer.contentWindow.min.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/iframeResizer.contentWindow.min.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
67955a40b9f659a6ddb2626564ab0bf0b593c7e89e712b0dd077b02687bb523a
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
5067
TinyAnimate.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/TinyAnimate.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
76a457c53df7045ea04e21ede6e75a8baf943cc8da002a51e644a056e5692ef9
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
1190
angular.min.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		106 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
5dada31deadba8ac70f2548c029ac2453b90fd40b4ecb81e69154ec574fe1d13
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
40198
angular-route.min.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular-route.min.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
7e620beceaf8dab4d21b279a5f3cb170a1bd6e02886a788763bf085a2bcc4b01
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
1857
angular-sanitize.min.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular-sanitize.min.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
63b99052991d4b47e6476574bc5bcc2286c97dacde480884fc9ddab959b9738c
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
2392
fingerprint.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/fingerprint.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
9770def081a74a77c5baf49c1bda96673cf95753182000f4986f81fcde14c9e9
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
1679
ng-file-upload-shim.min.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ng-file-upload-shim.min.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
fd5095e2ab7694bcc797a7f938e0b00ef12525be3e8fb4e0c696328770aae784
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
2615
ng-file-upload.min.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ng-file-upload.min.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
dc643015c4e29b9f737f5b01a41e1439a349a65ff1048bcd6209545edcfe26b5
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
12227
xss.js
dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/ Frame 9ECD 		54 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/xss.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
cf2640cfc90cc4661c25f3f447e7f51336f8b62deb738d6d7023bf1f0a6ac83f
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"808f84e76c7ad71:0"
last-modified
Fri, 16 Jul 2021 18:03:39 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
10914
app.js
dtbot.directtalk.com.br/1.0/staticbot/dist/js/ Frame 9ECD 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/app.js
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
c88d38f6b5a5844fa389165701c61e7d177151279dbe1c7945790a1a0342fef5
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"8062c4162e9fd71:0"
last-modified
Wed, 01 Sep 2021 12:37:13 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
application/javascript
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
27635
hibot_logo.png
dtbot.directtalk.com.br/1.0/staticbot/dist/img/ Frame 9ECD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/img/hibot_logo.png
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
0bc7488ab76e3b9c726a55bd28f043a673e5fbdb359d35620f1187822bca4826
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
etag
"72a2be61eb8ad71:0"
last-modified
Fri, 06 Aug 2021 17:49:19 GMT
server
x-powered-by
strict-transport-security
max-age=900; includeSubDomains
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
image/png
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
3935
css
fonts.googleapis.com/ Frame 9ECD 		4 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500,300&display=swap
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2ab283b712bede7e825e2be7e3a44f81ad6e7b2739303ad16a4c20c2dccadc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dtbot.directtalk.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 08:17:08 GMT
server
ESF
date
Mon, 06 Sep 2021 08:17:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Sep 2021 08:17:08 GMT
final-totalexpress-reclameaqui-468x58-1.png
totalexpress.com.br/wp-content/uploads/2021/09/ Frame 9093 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalexpress.com.br/wp-content/uploads/2021/09/final-totalexpress-reclameaqui-468x58-1.png
Requested by
Host: totalexpress.com.br
URL: https://totalexpress.com.br/iframe-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) PHP/7.2.24 /
Resource Hash
28212b17f0b190ccdb1ac89d8373b013af0cff56035bfeb5f1b9dc9f510a7a9e

Request headers

Referer
https://totalexpress.com.br/iframe-login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:09 GMT
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 13:05:50 GMT
server
Apache/2.4.41 (Amazon) PHP/7.2.24
x-amz-cf-pop
FRA56-P5
etag
"a6cd-5caeeb9b18780"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
42701
x-amz-cf-id
TnQv2olwNs5077-sPyIWzIFIb0h4n0dl7RCFIP-ZQGMMdhjSPrnLgA==
final-totalexpress-reclameaqui-320x50-1.png
totalexpress.com.br/wp-content/uploads/2021/09/ Frame 9093 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalexpress.com.br/wp-content/uploads/2021/09/final-totalexpress-reclameaqui-320x50-1.png
Requested by
Host: totalexpress.com.br
URL: https://totalexpress.com.br/iframe-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) PHP/7.2.24 /
Resource Hash
43d1651283bb0c130d37f1b9efb7f55266ca55205e970fa4162e09782df110eb

Request headers

Referer
https://totalexpress.com.br/iframe-login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:09 GMT
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 13:05:48 GMT
server
Apache/2.4.41 (Amazon) PHP/7.2.24
x-amz-cf-pop
FRA56-P5
etag
"6acc-5caeeb9930300"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27340
x-amz-cf-id
TFwdljdqWd7eNSGpbBPyn5BwXuUlt7UPqlDMDdBYj4RpP_4kNqwtlw==
emptystate.html
dtbot.directtalk.com.br/1.0/staticbot/dist/partials/ Frame 9ECD 		34 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dtbot.directtalk.com.br/1.0/staticbot/dist/partials/emptystate.html
Requested by
Host: dtbot.directtalk.com.br
URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.74.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-74-249.compute-1.amazonaws.com
Software
/
Resource Hash
2241946401d29c536ca169a4a4cfea3731b575fc94f943844a9b7b98ef66f089
Security Headers
Name Value
Strict-Transport-Security max-age=900; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://dtbot.directtalk.com.br/1.0/staticbot/dist/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:17:08 GMT
content-encoding
gzip
etag
"33ee4162e9fd71:0"
last-modified
Wed, 01 Sep 2021 12:37:13 GMT
server
x-powered-by
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, HEAD
content-type
text/html
access-control-allow-origin
https://cdn-bot.hiplatform.com
cache-control
max-age=60
strict-transport-security
max-age=900; includeSubDomains
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, customer-session, user-name, customer-fingerprint, agentname, template
content-length
149
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: tracking.totalexpress.com.br
URL: https://tracking.totalexpress.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
H89KM1RV4S7TFTBC
x-cache
HIT
content-length
11781
x-amz-id-2
2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by
cache-fra19173-FRA
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1630916229.334508,VS0,VE0
date
Mon, 06 Sep 2021 08:17:09 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4331
/
686eb51b.akstat.io/ 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://686eb51b.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/48UEA-VZPK4-UARLK-9SR63-X7M68
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 06 Sep 2021 08:17:09 GMT
content-type
image/gif
access-control-allow-origin
https://tracking.totalexpress.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Mon, 06 Sep 2021 08:17:09 GMT
b5fc59aa22
bam-cell.nr-data.net/1/ 		49 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/b5fc59aa22?a=743809208&v=1210.e2a3f80&to=YVYGNUNSCxYFVxdeWlgcJQJFWgoLS0QGRERDWhcA&rst=5167&ck=1&ref=https://tracking.totalexpress.com.br/&ap=40&be=2208&fe=5081&dc=3203&perf=%7B%22timing%22:%7B%22of%22:1630916224241,%22n%22:0,%22r%22:0,%22re%22:1362,%22f%22:1362,%22dn%22:1362,%22dne%22:1362,%22c%22:1362,%22ce%22:1362,%22rq%22:1367,%22rp%22:2198,%22rpe%22:2199,%22dl%22:2201,%22di%22:3202,%22ds%22:3203,%22de%22:3203,%22dc%22:5081,%22l%22:5081,%22le%22:5082%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=2774&fcp=2774&at=TREFQwtIGBg%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 06 Sep 2021 08:17:09 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVTCAQHUVBSFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoLAFcBU3RMB05WAhtDUVUAAFRdV1FUVAdfVgYFUUBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
68a64261da152788-PRG
b5fc59aa22
bam-cell.nr-data.net/events/1/ 		24 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/b5fc59aa22?a=743809208&v=1210.e2a3f80&to=YVYGNUNSCxYFVxdeWlgcJQJFWgoLS0QGRERDWhcA&rst=15115&ck=1&ref=https://tracking.totalexpress.com.br/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://tracking.totalexpress.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 06 Sep 2021 08:17:19 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://tracking.totalexpress.com.br
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
68a642a06eb12788-PRG
Content-Length
24

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| dataLayer string| BOOMR_API_key object| BOOMR function| $ function| jQuery function| IMask object| bootstrap object| google_tag_manager function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| maskCpfOuCnpj function| recaptchaCallback object| recaptcha object| closure_lm_100998 function| _classCallCheck function| _extends function| _createClass object| TinyAnimate function| iFrameResize object| HiBot object| DTBOT object| _launchers number| BOOMR_onload

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: https://www11.directtalk.com.br/clientes_P05/custom/TotalExpress/area_aberta/widget.min.js(Line 1)
Message:
[object HTMLBodyElement]
console-api warning URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/dtbot.js?token=31f9746c-6046-4204-88b0-d8c69759e715&widget=true&top=40&text=Alguma%20d%C3%BAvida%3F&textcolor=ffffff&bgcolor=4E1D3A&from=bottomRight(Line 2)
Message:
[iFrameSizer][Host page: dtbot-iframe] Deprecated: 'resizedCallback' has been renamed 'onResized'. The old method will be removed in the next major version.
console-api warning URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/dtbot.js?token=31f9746c-6046-4204-88b0-d8c69759e715&widget=true&top=40&text=Alguma%20d%C3%BAvida%3F&textcolor=ffffff&bgcolor=4E1D3A&from=bottomRight(Line 2)
Message:
[iFrameSizer][Host page: dtbot-iframe] Deprecated: 'messageCallback' has been renamed 'onMessage'. The old method will be removed in the next major version.
console-api error URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js(Line 93)
Message:
TypeError: Cannot read property 'dt.bot.customer' of null at Object.get (https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/app.js:4:6093) at c.<anonymous> (https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/app.js:4:23857) at d (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:36) at Object.instantiate (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:165) at Object.<anonymous> (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:435) at Object.d [as invoke] (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:36) at https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:36:288 at c (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:34:305) at Object.d [as invoke] (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:6) at https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:44:396
console-api error URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js(Line 93)
Message:
TypeError: Cannot read property 'dt.bot.customer' of null at Object.get (https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/app.js:4:6093) at c.<anonymous> (https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/app.js:4:23857) at d (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:36) at Object.instantiate (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:165) at Object.<anonymous> (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:435) at Object.d [as invoke] (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:36) at https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:36:288 at c (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:34:305) at d (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:6) at Object.instantiate (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:165)
console-api error URL: https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js(Line 93)
Message:
TypeError: Cannot read property 'dt.bot.customer' of null at Object.get (https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/app.js:4:6093) at c.<anonymous> (https://dtbot.directtalk.com.br/1.0/staticbot/dist/js/app.js:4:23857) at d (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:36) at Object.instantiate (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:165) at Object.<anonymous> (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:435) at Object.d [as invoke] (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:36) at https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:36:288 at c (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:34:305) at d (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:6) at Object.instantiate (https://dtbot.directtalk.com.br/1.0/staticbot/dist/vendors/angular.min.js:35:165)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

686eb51b.akstat.io
bam-cell.nr-data.net
c.go-mpulse.net
dtbot.directtalk.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
s.go-mpulse.net
static.totalexpress.com.br
stats.g.doubleclick.net
totalexpress.com.br
tracking.totalexpress.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www11.directtalk.com.br
142.250.186.66
151.101.13.27
162.247.243.146
18.66.112.125
18.66.112.24
184.25.50.152
2606:4700::6812:bcf
2a00:1450:4001:802::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9c
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
54.205.74.249
54.84.143.242
0809b5e4ac4a2a02efdf3d9dd3fee077f8db5f5ee898375e49cbe150b6837f34
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0bc7488ab76e3b9c726a55bd28f043a673e5fbdb359d35620f1187822bca4826
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
19ace9baa72a2f7adf2df9bf36f6ddbdf5330d3d38ec423416ed3c08935efcfa
1af96f10dab798a887de88b9cd72b0d0d573b099f178e8bb60021997b9792de1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f2f3053b7cdb621e8fd0b0690397c105c09885e53116a7fb43f3b0d056f67df
2241946401d29c536ca169a4a4cfea3731b575fc94f943844a9b7b98ef66f089
26a33d7669a55ceb05ec640ace4ff1b3b3c977e068d396871288dff84720e677
28212b17f0b190ccdb1ac89d8373b013af0cff56035bfeb5f1b9dc9f510a7a9e
28dd55c9adc2134075aeaaae892d916c0474b3bd10e26acd7a0dde8dbbac5dda
29626ecdc34286521ccb073211d00747e93a36039d84ee2b692a71c0aec51828
37a3af6c47026865624f369765515d8267bb4ccedbe1cde957e1f63112cc242e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41cfee28748874aa3d153d69d9270064c96b9ab3e7474de25ddda47c758922f2
41f16512db72b19fa8db4b7924c796608c696b77d2db65208227403c1778ce14
43d1651283bb0c130d37f1b9efb7f55266ca55205e970fa4162e09782df110eb
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a7ef3a0a4a32e7be96a039a9ea1485cf4185d6371a9ddea364e66a4dc2b1976
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5dada31deadba8ac70f2548c029ac2453b90fd40b4ecb81e69154ec574fe1d13
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
63b99052991d4b47e6476574bc5bcc2286c97dacde480884fc9ddab959b9738c
67955a40b9f659a6ddb2626564ab0bf0b593c7e89e712b0dd077b02687bb523a
6e084b4589a45e18cff144f196d260bf86879abd61f4b0400fc8f6cd341488a0
76a457c53df7045ea04e21ede6e75a8baf943cc8da002a51e644a056e5692ef9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ada0a17901c68f5253352a620a65ae2e6a77231086998294f8049f63a0037b
7e620beceaf8dab4d21b279a5f3cb170a1bd6e02886a788763bf085a2bcc4b01
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87137507d3613f14cffc3948598a6f6e6937e1e4de4855ee921bbf36f0d2f4c4
94de7a402608571a3b834173d9d410288cf34f09cf001b4f440dbdc5bc90c1be
9770def081a74a77c5baf49c1bda96673cf95753182000f4986f81fcde14c9e9
a3574d0e558ae58c7d773349e7d5a31979a2b18d22f12d90cd24d7573058e3ff
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
b6bfa3d2195928f4615d7a7908d8a382f5ad8b9eca9a7bf9f1242926a8670a6b
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
c280eb5211d7c685c6644fe0943ddea9e3cd5f117427041df8706ed93466152e
c2ab283b712bede7e825e2be7e3a44f81ad6e7b2739303ad16a4c20c2dccadc7
c88d38f6b5a5844fa389165701c61e7d177151279dbe1c7945790a1a0342fef5
c8c6e3d072fb1e200580139d448256bc93a1e0464f020950be1359bf42b71888
cf2640cfc90cc4661c25f3f447e7f51336f8b62deb738d6d7023bf1f0a6ac83f
dc643015c4e29b9f737f5b01a41e1439a349a65ff1048bcd6209545edcfe26b5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2f7eff2996bb84dd00b02b188723e7d7aa33d972742579ee099cb0c6309cdce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64ec58601cd4519cd6564ec70447f557b74dee6ee681aa5d3eeba914f0337a3
f9970a36c2e5c04cf9c9d9eec556d1e82563021aac3ec2513039aa86bb01ee3e
f99f5152917161ad17d573b35f6f8f18b82e5302936e28b3f78252d14c5709fc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd5095e2ab7694bcc797a7f938e0b00ef12525be3e8fb4e0c696328770aae784