urlscan.io logo urlscan.io
SecurityTrails logo

catalogo.boticario.com.br Open in urlscan Pro
108.157.4.110  Public Scan

Go To Rescan Add Verdict Report
URL: https://catalogo.boticario.com.br/
Submission: On December 23 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 48 HTTP transactions. The main IP is 108.157.4.110, located in United States and belongs to AMAZON-02, US. The main domain is catalogo.boticario.com.br.
TLS certificate: Issued by Amazon on November 26th 2021. Valid for: a year.
This is the only time catalogo.boticario.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 108.157.4.110 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 108.157.4.113 16509 (AMAZON-02)
1 108.157.4.121 16509 (AMAZON-02)
1 2a00:1450:401... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 18.66.112.6 16509 (AMAZON-02)
1 108.157.4.7 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 162.247.242.18 23467 (NEWRELIC-...)
48 18
21    108.157.4.110 (United States)

ASN16509 (AMAZON-02, US)
catalogo.boticario.com.br
5    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
gb-assets.grupoboticario.digital
1    108.157.4.121 (United States)

ASN16509 (AMAZON-02, US)
minhaloja-resources.grupoboticario.digital
1    2a00:1450:4019:806::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6816:1a9f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-global.configcat.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.157.4.128 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net
script.hotjar.com
1    108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
Domain Requested by
21 catalogo.boticario.com.br catalogo.boticario.com.br
5 cdn.cookielaw.org catalogo.boticario.com.br
2 bam.nr-data.net catalogo.boticario.com.br
2 fonts.gstatic.com fonts.googleapis.com
2 script.hotjar.com catalogo.boticario.com.br
2 www.google-analytics.com catalogo.boticario.com.br
2 cdn-global.configcat.com catalogo.boticario.com.br
2 www.googletagmanager.com catalogo.boticario.com.br
2 gb-assets.grupoboticario.digital catalogo.boticario.com.br
1 js-agent.newrelic.com catalogo.boticario.com.br
1 vars.hotjar.com catalogo.boticario.com.br
1 geolocation.onetrust.com catalogo.boticario.com.br
1 stats.g.doubleclick.net catalogo.boticario.com.br
1 static.hotjar.com catalogo.boticario.com.br
1 fonts.googleapis.com catalogo.boticario.com.br
1 minhaloja-resources.grupoboticario.digital catalogo.boticario.com.br
1 www.googleoptimize.com catalogo.boticario.com.br
48 17
Subject Issuer Validity Valid
*.boticario.com.br
Amazon		 2021-11-26 -
2022-12-25		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.grupoboticario.digital
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.configcat.com
AlphaSSL CA - SHA256 - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://catalogo.boticario.com.br/
Frame ID: E44D2CE9070D57F9701A8D39132D0004
Requests: 47 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: D16AE837E3DCB9697964591BA4FBFA42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Catálogo Digital - O Boticário

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

48
Requests

100 %
HTTPS

53 %
IPv6

14
Domains

17
Subdomains

18
IPs

4
Countries

926 kB
Transfer

2598 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
catalogo.boticario.com.br/ 		57 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ad1bbab583182bbfe4269f192e666ae4996782f342522130daafc5b7547f4e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Thu, 23 Dec 2021 12:18:50 GMT
x-amz-version-id
null
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
referrer-policy
same-origin
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-encoding
gzip
date
Thu, 23 Dec 2021 14:43:32 GMT
cache-control
max-age=300, public
etag
W/"f7b108236833fbfed5a5d495141fdda8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
0EVNySvANIUvOhXm5jI2E504pxqQN_FV7zFEdrdDU3Qt5xqCit2k9w==
newRelicSnippet.js
catalogo.boticario.com.br/ 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/newRelicSnippet.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
263a9339bdd8eea753f25cf1d1c44f7b31ffa59e62141eae9907854f41262b0e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8606
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:51 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"16c5ee021275a1b2260f70999db031c6"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
q978g4-yNRQkbYWQvcA44PBw47vGaApVXsBB_v7nPSheNWS1Md1ddg==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BXRr8anumVFsMvgN5QlueA==
age
16
vary
Accept-Encoding
content-length
6508
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 17:08:36 GMT
server
cloudflare
etag
0x8D9C17FDD6FB88D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00935058-301e-0038-2175-f399bf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c225cd9793df92f-MXP
optimize.js
www.googleoptimize.com/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-WXLHS7T
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba27002aa86d95d35ec785bb5e03956c0a79aad6737402175357aa337733025d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35915
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Dec 2021 14:43:31 GMT
domainesanstext.css
gb-assets.grupoboticario.digital/boticario/font/domaine-sans-text-regular/ 		1 KB
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gb-assets.grupoboticario.digital/boticario/font/domaine-sans-text-regular/domainesanstext.css
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50d6cfe51b6905f33ca2e583c7a6880eb528b3d02cdc949ac1210c265c5160bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D3eCdhIU0Hu8_lVbAR0Pjs8mSoHv84tz
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 14:22:55 GMT
server
AmazonS3
age
5833
etag
W/"2e8cb508fdf2175ed8618cf40521c263"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea9.cloudfront.net (CloudFront)
date
Thu, 23 Dec 2021 13:06:19 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
SuSnxhvhJ7x13ik0wZOOwwjx8elOoliHFT-s5Q4TcmZfUSj9UTxUWg==
page_1.jpg
minhaloja-resources.grupoboticario.digital/magazine/81/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minhaloja-resources.grupoboticario.digital/magazine/81/page_1.jpg
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2e9c6b5d03f716d2650135da9e29c996f40b13dd6325451a6ab5b0b1cc98c2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
etag
"38059604b1840e80e58f4e2c8febb7f1"
last-modified
Fri, 26 Nov 2021 15:06:12 GMT
server
AmazonS3
age
82271
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 22 Dec 2021 15:52:21 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
127664
x-amz-cf-id
1kOFc3c7QUHGbZFSXk-8qLGpq6D0w8lS4WdjGPVKW3VqeNrXD9IYpw==
32807b2c56a756874f58.css
catalogo.boticario.com.br/_next/static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/css/32807b2c56a756874f58.css
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7873e511bbbbc71e491633c59bcab3efab560831df81ac6c536177021b0dbd44
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8606
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:46 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"7a7e1a264231d7b9a40ab4a5a110a802"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
text/css
x-amz-cf-id
M8T6_O-i3KBue0zteTLrL-w-6GAwI2VWWHubFgvU0mQ2KN6bf2Wmrg==
webpack-86c273b5dbb8cffbed54.js
catalogo.boticario.com.br/_next/static/chunks/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/webpack-86c273b5dbb8cffbed54.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c54f914c47dd9826bf7a48c7b3f6daf482010c980b4ca92268c4f311a03e22c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:46 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"ac53f8b03872b4e7a0171bef8010bfc5"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
fU0JqqSWZ-lsrT8k134ktDIuq6qJAPsBkYkNQGUfhRuS5LaWKQCj8w==
framework-6112039f861e80a04131.js
catalogo.boticario.com.br/_next/static/chunks/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/framework-6112039f861e80a04131.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
064350552f0b6d31f6285efb04899c93a36d77d1c6227e5d4300a7784af9cf05
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:43 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"89111a11a813e41539dcb5b83307bad4"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
e3rARxyRr0EoXSyKvr4FGWN33DkgPOSF5rqB-7qTOJEOCj7zJAaHyA==
main-0c48f46bf66f7dce1c98.js
catalogo.boticario.com.br/_next/static/chunks/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/main-0c48f46bf66f7dce1c98.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e73a75db5565d34475a430b782901cbb2fd0bf706afb4b0f6dcbe84a2c3e88f7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:43 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"aba6e945bdf0ee22978a32bec6998e79"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
4LV4kRpE6ClECYF00enqLChl4VuCiLGMNtQM6JIRv3k__Jes-4wRBg==
_app-f3b2ed3816304a67e2bd.js
catalogo.boticario.com.br/_next/static/chunks/pages/ 		543 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/pages/_app-f3b2ed3816304a67e2bd.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfe27fdf0bdc06c36fbef29396bf7fe66eb809e61b0105f6b9e1afc332b65ff5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:44 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"e29060da4f17f7abceeb990c31c89f70"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
UaDiUjqOJirtWjZ166bIZthC76xBZi_vV9gXjY_FS1PM04HHORhTQA==
381-d5b4aaf383e813bbb256.js
catalogo.boticario.com.br/_next/static/chunks/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/381-d5b4aaf383e813bbb256.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be1aea13e259cfde04915cf3f1313edb394d806e6ab7bafe0720eb483fc20571
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"eb7e07349b765d6c9275a7a6c80d021d"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
bGyvKZ61sGDwWRpBhUQpXTuHB9hwrhVZ_nqIMttQfkMJWnS17fgaZg==
579-7763415cd49c2ef4a34f.js
catalogo.boticario.com.br/_next/static/chunks/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/579-7763415cd49c2ef4a34f.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b39b3e571ca6d7a0ee8212b2c8494026e0e55f43bebcf6df9e5c1bcb14f5eeb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:43 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"dae1c33270ec6f91710532c9165e20fc"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
ad9fNz2oTSWm4Z2jqetLe2B-ynxvWM4Qmz7jOCtGvKzdNbXCJoLYFA==
591-6def4fa5d150d5367966.js
catalogo.boticario.com.br/_next/static/chunks/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/591-6def4fa5d150d5367966.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00ed7de711b2ecc530018e8c0c95a68ddcd3a2e38892acca94d03889f4c3e4dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:43 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"5b1612d84f834beb7801654472802117"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
sf257z34mYL1WUBSACTzk_1bgngbGvYXmu1IFBInEat2H0eJeKVmYQ==
index-5d7ca5e9187f9b60d42a.js
catalogo.boticario.com.br/_next/static/chunks/pages/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/pages/index-5d7ca5e9187f9b60d42a.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1136a4c0683d5789b0ea442b9d934b4410a25e59b78a5ed1ae0426292ec04026
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:45 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"fa1291aa431d5ba151206a4fa905d0fd"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
i5q5PCCFqCr5YfT4q6dILVYSD5cZuMOrkoCQJBDstMebGmC56oO_Sg==
_buildManifest.js
catalogo.boticario.com.br/_next/static/5yrPmfNqxnNNE-xfsdV-w/ 		956 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/5yrPmfNqxnNNE-xfsdV-w/_buildManifest.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
641d69752073e74ed9d415d709d183630d745b95b209f42033289083424077c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
content-length
956
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"f3c5e867f321f5f394c7abf220bfb88e"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
h9kP8xZCHMhHU05NmFVx4_-3fE0sZa2p38SMRlNQkFv8fW_5u3LJww==
_ssgManifest.js
catalogo.boticario.com.br/_next/static/5yrPmfNqxnNNE-xfsdV-w/ 		144 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/5yrPmfNqxnNNE-xfsdV-w/_ssgManifest.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68b1a4c13c58e36c035d266907388766090dcc5d2511ff31416e572e3d543c64
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
content-length
144
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"598ccf38ba64a6e16f24b271057021e8"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
zT_yhocgZckRxaL4WLRTVrFo6nHpq3IGNv3-Xija8OgZHXQe94e52A==
css2
fonts.googleapis.com/ 		1 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:wght@500;700&display=swap
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54b196f04c0a8c36924474f313470b1db0167b7f5bd305ba4ff366dddb56e7b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 14:12:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 14:43:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 14:43:31 GMT
logo-white.svg
gb-assets.grupoboticario.digital/boticario/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gb-assets.grupoboticario.digital/boticario/logo/logo-white.svg
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
607fd67a41aff02b3606870a17749be5401118cc31d8cfb4387597c121b4fcb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
b_QvmgWeN55KWQFDKInD8Qhj0dQfFkAG
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 18:51:06 GMT
server
AmazonS3
age
79802
etag
W/"7b28c43ca60f8c2b18e2ce11671d0228"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea9.cloudfront.net (CloudFront)
date
Wed, 22 Dec 2021 16:33:30 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
vdHnGZ5fRki69xmJvFj5GVMf_mTI5SQwaU2UKRLTKzREOKDU1ksbsg==
gtm.js
www.googletagmanager.com/ 		166 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF792X4
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea1b44e81271f12af86bb525b514d2fd7eae550f2c56a753a138dbfbb00033f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59610
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Dec 2021 14:43:31 GMT
cf6a4d13-e0e4-438e-b996-ac274cc774e6.json
cdn.cookielaw.org/consent/cf6a4d13-e0e4-438e-b996-ac274cc774e6/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cf6a4d13-e0e4-438e-b996-ac274cc774e6/cf6a4d13-e0e4-438e-b996-ac274cc774e6.json
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c749aac06d936cdce127e1980d371f88208fc1a397675c3240a6b8d39a2a4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
OIcqKnAvJWxClXEultEJFA==
vary
Accept-Encoding
content-length
1212
x-ms-lease-status
unlocked
last-modified
Wed, 19 May 2021 10:42:59 GMT
server
cloudflare
etag
0x8D91AB2DEA25CF6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2644bd3b-c01e-002d-2d7e-f65b26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c225cda2b903761-MXP
expires
Thu, 23 Dec 2021 18:43:31 GMT
config_v5.json
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,x-configcat-useragent
Origin
https://catalogo.boticario.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 14:43:31 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language
access-control-expose-headers
Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
access-control-max-age
1728000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c225cdaba75690a-FRA
config_v5.json
cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/ 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-global.configcat.com/configuration-files/9D3YCJhyTUOPJjMCSwiK0g/UwYPlWK-2UGO5uENhLY5gA/config_v5.json
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b

Request headers

X-ConfigCat-UserAgent
ConfigCat-JS/a-4.6.1
Cache-Control
no-cache
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 21 Dec 2021 22:44:54 GMT
server
cloudflare
etag
W/"61c258e6-56c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
cf-ray
6c225cdadab6690a-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-ConfigCat-UserAgent,If-None-Match,Pragma,Accept-Language
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6145
date
Thu, 23 Dec 2021 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 15:01:06 GMT
hotjar-2377802.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2377802.js?sv=7
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5614ccc79c207d3e8e6f77e5b7a9943ad3ec2adb1d51feda07addbe6e4dae919
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
DUS51-P2
etag
W/fe1e3bc9eb4b6e40486533f94c877bba
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
zI8m3YdQ98fgD93n0fEVUCRwClHQNySJllLLHel92RMAaC9iJe--NQ==
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
collect
stats.g.doubleclick.net/j/ 		1 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1894405-27&cid=1974317783.1640270612&jid=1215041944&gjid=1332980005&_gid=536263823.1640270612&_u=YGBAgEABAAAAAE~&z=1289216919
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Dec 2021 14:43:31 GMT
content-type
text/plain
access-control-allow-origin
https://catalogo.boticario.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=365729279&t=pageview&_s=1&dl=https%3A%2F%2Fcatalogo.boticario.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Cat%C3%A1logo%20Digital%20-%20O%20Botic%C3%A1rio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1215041944&gjid=1332980005&cid=1974317783.1640270612&tid=UA-1894405-27&_gid=536263823.1640270612&gtm=2wgc10PF792X4&cd3=GTM-PF792X4%3A18&cd2=1974317783.1640270612&z=706072770
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 18:40:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72202
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		193 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c225cdb8a945a13-MXP
modules.6d5409da698bc5e020b1.js
script.hotjar.com/ 		228 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6d5409da698bc5e020b1.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-6.fra56.r.cloudfront.net
Software
/
Resource Hash
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 16:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
167605
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61259
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 16:09:54 GMT
etag
"a250696209ae851dce97a4101057f333"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
_nhjRctDrxyBQpsa6ngypIdDisJSJNkWuMg39r21_rGYZHghNfJrKA==
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame D16A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
1044
date
Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6215abf691a11c2f451680e635d30daa"
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
smGu0cGJdeCNS3VWHX60hXdBTHp6MoRkbdiYQimn46LIUeUJns1paw==
age
1810225
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.18.0/ 		377 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cIchS4lr7UaDx9LQCq2apA==
age
5675729
vary
Accept-Encoding
content-length
85787
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:55 GMT
server
cloudflare
etag
0x8D91E52BCFB1A90
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9392e537-f01e-016e-036c-c4379a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c225cdbdc7bf92f-MXP
pt.json
cdn.cookielaw.org/consent/cf6a4d13-e0e4-438e-b996-ac274cc774e6/ab330c12-9ad3-4177-9183-63541ae111ae/ 		28 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cf6a4d13-e0e4-438e-b996-ac274cc774e6/ab330c12-9ad3-4177-9183-63541ae111ae/pt.json
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18c2a5bb6596e703714e13683d228dfaa18f516a96c043ab5718d092988f9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
AHw2yc4XaLhG58L7ULW2ew==
vary
Accept-Encoding
content-length
9480
x-ms-lease-status
unlocked
last-modified
Wed, 19 May 2021 10:43:03 GMT
server
cloudflare
etag
0x8D91AB2E15835D5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
581d4f79-601e-0081-44aa-f47ab1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c225cdc3f513761-MXP
expires
Thu, 23 Dec 2021 18:43:32 GMT
preact-incoming-feedback.9867410387ebb03c6c9c.js
script.hotjar.com/ 		145 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/preact-incoming-feedback.9867410387ebb03c6c9c.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-6.fra56.r.cloudfront.net
Software
/
Resource Hash
402f1cb3dfe1e0c28bb56158a8bd0a3807a5f7e163b483824d6ea80d536eed9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 16:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
167605
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
29367
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 16:09:54 GMT
etag
"6a6fb30ce9c0080c660d903307f4a561"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
TZB4q6V-rttaNbXIqRq-64ynC6tAs_2VBPL414xrcETy79iFUU8Dow==
nr-spa-1208.min.js
js-agent.newrelic.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1208.min.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
content-encoding
gzip
etag
"d9d4f5c3991c0454eca3e6b2ddfe31d9"
x-amz-request-id
EKGHQKF9P5NKCBFH
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15815
x-amz-id-2
L8ekY0vEjZ1dwdO7sFoVMeBwSvBtWRMqiwljplWmrVSlan+Hy0TRaiHlOTSucQxVLZFdNZoXGRY=
x-served-by
cache-hhn4071-HHN
last-modified
Wed, 10 Mar 2021 16:24:31 GMT
server
AmazonS3
x-timer
S1640270612.004295,VS0,VE0
date
Thu, 23 Dec 2021 14:43:32 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1160
rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://catalogo.boticario.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:14:44 GMT
x-content-type-options
nosniff
age
66528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18296
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:00:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 20:14:44 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=OPT-WXLHS7T&cv=3&t=ol&p=opts&l=54&q=0&f=78&e=8&i=2&d=-122&hc=0&sr=0.050000&ps=0.014384198146614846&cb=347071645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 14:43:32 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
acessibilidade-b32df633f5c234813810.js
catalogo.boticario.com.br/_next/static/chunks/pages/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/pages/acessibilidade-b32df633f5c234813810.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:45 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"f9d7c09c741bc2f36bcef80c4e9e6889"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
-Ntm7NNzUhOlUn0Nv8EUHj56q6gJ4277HLOYcTU96UTndIZJBuwzlw==
visualizar.json
catalogo.boticario.com.br/_next/data/5yrPmfNqxnNNE-xfsdV-w/sp/ 		246 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/data/5yrPmfNqxnNNE-xfsdV-w/sp/visualizar.json
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0259739936f9b7a311a3c7fd384ddbeb8f0213e2eb394ffb628306b782b73290
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7972
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:41 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"3109057917bc1447da8b8a65ab58f76b"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/json
x-amz-cf-id
aOG7KZbaTuo2jkongX9x3Br5cZzuUDItI-_QIr7H1mKltpT6MA6fHw==
381-d5b4aaf383e813bbb256.js
catalogo.boticario.com.br/_next/static/chunks/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/381-d5b4aaf383e813bbb256.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"eb7e07349b765d6c9275a7a6c80d021d"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
cjQTls-irLmNVrWIJb3EtdqlY8ZeJrZaSxpkbTiP2M4HGBWOveWzSA==
210-ec24ad32fdf4c26f08b4.js
catalogo.boticario.com.br/_next/static/chunks/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/210-ec24ad32fdf4c26f08b4.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"049207874b16cb958d342c2d0ac31c27"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
VPHWsGKLpzJdg39-Q4pntvSnDjdNgM_4h2gDdtHtS2_R1fyCLedozg==
visualizar-fdb37e319ea8824951b8.js
catalogo.boticario.com.br/_next/static/chunks/pages/%5Buf%5D/ 		0
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/pages/%5Buf%5D/visualizar-fdb37e319ea8824951b8.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:44 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"4601c6d70585e291588a28dba7f2ca54"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
BSSCl005LwNWKTGQdYhGFlYQUB8vnRthm1EUysBSvR6vo6ydRuyuAQ==
NRJS-d142cb7d067b4c9c598
bam.nr-data.net/1/ 		57 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-d142cb7d067b4c9c598?a=494870457&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1585&ck=1&ref=https://catalogo.boticario.com.br/&be=980&fe=1540&dc=1163&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1640270610438,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:34,%22c%22:34,%22s%22:40,%22ce%22:60,%22rq%22:60,%22rp%22:931,%22rpe%22:932,%22dl%22:935,%22di%22:1046,%22ds%22:1162,%22de%22:1162,%22dc%22:1538,%22l%22:1539,%22le%22:1540%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22userId%22:%22d88e6d91-0c0c-4b27-8806-7254132e565e%22%7D&jsonp=NREUM.setToken
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otFloatingFlat.json
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a47d29e15cedbe0960171f77682c84f375f79724837612f113970030d31b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Dec 2021 14:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
2Q6lSm5lQcxi/2L1bJyO5Q==
vary
Accept-Encoding
content-length
2685
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:48 GMT
server
cloudflare
etag
0x8D91E52B8C6B563
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1c7ab743-901e-00db-6eaa-f47c30000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c225cdd596f3761-MXP
acessibilidade-b32df633f5c234813810.js
catalogo.boticario.com.br/_next/static/chunks/pages/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/pages/acessibilidade-b32df633f5c234813810.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96c87ab5b1903d575dfe574723a04067fca8a04b0081cb19a03f922b930c5417
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:45 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"f9d7c09c741bc2f36bcef80c4e9e6889"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
_vZ3LPb9uDkuO9xVGyYYXBzlEti0mRDHGOtyCuX1E6Gp6NBQJPW04g==
210-ec24ad32fdf4c26f08b4.js
catalogo.boticario.com.br/_next/static/chunks/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/210-ec24ad32fdf4c26f08b4.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e34e47caf18df3d93ab67a2bed46e8e3825dcc7de41b60ceff1385357d4ed67c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"049207874b16cb958d342c2d0ac31c27"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
yrQxX0pHyITseVlgpiFZcGAm0Pfdug5GjKUVIDhsdRSKH3lJjeBz5Q==
visualizar-fdb37e319ea8824951b8.js
catalogo.boticario.com.br/_next/static/chunks/pages/%5Buf%5D/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://catalogo.boticario.com.br/_next/static/chunks/pages/%5Buf%5D/visualizar-fdb37e319ea8824951b8.js
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a58cd57703355aecada87b93f7a19170019beea0a7c6ed2efa541ac54ff18ebb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://catalogo.boticario.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7973
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 12:18:44 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"4601c6d70585e291588a28dba7f2ca54"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
null
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
M2KV9XSIu0WAIc9ZOkbJPyEfhhsTvDCqcNWoXX9m7FwgcqWAc8FRQA==
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://catalogo.boticario.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 18:13:39 GMT
x-content-type-options
nosniff
age
160193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18244
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:00:14 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 18:13:39 GMT
NRJS-d142cb7d067b4c9c598
bam.nr-data.net/resources/1/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/NRJS-d142cb7d067b4c9c598?a=494870457&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1995&ck=1&ref=https://catalogo.boticario.com.br/&st=1640270610438&ja=%7B%22userId%22:%22d88e6d91-0c0c-4b27-8806-7254132e565e%22%7D
Requested by
Host: catalogo.boticario.com.br
URL: https://catalogo.boticario.com.br/newRelicSnippet.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://catalogo.boticario.com.br
Access-Control-Allow-Credentials
true
Content-Length
0

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| NREUM object| newrelic function| __nr_require function| hj object| dataLayer object| google_tag_manager object| google_optimize object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| hotkeys number| 2f1acc6c3a606b082e5eef5e54414ffb object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_data string| GoogleAnalyticsObject function| ga object| _hjSettings object| gaplugins object| gaGlobal object| gaData function| jsonFeed object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| otStubData object| Optanon object| OneTrust

11 Cookies

Domain/Path Name / Value
.boticario.com.br/ Name: _ga
Value: GA1.3.1974317783.1640270612
.boticario.com.br/ Name: _gid
Value: GA1.3.536263823.1640270612
.boticario.com.br/ Name: _dc_gtm_UA-1894405-27
Value: 1
.boticario.com.br/ Name: _hjSessionUser_2377802
Value: eyJpZCI6IjI1Zjg0YzhkLTdiZDUtNThkOC1hNzE0LTQwOTQ1OGQzZDgxYiIsImNyZWF0ZWQiOjE2NDAyNzA2MTE3OTAsImV4aXN0aW5nIjpmYWxzZX0=
.boticario.com.br/ Name: _hjFirstSeen
Value: 1
.boticario.com.br/ Name: _hjSession_2377802
Value: eyJpZCI6IjgzMzg5Y2FiLWY0NTktNGI4Ny1hNjQ3LTc0ZWUxMDc0OTUyYyIsImNyZWF0ZWQiOjE2NDAyNzA2MTE4NjZ9
catalogo.boticario.com.br/ Name: _hjIncludedInSessionSample
Value: 0
.boticario.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 0
catalogo.boticario.com.br/ Name: _hjCachedUserAttributes
Value: eyJhdHRyaWJ1dGVzIjp7InVzZXJfaWQiOiJkODhlNmQ5MS0wYzBjLTRiMjctODgwNi03MjU0MTMyZTU2NWUifSwidXNlcklkIjoiZDg4ZTZkOTEtMGMwYy00YjI3LTg4MDYtNzI1NDEzMmU1NjVlIn0=
.catalogo.boticario.com.br/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Dec+23+2021+14%3A43%3A32+GMT%2B0000+(GMT)&version=6.18.0&hosts=&consentId=8f7dc68c-1d80-42e2-967a-3ad30c673dea&interactionCount=0&landingPath=https%3A%2F%2Fcatalogo.boticario.com.br%2F&groups=C0001%3A1%2CC0002%3A1
.nr-data.net/ Name: JSESSIONID
Value: 5ee03b817889b36f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: *; img-src 'self' s3.us-east-1.amazonaws.com *.cookielaw.org *.hotjar.com *.hotjar.io *.eudora.com.br nominatim.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.boticario.com.br *.oboticario.com.br *.googleapis.com *.google.com *.google.com.br *.googleapis.com *.grupoboticario.digital *.grupoboticario.com.br edbr.vteximg.com.br res.cloudinary.com *.google-analytics.com *.s3.amazonaws.com *.googletagmanager.com *.facebook.com *.pinterest.com data: blob: ; connect-src 'self' *.eudora.com.br *.boticario.com.br *.openstreetmap.org *.documentforce.com *.force.com *.salesforce.com *.salesforceliveagent.com *.oboticario.com.br *.grupoboticario.digital *.grupoboticario.com.br cdn.cookielaw.org *.hotjar.com analytics.strapi.io wss://*.hotjar.com *.hotjar.io *.google-analytics.com *.googleapis.com *.onetrust.com *.s3.amazonaws.com *.g.doubleclick.net *.googletagmanager.com *.configcat.com *.nr-data.net *.pinterest.com *.tiktok.com blob:; script-src 'self' *.grupoboticario.digital *.grupoboticario.com.br *.googleoptimize.com *.force.com *.documentforce.com *.salesforce.com *.salesforceliveagent.com *.newrelic.com *.hotjar.com *.hotjar.io *.onetrust.com *.g.doubleclick.net *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.configcat.com *.nr-data.net *.google-analytics.com cdn.cookielaw.org *.google-analytics.com cdn.cookielaw.org cdn.tiny.cloud *.dwin1.com *.googleadservices.com *.facebook.net *.facebook.com *.cloudfront.net *.pinimg.com *.shoptarget.com.br *.tiktok.com *.linximpulse.net *.shopback.com *.chaordicsystems.com *.shopconvert.com.br *.shopback.net 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
catalogo.boticario.com.br
cdn-global.configcat.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
gb-assets.grupoboticario.digital
geolocation.onetrust.com
js-agent.newrelic.com
minhaloja-resources.grupoboticario.digital
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
108.157.4.110
108.157.4.113
108.157.4.121
108.157.4.128
108.157.4.7
151.101.2.137
162.247.242.18
18.66.112.6
2606:4700:10::6814:b844
2606:4700:10::6816:1a9f
2606:4700::6810:9540
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c08::9c
2a00:1450:4019:806::200a
00ed7de711b2ecc530018e8c0c95a68ddcd3a2e38892acca94d03889f4c3e4dd
0259739936f9b7a311a3c7fd384ddbeb8f0213e2eb394ffb628306b782b73290
064350552f0b6d31f6285efb04899c93a36d77d1c6227e5d4300a7784af9cf05
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
11007819187396a8ecfea1c297fc53956fd653ec19c02451ef83a814e9acfe0b
1136a4c0683d5789b0ea442b9d934b4410a25e59b78a5ed1ae0426292ec04026
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0
263a9339bdd8eea753f25cf1d1c44f7b31ffa59e62141eae9907854f41262b0e
3ad1bbab583182bbfe4269f192e666ae4996782f342522130daafc5b7547f4e2
402f1cb3dfe1e0c28bb56158a8bd0a3807a5f7e163b483824d6ea80d536eed9b
4b39b3e571ca6d7a0ee8212b2c8494026e0e55f43bebcf6df9e5c1bcb14f5eeb
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
50d6cfe51b6905f33ca2e583c7a6880eb528b3d02cdc949ac1210c265c5160bd
54b196f04c0a8c36924474f313470b1db0167b7f5bd305ba4ff366dddb56e7b5
5614ccc79c207d3e8e6f77e5b7a9943ad3ec2adb1d51feda07addbe6e4dae919
607fd67a41aff02b3606870a17749be5401118cc31d8cfb4387597c121b4fcb5
641d69752073e74ed9d415d709d183630d745b95b209f42033289083424077c4
68b1a4c13c58e36c035d266907388766090dcc5d2511ff31416e572e3d543c64
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7873e511bbbbc71e491633c59bcab3efab560831df81ac6c536177021b0dbd44
78c749aac06d936cdce127e1980d371f88208fc1a397675c3240a6b8d39a2a4f
79a47d29e15cedbe0960171f77682c84f375f79724837612f113970030d31b2c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
96c87ab5b1903d575dfe574723a04067fca8a04b0081cb19a03f922b930c5417
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a58cd57703355aecada87b93f7a19170019beea0a7c6ed2efa541ac54ff18ebb
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
ba27002aa86d95d35ec785bb5e03956c0a79aad6737402175357aa337733025d
be1aea13e259cfde04915cf3f1313edb394d806e6ab7bafe0720eb483fc20571
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
c2e9c6b5d03f716d2650135da9e29c996f40b13dd6325451a6ab5b0b1cc98c2f
c54f914c47dd9826bf7a48c7b3f6daf482010c980b4ca92268c4f311a03e22c8
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dfe27fdf0bdc06c36fbef29396bf7fe66eb809e61b0105f6b9e1afc332b65ff5
e18c2a5bb6596e703714e13683d228dfaa18f516a96c043ab5718d092988f9a8
e34e47caf18df3d93ab67a2bed46e8e3825dcc7de41b60ceff1385357d4ed67c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73a75db5565d34475a430b782901cbb2fd0bf706afb4b0f6dcbe84a2c3e88f7
ea1b44e81271f12af86bb525b514d2fd7eae550f2c56a753a138dbfbb00033f3